James Packer, Esq., SignatureLink COO & General Counsel
Everyone involved with payment acceptance knows eCommerce and mobile fraud is responsible for billions of dollars in losses every year. What isn’t as obvious is that small and mid-sized online retailers are not only aware of the need for fraud prevention, they’re actively trying to combat it. But eCommerce fraud is a rapidly growing problem in spite of their best efforts, and a study conducted by eCommerce stabilizer SignatureLink shows that instead of taking the shotgun approach to fighting fraud, 90% of retailers would be better served by focusing on some key actions that eliminate the costly problem of blatant fraud and CybershopliftingTM, also known as “friendly fraud.”
We undertook the SignatureLink SecureBuy™ 2012 CNP Fraud Study in an attempt to quantify what we knew about online retailers’ response to online payment fraud. During August and September 2012, 379 online and bricks-and-mortar merchants participated in the study. They answered questions about their antifraud efforts and the effects of eCommerce fraud on their businesses. The resulting data provided greater insight into what merchants are getting right and shined a spotlight on the areas in which they’re missing the mark.
Unfortunately, current active verification processes are uncomfortable at best for many shoppers who are already wary of providing too much information online, especially during their first interaction with an eCommerce site, and, although active verification is an effective way to thwart fraudsters, shopping cart abandonment becomes an issue with legitimate customers. For the 65% of online retailers using active verification, that translates to lost revenues.
An even more convincing argument against current fraud screening procedures centers on human capital. Across the board, approximately 55% of retailers’ fraud budgets are spent on the personnel required to manually review suspected fraudulent transactions. The other 45% of the retailers’ fraud budgets are spent on deploying an average of eight fraud screening applications. It is obvious that current fraud screening methods are not working as well as we may think.
At SignatureLink, we advocate true risk-based authentication. Risk-based authentication, which looks at many different variables in real-time to determine whether a shopper is a fraud risk and only invokes active authentication if the shopper is flagged based on those variables, has long been on the wish lists of just about everyone in the online payments industry, but it has never been anything more than a pipe dream — until now. With the upcoming release of SecureBuy™ 2.0, true risk-based authentication is finally available to all eCommerce merchants. The authentication process is completely automated, eliminating the expense and bottleneck of manual review and ultimately increasing the bottom line. By removing the human manual review factor from eCommerce and mobile payments the original intended business process automation and associated economy of scale is returned to the merchant.
As for first generation IP address geolocation, the unfortunate reality is that IP addresses are easily spoofed. If a criminal wants to get around geolocation screening measures, he or she will. Worse, in screening out everyone from a particular location, merchants inadvertently turn away paying customers. There are far more sophisticated second generation fraud screening measures available that screen for a variety of red flags to prevent fraudulent transactions before they start.
So assuming they’re getting authentication and screening right, where can eCommerce merchants get the biggest (and most effective) bang for their fraud-fighting buck? Thanks to the SignatureLink SecureBuy™ 2012 CNP Fraud Study, the answer is clear. Remember that 90% figure above? That’s a real data point. Only 10% of study respondents said they get the customer’s written or verbal consent to each transaction. The remaining 90% are leaving themselves wide open to fraudulent chargebacks, as evidenced by our finding that 52% of online retailers win the representment process less than 20% of the time (and just over 70% win less than 60% of the time).
Perhaps even more compelling: Only 12% of merchants win the representment process virtually every time — a figure so near the 10% of merchants who get written or verbal customer consent, the correlation is impossible to ignore. At SignatureLink, we advocate securing written customer consent with every transaction. It’s one reason why we’ve designed SecureBuy™ to provide the industry’s first eCommerce Certified Signed Sales Receipt.
Merchants who really want to stop being on the losing end of eCommerce fraud must make use of the available signature-capture technology and ensure every single customer sees, understands, and agrees to their terms and conditions (T&Cs). When that process is integrated into every transaction it stabilizes eCommerce for merchants, banks, and consumers.
In the end, the SignatureLink SecureBuy™ 2012 CNP Fraud Study was not so much about facts and figures as it was an opportunity to look at what’s not working for merchants and banks alike and to begin a conversation around the next steps for the industry. If you’d like to see the study for yourself, I invite you to visit http://www.signaturelink.com/2012-cnp-fraud-study.html for a free download.
About James Packer, Esq.
James Packer, Esq. is SignatureLink’s Chief Operating Officer and General Counsel. Formerly corporate legal counsel and director of operations for merchant advocate and payments best practices firm Merchant Lifeline, LLC, Mr. Packer is a seasoned leader in the areas of chargeback recovery and fraud risk analysis.
Founded in 2002, SignatureLink, Inc. is the eCommerce stabilizer. The company’s SecureBuy™ is the world’s first true all-in-one fraud solution. Visit http://www.signaturelink.com for more information.