We can probably all agree that when it comes to buying online, security is one of the main factors in choosing an e-commerce business. But what happens with the scams suffered by the e-commerce owners? There is not a lot of discussion about them, so let’s shed some light on the subject here.
There are two main kinds of frauds that e-commerce managers can suffer: data theft and chargebacks.
Since western regulations about Privacy are becoming more and more stringent, data theft is a big problem. Firstly because the entity that collects the data has the obligation to keep it safe, as for example it happens in the European Union. Secondly, if news of the data theft spread across the Internet, it could create a negative image for the business. In fact, it could even become viral! And thirdly it is the responsibility of the business to ensure that the person using a credit card or any other kind of payment is the legitimate owner of it. Doing so may be extremely difficult, considering that in online trades you don’t collect a signature, you don’t have physical evidence and you can’t compare the credit card and the ID, at least you can’t if you want to make the sale as quick and smooth as the average buyer expects it will be when buying online. Besides, even when the credit card stolen is not ours, it has some costs for us: loss of products, shipment and package costs, bank fees, and cost related to our work time…once the real credit card owner rejects the purchase, we won’t recover any of these costs. This is precisely what chargeback fraud is. Someone buys something with stolen data, receives it and runs, while the real owner of the data makes claims to the bank and gets the money back.
As a retailer there are some signs that can alert you to be more cautious with transactions.
The best tip we can give you is to suspect anything that is not normal, including very big orders, a large number of purchases in a short term with the same credit card (why not buy everything in the same order), and several purchases made by different credit cards from the same IP address.
How to manage your risks
Sadly, you can’t just reject any order that seems suspicious, because it will make you lose a lot of money. You need to struggle with this, as with everything in business, from an objective perspective.
Do you know how fraud prevention companies work? They create some indicators or risk and when an operation has a high risk, they deny it. If you don’t want to buy the services of one, you can still protect yourself. Create your own index of risk. You can add a point for each of the following factors:
- Order by a new client
- Amount exceeds a specific quantity
- Buyer is from a poor country from where you never received an order
- You tried to contact the buyer but were unable to do so. (If you call your client, do not voice your suspicions, as this could be offensive. Say instead that you are trying to find a cheaper delivery method or something similar.)
- The address doesn’t appear to be real in Google Street View
Set a limit that seems reasonable for you. Have you received an order that exceeds your risk limits? Don’t accept it until you are sure about the legitimacy of the client.
There are different softwares and companies that can help you with fraud detection, but your most powerful shield is your own experience. If you feel that one transaction is very risky, you may prefer to only accept a bank transfer for it. Of course, this could cause a lost sale but if the risk is too high, losing a sale can be preferable to losing the product and the time needed to deal with a very unpleasant situation.
And this takes us to the final consideration. What is more important, fraud prevention or an easy buying process? Well, it depends on you. In any case you shouldn’t have a fraud rate higher than 0.5%, if you have, you may need to take more security steps, such as only accepting bank transfers and MasterCard Secure Code o Verified by Visa, getting a safer payment platform with AVS (Address Verification Service), CV2 o 3D Secure, or even hiring a fraud prevention company.