According to the Association for Financial Professionals 2019 Report on Payments Fraud and Control survey, 82% of companies were targets of payments fraud last year. While old fashioned check fraud is on the decline, it's been more than offset by the growth in fraud committed through wire transfers and Automated Clearing House debit and credit transactions – the main source of revenue for the eCommerce industry.

With statistics like that, any company engaging in eCommerce has good cause to be worried. Here is some helpful information to assist you in coping with this serious issue.

The scope of the problem

The number of organizations reporting payments fraud was 20 percentage points higher in 2018 than in 2014. Business Email Compromise, another type of fraud that targets companies which use wire transfers and have suppliers abroad, is also on the rise. In 2018, 54% of organizations suffered financial loss as a result of BEC, an increase of 8% over 2017.

Online shopping checkout screenFraud protection is becoming a critical concern for eCommerce businesses.

J.P. Morgan, which sponsored the AFP study, pointed out that one-fourth of the organizations surveyed did not receive any advice from their banks on how to lessen the risks of same-day credit and debit clearances. As a proactive approach, J.P. Morgan emphasized the importance of all businesses taking preventive measures to protect payments, including educating employees on current fraud practices and putting into place the products and processes necessary to safeguard corporate assets and data from cyberfraud.

Types of fraud

Merchant Risk Council outlined the seven most common types of eCommerce fraud:

  • Refund fraud – The swindler makes an overpayment with a stolen credit card. Then they contact the business, asking to be reimbursed through an alternative method because the account they originally used has been closed. In most cases that original charge can't be refunded to the merchant, leaving the company liable for the full amount owed to the true card holder.
  • Credit card fraud – The fraudster makes online purchases with a card, whether the card is in their physical possession or not. The merchant is responsible for verifying that the person purchasing the items is the correct cardholder. If the company does not do this, it is liable for the full amount.
  • Merchant fraud – Common during the holiday shopping season, this involves someone (like an employee) selling and receiving payment for items that are nonexistent. The business generally has no way of knowing of these deceitful transactions, but it would be responsible to the person and the merchant for reimbursement.
  • Identity theft – An online purchase is made using a different identity –  a false name and address with someone else's credit card information.
  • Phishing – People receive an email asking for their user ID, password, and credit card information under the guise of a company they may already be doing business with. If they unknowingly supply the information online to the fraudster's website or email address, they could be out hundreds or thousands of dollars.
  • Card testing – The perpetrator creates and tests a credit card number online to see if it will work. Some websites will reject the number but give the reason why, helping the criminal figure out what they need to get the formula correct.
  • Friendly or chargeback fraud – An online consumer will make a purchase, and then ask for a chargeback because they claim the item was never received, or that their card was stolen. The request usually occurs after they receive the merchandise.

Protective measures

There are a whole slew of approaches taken by eCommerce businesses, some more successful than others. The Federal Reserve Bank of Minneapolis reported that these fraud prevention techniques have been especially effective for very large retailers with over a billion dollars in sales: out-of-band authentication, enhanced cardholder verification at registration/enrollment for a new card on file account, proprietary fraud models and purchase velocity checks.

Other methods include:

  • 3D Secure, Verified by Visa or similar
  • Requiring the CV or security code from the card
  • Geolocation to identify deceptive transactions
  • Scrutinizing high-risk, large-ticket or digital merchandise purchases
  • Shipping address verification
  • Checking cell phone or computer device data for consistency with prior purchases
  • Taking a close look at transactions with escalated or rush shipment requests

If you're looking for ways to beef up your eCommerce security measures, it also helps to consult a supplier that knows the ins and outs of fraud protection. One example is Jagged Peak, which offers a wide range of services – all the tools, technology and services you need to succeed in the world of eCommerce.