As the world wakes up to the news of the Russian invasion of Ukraine, cyber experts report that there has been an increase in cyber attacks on various Ukrainian institutions. The New Scientist explores the impact of a possible cyber war on various sectors. It holds far-reaching implications for all ecommerce businesses across the globe.
If you run an ecommerce store or sell anything online, one of the pressing issues that will keep you awake at night is fraud and chargebacks. According to Ravelin, online sellers will lose $130 billion to online payment fraud between 2018 and 2023. On average, online payment fraud costs global businesses 1,8% of revenue. On top of that, ecommerce businesses lose an extra $2.94 for every $1 of chargeback fraud. An interesting statistic to flag is that the average value per attempted fraudulent transaction rose from $416 in 2019 to $710 in 2020. Fraudsters are not just pumping up the volume of fraudulent transactions, they are also inflating the value.
So it makes sense to pay attention to identifying and preventing fraud. You, your financial team, and your bank manager will sleep much better at night.
Identifying online ecommerce fraud
Online merchants can identify online fraud in various ways. Just keep in mind that fraud evolves as fast as prevention systems do. You have to stay abreast of new schemes and identify red flags regularly. Here are some of the most common red flags to look out for.
- Order data that is inconsistent: If you see that the zip code and the city doesn’t match, there’s something wrong. The same applies to situations where the shopper’s IP address and email don’t match.
- Orders are larger than the average. Look at your customers’ spending patterns and flag any unusual transactions. Other flags to look out for are if the shopper orders multiple items of the same SKU (stock keeping unit) or insists on super fast delivery.
- Unusual locations: It’s extremely rare for people who, for example, live in Alaska to suddenly order from the middle of Australia. Their delivery address has changed to Australia and then back to Alaska on the next order.
- Various shipping addresses: The shopper orders from one billing address but ships all over the globe.
- Many transactions over a short period: It’s not Black Friday, and the shopper orders various items in quick succession.
- Multiple orders with multiple credit cards: Someone makes multiple transactions using a variety of different credit cards.
- Repeated declined transactions after one another: The shopper keeps on getting the CSV, card number or expiry date wrong and persists in trying to get the transaction through five, six, seven times.
- Strings of orders from a new country: You’ve never received an order from Sudan, for instance, and you get multiple orders from that country overnight.
Steps to prevent fraud
The key to avoiding being hit by a train is not playing on the train tracks. It’s a bit like that with various types of online fraud. It’s not good enough just knowing what to look out for when it happens. You also need to prepare for it and put measures in place to avoid it if you can.
Some of these measures are more technical than others. In some cases, excellent software will do the trick. In others, you have to rely on good old fashioned know-how. Here are some steps you can take to implement ecommerce fraud prevention strategies for your online store.
Regular site audits
To conduct these audits and stay ahead of criminals, ask yourself these questions:
- Check your shopping cart software and plugins. Are they up to date?
- Is your SSL certificate current and up to date?
- Are you PCI-DSS compliant (Payment Card Industry Data Security Standard)?
- Are your backups current?
- Check your passwords on your admin accounts, hosting dashboards, CMS, database, and FTP access. Are they strong enough, and do you change them regularly?
- Do you scan your site for malware regularly?
- Do you encrypt communication between your store, customers and suppliers?
- Have you deleted inactive plugins?
If you run an online store, you are familiar with Payment Card Industry (PCI) compliance requirements. These compliance measures are set by a global PCI council including brands like Mastercard, Visa and American Express. They are not optional, and they’re strictly enforced to ensure that companies deal with consumer payment information securely. If you want to get your head around what PCI compliance entails, you can have a look at the PCI Security Standards website. To ensure you are protected on all fronts choose a payments provider that has these security features built into their products. Truevo ensures that there is PCI compliance in all our solutions so that you can rest assured that you are protected. That’s why it makes sense to choose us as your payment provider. Well, that’s not the only reason, but it’s a good one.
Watch this space for more steps to protect your ecommerce store from online fraud next week.