There are still several weeks of summer fun, but consumers are already fast-forwarding to the winter months and starting their holiday shopping. In fact, several retailers have already started offering holiday deals to beat the November and December rush. For example, Amazon.com launched Prime Day in July, and consumers ordered more than 34.4 million items, shattering the sales of the online retailer's biggest U.S. Black Friday to date in 2014. To counter, Wal-Mart upped sales by offering over 2,000 rollback deals which will run a 90-day course as opposed to just one day.
Hand-in-hand with consumers starting their holiday shopping earlier than ever, fraudsters will target retailers with new, sophisticated strategies for financial gain during the holiday season. Retailers must have advanced cybersecurity plans in place well in advance of the holiday season to keep their businesses protected and prevent consumers’ digital identities from being compromised.
Here are five tips for retailers to prepare now for the holiday spike in online fraud:
1. Take extra caution with mobile transactions. Consumers constantly have their smartphones and tablets on hand and increasingly make purchases via mobile devices. During last year's Cyber Week (Thanksgiving Day through Cyber Monday), mobile accounted for 39 percent of all transactions across the ThreatMetrix network. For the 2015 holiday season, ThreatMetrix predicts this number will surpass 50 percent. With this growth, cybercriminals will target mobile for fraudulent transactions. Therefore, retailers must have cybersecurity strategies in place to differentiate between authentic and suspicious activity.
2. Profile your existing customer base. Retailers should consider how well they know their customers and their associated behavior. For example, how many mobile devices does a given customer use and what's his or her typical billing and shipping address? In doing so, they can identify good transactions as opposed to bad ones, and risks can be recognized and mitigated as they arise. This can be done by leveraging a digital identity network, bringing together all aspects of a person’s online devices and behavior into one unique digital identity – including email addresses, geo-locations, devices, and both personal and business personas to accurately authenticate users in real time.
3. Review last year's holiday season. Holiday shopping in 2014 saw an uptick in e-commerce sales, and with that the greater potential for fraud. Retailers should understand that initial reviews and recommended security strategies from last year don’t necessarily get taken into account right away. Now is a better time than ever to take a look at last year (and other recent years) and use those practices to prepare for this upcoming holiday season before the shopping rush begins.
4. Customize your strategy for the holidays. During the holiday season, there will be significantly more transactions than the rest of the year (same with cybercrime attempts), so e-commerce merchants should make their fraud analysis as close to real time as possible, rather than reviewing a few times a day or week. Retailers should also place an emphasis on identifying trends in real time, enabling them to take immediate, preventative action if necessary without wasting time or resources via manual reviews.
5. Tighten up existing security. It’s never a bad idea to check for any loose ends to see what parts of your security platform can be improved. Retailers should proactively identify new cybersecurity functionalities released in recent months that can be added to existing portfolios. This might include new types of functionality or new rules that can be built upon to improve performance and prevent fraud. This should be done months ahead of the November and December rush, as retailers don’t want to be working out kinks in their security systems while processing record transactions.
During the holiday shopping rush, retailers want to spend more time on customer service and less time manually reviewing transactions for fraud. They also don't want to risk incorrectly labeling trusted customers as fraudulent, as this can lead to lost sales due to transaction abandonment or accidentally turning customers away. An effective way for retailers to provide the safest and most efficient holiday shopping season is for them to share global intelligence across a digital identity network, ensuring suspicious transactions and activities are blocked without adding friction for authentic and returning customers.
Andreas Baumhof is chief technology officer at ThreatMetrix, a provider of integrated cybercrime prevention solutions.