The closure of physical stores during the pandemic led to a significant surge in online shopping, opening new avenues for fraudsters and subsequently resulting in a spike in payments fraud. In 2021, a staggering 71% of organisations fell victim to payments fraud attacks. In Australia, 45% of businesses say fraudulent transactions and chargebacks were a significant cost for their business.
Technological advancements, while offering convenience, have inadvertently facilitated the increase in payments fraud. One-click payments make it challenging for banks to detect and prevent fraud, and the dark web provides fraudsters with the tools to manipulate the system at a larger scale.
Conversely, technology has also played a vital role in combating fraud. Businesses can now swiftly detect and prevent fraudulent activities, minimising their adverse impact, ultimately boosting revenue and enhancing the customer experience.
While fraud attempts can occur in-store or over the phone, online payment fraud reigns as the most prevalent and fastest-growing. Hence, our focus will be on understanding and mitigating online payment fraud in this piece. But before delving deeper, let's start from the basics.
What is payment fraud?
Payment fraud occurs when an individual, not the rightful owner of the payment instrument, initiates a payment with the intent to commit fraud.
Types of payment fraud
The primary challenge for businesses lies in keeping pace with the evolving fraudulent techniques and promptly identifying them. It's important to understand the various fraud types and their potential impact on your business before building an effective fraud prevention strategy.
Credit card fraud
This form of identity theft involves fraudsters using stolen card details to conduct unauthorised transactions, aiming to make purchases or withdraw funds. Shockingly, in the first half of 2022, there were already 2.4 million cases of identity theft reported worldwide.
Strategies to detect and prevent credit card fraud:
Conduct Address Verification Service (AVS) or Card Identification (CID) checks on transactions to validate the payment location and that the card is present.
Leverage behavioural analytics technology to flag suspicious behaviour, such as repeated purchases, multiple transactions using the same email, or various orders delivered to the same address with different payment details.
Card testing fraud
Fraudsters ‘test’ stolen cards to see if they’re active. Active cards are then sold on the dark web at a higher price than those that go untested.
Strategies to detect and prevent card testing fraud:
Utilise behavioural analytics technology to identify fraudulent checkout attempts.
Familiarise yourself with customers' behaviour and implement velocity risk checks and other business rules to ensure you’re blocking the correct scenarios.
Monitor the time frames of orders to spot bot-initiated multiple transactions within a short span.
Account takeover fraud
This type of identity theft involves fraudsters gaining access to shoppers' accounts and altering the account details.
Strategies to detect and prevent account takeover fraud:
Visualise the timeline to understand normal customer behaviour and spot variations after an account takeover has taken place.
Implement verification protocols when account details, like a shipping address, are modified.
Friendly Fraud
Also known as First Party Fraud, this occurs when a shopper initiates a chargeback despite having received the purchased goods.
Strategies to detect and prevent friendly fraud:
Design risk systems capable of recognising patterns indicative of repeated friendly fraud, such as customers initiating multiple disputes across various cards and identities.
Use block lists to prevent the return of bad shoppers.
Refund Fraud
Professional fraudsters make money by requesting refunds from businesses, a trend that's increasingly common and challenging to identify.
Strategies to detect and prevent refund fraud:
Leverage Unified Commerce capabilities in your risk system so you’re able to fully understand the lifecycle of a shopper and view their past orders to identify refund fraud.
Utilise a blend of unique attributes and custom risk rules to mitigate such scenarios and identify unique shoppers misusing those details.
Gift Card Fraud
Gift card fraud is a popular method for transactional fraud due to the difficulty in tracing these cards compared to regulated debit or credit cards.
Strategies to detect and prevent gift card fraud:
Utilise contextual data to bolster defences against gift card fraud.
Deploy custom risk checks and block lists designed to identify and prevent these types of transactions.
Identify misuse of gift cards by using custom risk rules and specified indicators to mitigate such events.
Detecting, Preventing, and Responding to Payment Fraud
We've discussed various fraud types, but how can businesses formulate an effective fraud prevention strategy to safeguard against payment fraud?
Many businesses prioritise security over customer experience, often leading to the blocking of legitimate transactions that deviate even slightly from normal behaviour. Distinguishing between fraudsters and genuine customers is challenging and can result in revenue loss and dissatisfied customers due to a bad buying experience.
At Adyen, we understand the unique challenges businesses face, requiring tailored risk management strategies. Here are our tips on how to strike a sustainable balance between risk and revenue through detecting, preventing and responding to fraud.
Detection: Identify genuine customers and recognise fraudsters across all sales channels.
Prevention: Maintain full control and reduce operational workload by combining risk rules with machine learning.
Response: Increase authorisation rates and reduce chargebacks by adjusting and optimising your risk setup.
Detection
Fraud detection technology
Fraud detection technology utilises historical and cross-platform data to spot behavioural abnormalities, differentiating between genuine customers and fraudsters. Businesses can configure these tools to focus on specific high-risk segments, such as particular industries or regions with higher fraud rates.
Prevention
Supervised machine learning
Supervised machine learning integrates risk expertise with machine learning, allowing businesses to automate risk assessment based on established risk profiles.
Customisable risk rules
Customisable risk rules cater to distinct risks faced by different industries. Businesses can use these rules as a foundation for payment evaluations, deciding which transactions to accept or block.
Authentication
Fraudsters often use identity theft to commit fraud. Authentication procedures, such as 3D Secure 2, help to verify if the customer is genuine or a fraudster.
Manually review
Manual review is recommended for high-risk transactions or those in vulnerable markets to add an extra layer of fraud protection before the payment is completed and avoid potential chargebacks.
Response
Testing and experimenting
Conduct tests and experiments to discover the most effective risk management approach for your business. Configure different risk settings and A/B test them to determine the most effective strategies.
Enhancing Risk Management with RevenueProtect
With the increasing demand for online shopping, the threat of payment fraud escalates. To counter this, businesses must ensure a safer and superior customer experience.
While fraud techniques evolve, so do fraud prevention methods to combat them. By leveraging appropriate technology and crafting an efficient risk strategy, businesses can shield themselves and their customers against different types of fraud.
RevenueProtect, is our unique risk management product with a range of tools to detect, prevent, and respond to fraud. We leverage a global network of cross-industry data, to make accurate risk decisions, stay updated on the latest trends, and effectively combat fraud.
Fresh insights, straight to your inbox
Subscribe to email alerts
By submitting your information you confirm that you have read Adyen's Privacy Policy and agree to the use of your data in all Adyen communications.