Online fraud is rising in Europe
Online fraud has been on the rise throughout the pandemic. In fact, within the first few months of the crisis starting, global phishing attacks shot up by a whopping 667%. A recent study from Europe shows that the UK faced the brunt of online fraud in 2020 – an estimated £376.5 million. And, other countries across the EU don’t fare much better. If these numbers are anything to go by, fraud prevention seems to be fast becoming everyone’s business.
Online shopping continues to rise as more users take to digital means to make payments. This has caused the number of online transactions to go up by a huge margin. Amidst all this, newer patterns of fraud are emerging.
The economic hardship brought on by the pandemic has led to an increase of newer types of fraud. For instance, friendly fraud is on the rise. This is when someone falsely reports fraud against legit purchases or issues a false refund claim. Refund abuse and promo abuse are also on the rise since the start of the pandemic.
International third-party frauds have also increased in Europe. While tougher security norms such as SCA or PSD2 can protect cards issued in Europe and the UK, international cards are still vulnerable to hackers. Merchants will have to be discerning of international orders. This means being wary of which orders to accept and which ones not to. Either way, there is an inherent element of risk that businesses will have to deal with.
All of this has put pressure on merchants to stay up to date on the latest in fraud detection and data safety. Not surprisingly, an overhaul of existing fraud and payment tools is needed.
Know the different types of online fraud
To tackle fraud, it is important to understand what you are dealing with. Here are some types you should be familiar with:
Friendly Fraud has been rising since the pandemic started and e-commerce zoomed. In Friendly Fraud, a fraudster buys goods online and then raises a false refund request after they have received the goods. You stand to lose money from these chargebacks, not to mention a higher chargeback ratio.
To fight this type of fraud you need to set up your risk system to analyse patterns of behaviour and detect serial friendly fraudsters. For instance, tracking users who have raised multiple disputes against different cards or identities. You can also compile blocked lists of known fraudsters to prevent their return.
Refund Fraud happens when fraudsters ask for a refund by posing as legit shoppers. They set up fake refund websites which target unwary shoppers looking for refunds. The fraudsters steal these shoppers’ identities and collect the refunds from the merchant. In such cases, the customer loses their money, while you lose your reputation.
To avoid refund fraud, set up your risk systems in a manner that allows you to analyse past orders and the shopping history of customers. By combing through data drawn from across channels, you will be able to notice suspicious patterns and detect fraud.
Takeover Fraud happens when fraudsters design a fake website that resembles a legitimate brand. They then use it to steal the identities of unwary shoppers which are used in future attacks. This type of fraud can also happen on websites where shoppers have accounts and/or have their payment details saved.
To counter takeover fraud, build more accurate shopper profiles. Set up your risk system to pinpoint areas of risk and collect data accordingly. By having access to more data, you can make out fraudsters from genuine shoppers more easily.
How to fight online fraud
First of all, to prevent fraud you have to be alert. Be aware that fraud and other online threats can affect everyone, not just large businesses. So, learn more about the different types of fraud and how they can affect you and your customers.
Secondly, keep track of your transactions across all channels. The more data you analyse the more patterns you can see and respond if any threat arises.
Third, be compliant with all regulations in the markets you operate in. In Europe, PSD2 and SCA adherence has been mandated, so being aligned with these is one step closer to keeping your business safe.
Fourth, work with a capable payments partner. Payments companies have advanced solutions that can manage risk and protect your business and customers from fraud and online threats.
While deciding your strategy to manage fraud, here a few things to keep in mind.
If you set up your fraud settings too high you will block out most fraud. But this could also end up blocking legit shoppers. So, keep a balance between your security settings and conversion rates.
Collect data from multiple sources. The more data you collect and analyse, the smarter your risk management system becomes. This enables you to identify patterns and detect suspicious behaviour. This would also help you to design a simplified payment flow for loyal shoppers.
Use Dynamic 3D Secure to fight fraud. This lets you decide which card payments are routed through 3D Secure authentication. You can set up your own fraud prevention settings to allow low-risk transactions to be approved easily while high-risk transactions go through further checks.
Gowri Shankar is the IT Application Security Manager at Novalnet with versatile knowledge in Programming and System/Security architecture. Having 11+ years of experience in the financial services industry, Cybersecurity, Payment Card Industry Data Security Standard (PCI DSS). Certified in Advanced Payment Card Industry Security Implementer (CPISI 2.0), Secure Software Lifecycle Professional (CSSLP) from (ISC)².