By Denise Purtzer, VP of Partnerships and Alliances, ClearSale

No one will dispute the observation that ecommerce is a major part of the modern shopping experience. In the last decade, data from the U..S. Census Bureau shows that the percentage of ecommerce sales has increased at least 10%, accounting for $792 billion of the $5,638 billion in total retail sales in the United States alone.

Of course, a lot changed in 2020 and in the first half of 2021. While many of the shifts of the last 18 months were challenging, the pandemic gave an enormous boost to online sales. 

“Consumers spent $861.12 billion online with U.S. merchants in 2020, up an incredible 44.0% year over year,” according to Digital Commerce 360 estimates. “That’s the highest annual U.S. ecommerce growth in at least two decades. It’s also nearly triple the 15.1% jump in 2019.”

This is a huge opportunity for ecommerce merchants. Unfortunately, it’s also a significant opportunity for fraudsters. And they are taking advantage of it. Losses from ecommerce fraud in 2020 amounted to $17.5 billion lost, while the estimates for 2021 are projected to be closer to $20 billion.

Clearly, ecommerce fraud presents a threat to online merchants, their customers, and their bottom line. The path to prevention is to first build awareness of what potential threats exist. That understanding will help online sellers determine the best course of action to protect their businesses while also preserving the customer experience. 

1. What is Ecommerce fraud?
2. Current types of ecommerce fraud
3. Ways that ecommerce merchants can prevent fraud
4. Ecommerce fraud prevention: next steps

What is Ecommerce fraud?

First and foremost, online store owners need to understand what ecommerce fraud is. 

It’s easy to assume that the definition of fraud for an ecommerce site is purchases made with stolen payment information, whether that be a credit card, a debit card, or even a digital wallet. The reality, however, is that ecommerce fraud encompasses much more than that.

The danger of using such a narrow definition is that ecommerce merchants may focus only on protecting against that single type of fraud while ignoring a much broader threat. 

So, instead of limiting the definition to compromised credit cards, ecommerce fraud should be understood as any kind of criminal deception that occurs during an online commercial transaction. This results in some sort of personal gain for the fraudster, while negatively impacting the merchant.

Ecommerce fraud can seem less impactful at first glance, because of the inherent virtual nature of much of the transaction. Make no mistake, though –- while we are using the term fraud, what we’re talking about is theft. It’s as real as someone grabbing a necklace or a TV and running out the door of a store, and it’s equally as damaging. 

If that’s not enough to convince ecommerce merchants to take notice, then this should be: LexisNexis reports that, by the early days of the pandemic, ecommerce fraud was costing online stores $3.36 for every dollar of consumer fraud that was completed. This represents an increase of 7.3% from 2019. And it’s only likely to get worse.

Current types of ecommerce fraud

With the view of ecommerce fraud expanded to include more than stolen credit card information, the next logical question to answer is “What kinds of fraud do merchants face?” While there are a variety is plenty of variations, there are three main categories of fraud that ecommerce sellers need to be aware of.

Chargeback Fraud

Any merchant that takes payment by credit or debit card is familiar with a chargeback. Although initially created to protect consumers and encourage the use of credit cards, chargebacks have increasingly become a tool used by fraudsters.

There is are a number of situations that can be called out as chargeback fraud:

• A customer purchases a costly item and regrets the expense, but doesn’t want to return it
• A customer is looking to hide a purchase from a spouse or significant other
• The buyer places the order with the intention of getting free products

Chargeback fraud is a major issue, and not just because of the lost merchandise. When a consumer files a chargeback, the merchant is held responsible for the charge as well as any fees associated with the claim. They are also responsible for proving that the purchase was legitimate.

Preventing chargeback fraud starts with good record keeping:

• Keep detailed purchase history information
• Create household profiles with historical data –- a customer that files a chargeback is 9 times more likely to do it again
• Require signature or deliver confirmation
• Publish clear and easy to understand return policies on your site

Friendly Fraud

Friendly fraud is related to chargeback fraud. The difference? Friendly fraud is the unintentional use of the chargeback system that results in fraud. It’s sometimes referred to as “accidental fraud”.

This type of fraud occurs when:

• A customer doesn’t keep good records related to credit card purchases
• They forget about a recurring payment
• The buyer is unclear on the return or refund policy
• The customer forgot they made the purchase, or a family member made the purchase on their card
• The name of the merchant on the shopper’s credit card statement is different from the store the purchase was made from

Preventing this type of fraud largely boils down to good communication with the customer:

• Ensure that the company name and store name appear the same on customer statements
• Email communications about recurring payments before they happen
• Have a clear means of getting a hold of customer service
• Have well-written and easy to find return and exchange policies
• High-value purchases should require a signature

Card-Not-Present Fraud

While the first two fraud types are important to protect against, Card Not Present (CNP) fraud is the most significant of the three. This threat includes any instance where a stolen or fraudulently obtained credit card number is used to make a purchase. CNP fraud typically results in a chargeback to the merchant, but because it’s more closely tied with professional fraud attempts, and even identity theft, it deserves its own category.

CNP fraud can be enacted in a variety of ways:

• A fraudster gets access to a customer’s account and uses their card on file (also known as account takeover fraud)
• A skimmed or stolen credit card number is used before the card is reported; this can result in the criminal keeping the item, returning it for a refund to a different payment type, or selling it at a discount to an unsuspecting consumer
• Using a stolen credit card, a fraudster makes a purchase online and picks up the item from the store. This has become a bigger concern as buy-online-pick-up-in-store (BOPIS) and curbside pickup has become more common, especially during the pandemic

Merchants should protect themselves by:

• Staying compliant with Payment Card Industry Data Security Standards (PCI DSS)
• Require CVV input for every transaction, even those using a stored card
• Use predictive analytics tools that combine multiple pieces of customer data,like email and physical addresses, IP addresses, etc. with order information to flag potentially bad transactions

Ways that ecommerce merchants can prevent fraud

In addition to the specific actions listed for each of the fraud types, there are a number of broader steps that online sellers can take to protect their business, regardless of size or revenue.

• Choose a reputable third-party payment processor: While chargebacks are costly for merchants, they are also damaging to payment processors. A reliable payment processing partner will be invested in your success and ability to fend off fraud almost as much as the seller is. This can be especially important if the merchant has any high-risk transaction types, like accepting recurring payments or being in an industry that has historically high chargebacks.
• Use ecommerce platform fraud filters: Filters included with ecommerce platforms are meant to act as a first line of defense for online merchants. These filters watch for red flags like:

• Number of sales during a short period of time
• IP address mismatches between the shipping address and the buyer’s IP
• High-dollar purchase amounts
• Transactions where shipping and billing addresses don’t match
• Errors in CVV entries
• Purchases that occur during typically high-fraud timeframes

• Keep software and platforms patched and up to date: Just like our home and office computer software, ecommerce platforms release patches and updates. If you’re managing your platform yourself, be sure you’re keeping up with security updates, software patches, and so on. If you’re outsourcing the management of your ecommerce platform, be sure your provider has a solid update schedule.
• Add fraud protection software to your process: Third-party fraud prevention software and services add another layer of protection. When considering a fraud prevention solution, pay close attention to how the company protects you. Are they using an algorithm to predict fraud? Do they employ artificial intelligence in their predictive analysis? Do they use human fraud analysis combined with software, or only one or the other? Will adding this extra layer create more friction in the purchase process for customers?
• Chargeback protection: Even if you’re using a third-party solution, chargebacks can be a concern. Some solutions offer chargeback guarantees along with fraud protection. This can prevent a merchant from facing a costly and time-consuming dispute process.

Ecommerce fraud prevention: next steps

While some merchandise categories can be more susceptible to various types of fraud, no ecommerce store is immune. Whether a small, mom-and-pop online store or a large ecommerce merchant, protection is key to minimizing the impact of online fraud to your bottom line. 

As ecommerce fraud continues to increase, in both frequency and sophistication, merchants need to take advantage of the tools available to stop theft from their business. Being diligent and watching out for the red flags that signal potential fraud is just the start. Embrace the technology that can give you a programmatic means of identifying and stopping fraud from your online store before it starts.