Special Report: 4 Best Practices for Combating Online Fraud

The good news is that online retailers understand fraud is a growing problem and have taken steps to combat it. Their efforts are making an impact. Studies point to a decrease in the percentage of orders lost to fraud. Our own Annual Trends Survey revealed that for 75 percent of respondents, less than 1 percent of their online orders are fraudulent. While this is a step in the right direction, you shouldn't be satisfied till that figure is 0 percent. Here are tips to help you get there:

1. Gather as much data as possible on every transaction, no matter how trivial it may seem. The more data you have at your disposal, the more likely you are to detect fraud. Using this broad data set as the foundation, correlate each individual transaction element with historical instances of fraud to determine its predictive value. Also, correlate the various combinations of these elements with fraud to uncover the links between data elements that are indicative of fraud.

Behavior analysis is a newer fraud tool for online merchants. It assesses whether a customer's visit and website activity is consistent with that of a typical user. For example, the time spent on the checkout page or the number of pages viewed varies greatly between a typical user and a fraudster using a bot. The use of proprietary data analysis by retailers is likely to increase as fraudsters learn how to circumvent traditional mitigation tools.

2. Conduct manual reviews of orders. Online orders that don't pass through an initial automated screening stage — e.g., card verification number, address verification service, postal address validation services — generally are segmented for a manual review process, where additional information is collected to determine if orders should be accepted or rejected due to excessive fraud risk. That review process often includes evaluating the customer's order history, contacting the customer directly, and using Google Maps and IP geolocation to investigate delivery addresses.

According to our Annual Trends Survey, comparing the client address to the billing address is the most popular method to combat online fraud, with 48 percent of respondents doing so. Other popular methods include flagging larger transactions (36.7 percent), verifying the customer's email address (34.7 percent) and checking the IP address (24.7 percent).

Test how your manual reviewers can access the information they need in the most intuitive and direct way possible. Try implementing a case management system that can consolidate all of the information relating to a reviewed order in one place. Provide a structured framework and checklist for investigating orders to your review team, which helps to streamline the process and ensure consistency in dispositioning orders.

Finally, measure the performance of your review team by looking at key metrics (e.g., orders reviewed per day, length of time in queue, chargebacks from the manual review process and by reviewer) to identify areas for improvement at both the reviewer and team level.

3. Develop "auto pass" screening rules. Analyze the profiles of orders that are accepted during your manual review process and determine if there are common characteristics from which you could build effective "auto pass" screening rules.

As a general rule of thumb, half of your orders that are manually reviewed should be accepted. Order acceptance and rejection rates that skew above 50 percent signal opportunities to shift more of the manual order evaluations to automated screening, saving you time and money.

4. Catalog what types of fraud are most prevalent on your website, then develop strategies to minimize them. According to our Annual Trends Survey, unauthorized transactions via stolen credit card numbers and chargebacks on legitimate orders were the two most common types of fraud perpetrated on retailers' websites last year. Consider implementing some of the following policies to deal with these issues:

• Require cardholders' signed proof of delivery for every credit card transaction in which the merchandise isn't delivered immediately at the point of sale.
• Stop recurring transactions that a cardholder canceled. Doing so will reduce the number of repetitive chargebacks by the same customer.
• Quickly process refunds to your customers' accounts, always using the same card number from the original sale. Never give a customer a refund by cash or check.

To minimize chargebacks, take steps to reduce your exposure to friendly fraud (i.e., when you receive a claim because the cardholder denies making the purchase or receiving the order, but the product was actually received). Clearly articulated terms and conditions that the customer must acknowledge at the outset provide an effective front-line deterrent. Follow this strategy with other safeguards, including confirmation emails, activation links and other online validations that require customer input or action.

These safeguards will better position you to deter fraud or represent any subsequent chargeback, as you'll have documentation of actions taken by the customer. However, balance the safeguards required against the customer experience. Excessive customer friction will negatively impact your legitimate customers. By configuring your order flow with the appropriate checks in place, you can maximize legitimate revenue while deterring friendly fraud.