Sophisticated fraudsters increasingly bypass traditional defenses through tactics such as redirecting shipments, using malware-controlled botnets, exploiting click-and-collect pickups, and abusing weaknesses in alternative payment options. Basic controls like matching names and addresses or checking security codes are no longer enough on their own. A comprehensive fraud management strategy that layers IP and device analysis, geolocation, biometrics, and human review through a managed services solution helps merchants approve more legitimate sales while stopping fraud.
Running a business is expensive, and e-commerce merchants in particular need to watch their bottom line. Too often, fraud management solutions are viewed as an unnecessary expense. After all, merchants are confident they know what fraud looks like and how to stop it.
But the numbers tell a different story:
- CNP fraud losses among U.S. retailers are expected to surpass $7 billion by 2020.
- It’s estimated that 1 of 100 transactions result in chargebacks — and 86% of these chargebacks are fraudulent.
- Merchants could lose $71 billion to card-not-present fraud over the next five years.
- Every $1 of mobile fraud costs retailers $3.34 — the highest LexisNexis Fraud Multiplier cost of any payment channel.
To keep up with evolving fraud tactics, online retailers must have the solutions in place to spot and prevent fraud before it impacts their sales and profits. Fraudsters never pass up an opportunity to commit fraud, so merchants should never miss an opportunity to proactively defend themselves and their customers against online threats.
Why Online Fraud Is Increasing
Fraudsters are clever, there’s no doubt about it. And with the increasing availability of stolen consumer data, they’re increasingly brazen in their attempts to breach typical e-commerce security solutions.
Several recent cases of online credit card fraud underscore just how hard these innovative thieves are to catch:
- Redirecting FedEx shipments. In a new fraud pattern, thieves intercept transactions by calling a shipping company, posing as a merchant and requesting a change in the delivery address of a package. Once the package is sent to the new address (usually a freight forwarder), it’s never seen from again. The result is an expensive chargeback for the merchant when the legitimate customer calls to report that the package never arrived.
- Using malware-controlled botnets. Cybercriminals are quite fond these days of launching botnets to harvest sensitive banking and financial data from the users of infected devices. They then use the data to quickly make fraudulent purchases from multiple retailers.
- Placing “click and collect” In the latest display of instant gratification, customers place an order online and then drive to a brick-and-mortar store, where their order is waiting for them. However, these merchants often don’t require the customer to present the credit card used for the transaction — or even an ID — to get their goods. Fraudsters take advantage of this lapse in security, using stolen data to purchase high-value goods online and safely picking up their goods in the store.
- Exploiting the weaknesses of alternative payment options. Some experts peg the fraud rate on non-traditional payment methods like Apple Pay to be as high as $6 per $100 of transactions — all because fraudsters can easily add stolen credit card numbers to Apple Pay accounts and credit card-issuing banks aren’t properly provisioning cards.
How Merchants Can Protect Themselves From Clever Fraudsters
Luckily, increased fraud exposure doesn’t have to translate to increased financial losses. Although no fraud protection strategy ever protects a business completely from savvy fraudsters, proactively implementing the right solution helps dramatically.
But online merchants can’t become complacent. Implementing one solution often simply causes fraudsters to probe for weaknesses in other areas. Fighting fraud is a 24/7/365 business.
This means merchants can no longer rely on traditional fraud prevention methods, like matching names and addresses, using AVS controls, and requiring card security codes. If merchants don’t look beyond the superficial details for the broader patterns at play, they’ll miss key patterns and risk approving fraudulent transactions.
Instead, a smarter approach is to implement a comprehensive fraud management strategy that includes such proactive measures as:
- Looking at the IP addresses of orders to ensure they’re different
- Checking the device IDs of orders, which are even stronger identifiers than IP addresses
- Employing advanced solutions, such as IP geolocation, real-time transaction-tracking tools and customer profile databases
- Requiring challenge questions that are known only to the legitimate cardholder
- Establishing biometric identifiers, such as fingerprint scans or facial recognition, to verify a customer’s identity
- Sending one-time passwords to a customer’s mobile phone to authenticate transactions
A managed services solution is perfect for this detail-oriented approach. It not only stops fraudulent transactions before they’re processed, it also saves retailers from tens of thousands of dollars in losses and builds customer trust.
With a managed services solution, e-commerce merchants effectively hire a team of experts who work around the clock, using precision screening techniques to review questionable transactions in lieu of automated denials. This sophisticated approach ensures merchants can approve more legitimate sales and retain more customers over the long term, while still protecting themselves from fraud.
Fraudsters are always looking for an easy target, and e-commerce is their bullseye. Don’t let your online business be the next victim.
For more insight into the advantages of managed services, download our new eBook, “Is a Fraud Managed Services Solution Right for Your Business?”
Frequently Asked Questions
How do fraudsters redirect shipments to commit fraud?
Thieves call a shipping company, pose as the merchant, and request a change to the delivery address, often to a freight forwarder. Once the package is sent to the new address it is never seen again, and the merchant faces an expensive chargeback when the legitimate customer reports the package never arrived.
How do fraudsters exploit click-and-collect orders?
Customers place an order online and pick it up at a brick-and-mortar store, but many merchants do not require the customer to present the credit card used or even an ID. Fraudsters exploit this lapse by using stolen data to buy high-value goods online and safely picking them up in store.
Why are traditional fraud prevention methods no longer enough?
Methods like matching names and addresses, using AVS controls, and requiring card security codes only check superficial details. If merchants do not look beyond these for broader patterns, they will miss key signals and risk approving fraudulent transactions.
What proactive measures make up a comprehensive fraud strategy?
Effective measures include checking order IP addresses and device IDs, using IP geolocation and real-time transaction tracking and customer profile databases, requiring challenge questions, establishing biometric identifiers like fingerprint or facial recognition, and sending one-time passwords to authenticate transactions.
How do botnets contribute to online fraud?
Cybercriminals launch malware-controlled botnets to harvest sensitive banking and financial data from infected devices. They then use that data to quickly make fraudulent purchases across multiple retailers.
What advantage does a managed services solution offer?
A managed services solution stops fraudulent transactions before they are processed and effectively gives merchants a team of experts working around the clock. Using precision screening instead of automated denials, this approach helps approve more legitimate sales and retain more customers over time.
Stop fraud before it costs you
ClearSale's AI-powered fraud prevention reviews every order and backs it with a chargeback guarantee, so you approve more good orders and fight fewer disputes.



.jpg)