In this chapter we’ll explore how to maintain the balance between blocking fraudsters and letting legitimate customers pay unhindered.
The next step along the payment flow is risk. This is when your risk system assesses the transaction to check for fraud.
According to the 2018 AFP Payments Fraud Survey conducted by J.P. Morgan, 78% of organisations were hit by payments fraud in 2017.
As your businesses grows, the threat only increases. Naturally the temptation is to ramp up your risk settings to keep fraudsters out. But this comes at the cost of your conversions as you’re more likely to block legitimate customers accidentally (this is known as a false positive).
Risk management is both a science and an art, and it’s important to find the right balance between security and your conversion rates.
Research company Edgar Dunn & Company (EDC) found that 24% of businesses reported that more than 10% of the transactions they rejected as fraudulent were actually legitimate customers.
Best practice is to use data from multiple sources. The more data that’s collected, analysed, and linked, the more likely you are to spot fraudsters.
It’s common for fraudsters to use stolen credentials across multiple businesses. They can test a credit card at a music streaming site in the US and then use it to purchase an airline ticket from Germany to Japan. The trick is to work with a risk management solution that spans multiple markets and industries. That way a single fraudster can be tracked across multiple accounts on its platform.
3D Secure is that step in the payment flow when you’re redirected to a “Visa Secure” or “Mastercard Secure Code” page.
It was developed by the major global card networks as an additional security layer. If you use it, the liability shifts from you to the card issuers, so you won’t be liable for any fraudulent chargebacks. But it can also be a conversion-killer, especially on mobile.
The best approach is to use Dynamic 3D Secure, where transactions are assessed in real time and only those that meet agreed criteria will pass 3D Secure.
Some 3D Secure best practices:
Customise your fraud prevention strategy based on your specific business needs (industry, business model, countries of operation, sales channels, customer payment preferences, etc.). So, rather than applying 3D Secure to all transactions, you can use it selectively on high-value or high-risk transactions.
Educate consumers on the benefits of this extra layer of security.
Regularly monitor and re-assess your strategy as market conditions change.
Closely coordinate with your payment partners to better understand the impact of 3D Secure in specific countries or for specific issuing banks.
This latest version of 3D Secure will apply from April 2019. It was created to optimise the process and adapt to the fast-growing trend of mobile and the IoT.
3D Secure 2.0 comes with many improvements, including software development kits (SDKs) to support app-based authentication and integration with digital wallets. Importantly, it will eliminate the need for the redirect. The goal is to use richer shopper data during the transaction and fewer password interruptions so secure shopping is easier than ever.
Get smart fraud defense built directly into your payments solution with Adyen RevenueProtect.
RevenueProtect produces a global, real-time “graph” that spans verticals and geographies, allowing us to see trends before any other provider. You can then easily build intelligent rules tailored to your business to identify fraudsters. And, to keep your business up-to- date, our rule-based Risk Engine uses machine learning to learn and optimise risk checks in real time.
We’ll also help you find the right balance with 3D Secure, and ensure you’re 3D Secure 2.0 ready. As a result, your fraud will be down and your revenue will be up.
Download your copy of "Payments 101 for fast-growing businesses"
Each step along the way provides opportunities for optimization. The following chapters will explain how.
Chapter 4 | Fine-tune your risk management