According to Gartner, "organizations in the digital commerce landscape increasingly face sophisticated online fraud methods. Product leaders must refine product offerings around fraud intelligence, account takeover, business logic abuse, marketplace collusion and postpayment activities to effectively combat online fraud."
Tools, teams and data can be fragmented across security, payments, fulfillment and fraud teams. These silos create inefficient online fraud prevention with gaps in coverage for fraudsters (aka bad actors) to exploit.
As more online retailers shift toward offering account-based models with the ability to save payment details, fraud intelligence integration is emerging to improve protection of new account creation and prevent account takeover in digital commerce channels.
As more online retailers shift toward offering account-based models with the ability to save payment details, fraud intelligence integration is emerging to improve protection of new account creation and prevent account takeover in digital commerce channels.
Many OFD solutions focus on preventing card payment fraud at check-out; however, postpayment online fraud accounted for nearly $23 billion in losses in 2022. New capabilities are emerging in the market to better address this gap.
For complimentary access to the report, click here (no form fill required).
For Carat’s take on the subject of digital commerce fraud (and how to prevent it), click here to check out the article below.
Gartner,Emerging Tech: 5 Elements to Prevent Digital Commerce Fraud, Dan Ayoub, 15 February 2024
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.
The continual rise of e-commerce fraud costs merchants’ considerable revenue. Online fraud continues to be a major source of loss for many online retailers, accounting for an estimated $48 billion in 2023, according to Gartner. Similarly, Juniper Research predicts that global online payment fraud will exceed $343 million between 2023-2027. Fraud can be perpetrated in many ways, including payment fraud, first-party abuse, and account takeover (ATO), so merchants must take a holistic view of the entire payment journey. A holistic approach is not just about mitigating fraud at the point of sale; rather, it’s about understanding where risks exist through the entire customer journey, and leveraging data and information to make intelligent fraud decisions.
Gaining a 360-degree view of fraud intelligence
In a recent report, Emerging Tech: 5 Elements to Prevent Digital Commerce Fraud (see above), Gartner stated “fraud landscape is shifitng as many online fraud prevention solutions and strategies focus on preventing fraud at check out.” From our perspective, that’s only one part of the solution.
When a customer decides to make a purchase online, they usually begin by creating an account. Adding and saving payment information, including credit cards, debit cards, and digital wallets, to the account helps expedite checkout, creating a frictionless customer journey. This process is also where the customer will include an email address, password, and possibly other personal information. The final step is to checkout and purchase the item in the shopper's cart.
In the intricate landscape of online commerce, merchants must protect themselves against risks at every stage. An effective fraud mitigation approach requires a layered strategy that utilizes tools to monitor data and user behavior throughout the customer journey, drawing on both third-party and internally collected data.
Fraud mitigation involves analyzing interconnected data to assess the legitimacy of the user's identity and transaction. This includes verifying if the user’s email has a consistent history for previous payments., if it is used across various e-commerce platforms, or if it was recently created. Leveraging advanced payment fraud detection technologies, these signals are analyzed to help merchants understand typical behavior patterns and reduce the risk of fraudulent activities.
While there are many fraud prevention solutions on the market, Carat from Fiserv provides our clients a truly unique perspective and approach towards risk mitigation. This distinctive position is a result of the Fiserv data consortium which curates insights from hundreds of millions of transactions processed annually. Other fraud solution providers may simply look at the transaction data, but that’s just scratching the surface. To truly understand fraudulent behavior, we place the customer at the center of the payment universe and go beyond just the checkout transaction. These solutions, such as link analysis, examining digital fingerprinting and device intelligence, assess each transaction across a wide range of areas.
Three key areas of emphasis
The Gartner report highlighted 5 elements of online fraud. While all are important, we’d like to explore the following three we discuss with merchants on a daily basis:
Fraud intelligence
Merchants wanting to prevent online fraud need to focus on strategies that analyze a user’s behavior against fraud intelligence that is already known about that entity. For example, if a customer is making purchases that are out of pattern or if the user’s device has been used in past instances, this could be useful intelligence that can help make a risk-based decision. Identifying unusual behavior helps and prevent fraudulent transactions before they happen.
Customers add personal information, email addresses, and payment information when they create an account. A similar issue revolves around device intelligence. The device can support identification when a person logs into an online account. For instance, if a customer has never used a tablet before when making purchases, the platform should alert the merchant. Perhaps it’s just a new tablet, but if the customer has never made a purchase using a tablet, it should raise suspicion. If the customer’s email and phone match when they made other purchases, it’s probably a safe purchase. Examining a variety of sources of customer information during account creation is critical to preventing fraud.
Analyzing pre-purchase activities and utilizing advanced technology helps merchants strengthen fraud detection and reduce online fraud before it happens.
Account Takeover (ATO)
Another area that deserves attention is ATO, which occurs when a hacker gains unauthorized access to a customer’s account. Gaining unauthorized access allows the hacker to seize control of an account and lets them make unauthorized purchases. They can also change a customer’s account information and access sensitive data, including payment data.
For example, I have an online account with a national retailer, and when I created the account, I included a great deal of personal and payment information. What happens if someone gains access to my account and copies that information? They can go onto other websites and make fraudulent purchases, yet those purchases may look as though I made them. Pretending to be someone and using their online identity to make purchases is a huge concern.
Merchants must have systems in place that approve legitimate customers and flag suspicious ones in real time since it doesn't help the merchant or the victim of account takeover if a fraudster makes unauthorized purchases for days or weeks. This is where device fingerprinting comes into play. Device fingerprinting creates a digital fingerprint unique to every device that accesses a system. It includes characteristics such as device ID, IP address, browser type, and operating systems, to name a few. Device fingerprinting helps merchants identify trusted devices, detect unusual customer behaviors, and restrict access from devices associated with fraudulent activities.
Some of the best ways to prevent ATO include establishing strong authentication best practices including ID verification tools and step-up authentication (for example 2-factor authentication) as well as using services that leverage databases of compromised credentials.
Preventing post-payment fraud
Online fraud also occurs after purchases are made, which involves taking advantage of convenient return policies. When customers return items purchased online, they follow simple steps such as alerting the merchant why they are making a return (i.e., the jacket is too small) and then printing a return label.
Recently merchants have been experiencing an increased number of first party abuse, where customers claim they never made the transaction, or never received the order.
Utilizing Fiserv data and technology, merchants can quickly and easily analyze returns in real-time and check dispute history to identify patterns of abuse. Merchants can also leverage our capability to support Visa and Mastercard’s mandate on first party abuse remediation in a fully automated process. In addition to all of the above, merchants can take advantage of near real time dispute alerting to reduce chargebacks and losses.
Protection that is second to none
Fiserv partners with merchants to provide a holistic, 360-degree view of the customer. With multiple touchpoints along the way, fraudsters have plenty of opportunities to exploit vulnerable systems. Merchants must implement multi-layered strategies that combine the best fraud solutions with insights from internal and external sources.
At Carat, we have a strong track record of supporting merchants in fraud prevention, combining both partner and proprietary capabilities leveraging cutting edge technology solutions and providing actionable insights that support real-time decisions, critical to preventing fraud.
Contact us to learn more about our orchestration platform to help combat online fraud.
Sudipto Chakravorti is the Head of Fraud Product Management. At Fiserv, omnicommerce is part of Carat, the global commerce platform that orchestrates payments and experiences for the world’s largest businesses. Contact us today to discuss how Carat can help your business deploy innovative technologies to optimize payments and enhance experiences.