Buy now, pay later. These four words are taking the e-commerce sector by storm. Consumers are insistent on having the option to complete payments in installments versus a one-time lump sum.

Credit Card Fraud Techniques: How to Identify Them & Keep Your Business Safe Technology is developing at an unbelievable pace. As our technology develops, so do the gaps in security measures, leaving many businesses and individuals vulnerable to credit card fraud. The reality is that, according to a study done by Kount, a staggering 40% of all financial fraud is related to credit cards. What's even more shocking is that this translates to $5.55 billion worldwide! There are various techniques that you and your business can adopt to avoid credit card fraud, and stop those devious fraudsters in their tracks.......

Continue reading

How to Handle Shopify Orders That Have a High Risk of Fraud

Shopify is a platform for businesses of all sizes to create an online store. It offers users a customizable platform, an easy-to-use checkout process, and a wide range of features. However, with great power comes great responsibility.

Unfortunately, Shopify’s popularity has come at the expense of many different types of e-commerce fraud. This post will discuss how to handle and fulfill high-risk orders on Shopify.

How to Know if an Order Is Fraudulent

There are a few ways to determine if an order is fraudulent on Shopify. These include:

Order history discrepancies

One way is to look at the order history and compare the new order to previous orders. If there are large discrepancies between the orders, like a sudden and significant order amount, it could be a sign that the order is fraudulent.

IP address irregularities

Another way to tell if an order is fraudulent is by looking at the customer’s IP address. If the billing IP address isn’t located near or close to the shipping address, this could be a sign the order is fraudulent.

Changes in a customer’s shipping details

One possible sign that a purchase may be fraudulent is if the shipping address changes after the initial order is placed. This could be an indication that the purchaser is trying to hide their true location, which could be a sign of criminal activity.

Multiple failed order attempts

If a customer is trying to place an order multiple times, it could be a sign that they are trying to commit fraud. This could be because they are trying to place fake orders or orders with stolen credit card information. If you suspect a customer is trying to commit fraud, it is recommended you block high-risk orders and attempt to verify the customer’s personal details.

Can High-Risk Orders Be Managed?

There are various ways to manage high-risk orders on Shopify. These include:

In-app fraud checks

In-app fraud checks are a way to prevent Shopify fraud by verifying that the person trying to make a purchase is actually the person who created the account. This can be done by asking for verification information like a birthdate or address, using fraud prevention software like Shopify’s fraud analysis, or by requiring a password or authentication code that is only known to the account holder. This helps to prevent someone from stealing another person’s account and making fraudulent purchases or chargebacks.

Order verifications

• Just like in-app checks, an order verification is a process by which a customer’s order is checked against the information on their account to ensure that the order is valid. This can help to prevent Shopify fraud, as it makes it more difficult for someone to place an order using someone else’s account information. Order verifications can also help to ensure that orders are placed accurately and that no mistakes are made.

Is Managing High-Risk Orders Worth the Effort?

Generally speaking, managing high-risk Shopify orders can be worth the effort for merchants who are able to secure a favorable payment processing agreement with a reputable merchant account provider.

By taking these precautionary steps, you can prevent fraudulent orders, flag a customer that is making repeated and suspicious orders, and subsequently lessen the headaches and potential revenue loss now and in the future.

What an AVS Mismatch Is and How to Fix It

Address verification service (AVS) is a fraud prevention measure used by merchants that accept credit or debit cards. AVS compares the billing address provided by the customer with the address on file at the card-issuing bank. If the addresses do not match, the transaction may be declined to help prevent fraudulent activity.

This helps to ensure that the person making the purchase is actually the cardholder and not someone attempting to use the card illegally. Read on to learn more about AVS mismatches, how to tell if they indicate fraud, and how to fix them.

What Is the Purpose of an AVS?

An AVS mismatch arises when a billing address is entered into a payment processing system but does not match the address on file with the card-issuing bank. This mismatch can cause a transaction to be declined as the bank will presume that the purchase is being attempted with a stolen or counterfeit debit or credit card. In most cases, AVS mismatches can be resolved by contacting the card issuer and updating the billing address on file.

Are AVS Mismatches Indicative of Fraud?

AVS mismatches can indicate fraudulent activity if the discrepancies are significant and not attributable to innocent causes.

Although, merchants should understand that not all AVS mismatches indicate fraudulent activity. There are also many innocent explanations for AVS mismatches, such as:

Out of date billing addresses

Cardholders that have recently moved from one residence to another often forget to update their details with their financial institute. This results in a discrepancy between billing addresses, leading to an AVS flagging a legitimate transaction.

Supported countries

AVS is not supported by countries outside of the US, UK, and Canada. This can lead to cards that have been issued outside of these three countries being flagged by AVS.

Multiple cards or addresses

A cardholder with multiple credit or debit cards and/or residing in multiple residential locations can also lead to an AVS flagging a non-fraudulent transaction.

Fixing an AVS Mismatch

When a transaction is flagged by AVS, there are four courses of action they can take, which are:

1. Retry the transaction.
2. If the customer is somebody you know and trust, merchants can override the AVS mismatch and payment system.
3. Reach out to the customer’s financial institution to verify their identity.
4. If many legitimate transactions are being flagged, merchants can contact their payment processor and rework their AVS thresholds.

AVS Filters Assisting in Fraud Protection

AVS filters are one avenue of fraud protection that businesses can use to help combat nefarious activities. While they are not a cure-all, they can be a valuable asset in a business’ anti-fraud arsenal. Some of your customers may be flagged as fraudulent by AVS filters, but this does not mean that they are not legitimate customers.

For more than understandable reasons, some customers may have their cards flagged. So instead of turning well-meaning cardholders away, why not use the strategies detailed here to turn an AVS mismatch into a legitimate purchase? Both your customers and your bottom line will thank you for it.

E-commerce uncertainty leads to loss of valid business

The fundamental problem of e-commerce risk is uncertainty. There is only so much you can get to know about your customer, without severely damaging the funnel and conversion rates. As anyone who has a sales funnel knows, each added step between product and customer has a cost in conversion. At this very moment, many designers and engineers all over the world are struggling to minimize friction, to perfect their customer journey. All of these efforts come to a halt as the funnel reaches what used to be called the final destination, checkout and payment. At this point, the customer is handed over to a third party, the payment processor. These suppliers are providing a valuable service, but they are also shaping it to protect themselves by blocking or challenging the customer before payment is concluded. In most cases these practices cause a significant loss of valid business to the merchant.

Old trick: Buy time and gather more information before you decide

There are several ways of dealing with this uncertainty, some are happy enough with overprotection, the cost is usually hidden from them and when asked they will say they have no problem with chargebacks or fraud. Others aware of the loss will try to get to know the customer pre-payment, asking many questions and significantly raising churn rates since fraud absolutely does not account for all the churn. A third option is to delay the decision using all available time to reveal more information. This is what FUGU does, we use the time after the payment to gather more information. Our data from live customers is now robust enough to show that the time after the payment can be extremely valuable if used correctly. Monitoring post payment behavior against a variety of signals recorded by our sensors shows that fraud clearly separates itself from genuine payment complexities, a process rapidly accelerated by the proactive measures taken.

FUGU’s post-payment risk prediction safely validates more transactions

The data proves the validity of bringing back old tricks to a new data set. The bottom line is:

FUGU approves 40% of the transactions previously blocked by mistake.

Just that translates into a 1% increase in topline.

But there is more,

FUGU successfully identified 100%  of Friendly Fraud for that specific time period.

Simply put, it is money on the table!

The future of payments is far beyond a handshake at POS

The beginning of a beautiful friendship

In the old world the payment part of a transaction was a straightforward matter, a payment made in exchange for goods in a distinct moment in time – imagine two people shaking hands in the market. This seemed to be the case in ecommerce as well, with credit card transactions in place of cash. The evolution of payments and the rise of new forms of fraud such as Chargeback Fraud determine that it is no longer so. These days a payment indeed starts at the point of sale but will be final and secured only at a much later phase where last installment was made or the chargeback or return option expires. Online merchants should understand the opportunities of monitoring the relationship with their customers during that time frame and leverage it to make better business decisions.

New “Starched” payment models are on the rise

Globalization has quickly exposed merchants to higher competition where product differentiation is no longer enough. One of the ways to stand out had been by business model differentiation leading to a constant evolution of payments. No longer a handshake at a deterministic moment in time, we now need to consider payment a continuous relationship only starting at POS. New payment models now offering longer relationships where payment is either differed or split are on the rise. Solutions like split it or Buy Now Pay Later are offered by merchants to their customers as means of differentiation and in many other cases simply because it is the new standard.

Merchants should monitor, Post-Payment relationship with their customers

Merchants shouldering most of the fraud liability along these longer timelines, use risk analysis tools that limit themselves to a snapshot analysis of information available at POS the site of the Handshake. It means they completely ignore all information revealed during the payment relationship far after POS. Instead of a snapshot, online sellers need a “video” capturing and analyzing the evolution of risk long after the initial risk assessment has been made.

For example:

1. Something is purchased and paid for later; what happens when customer care receives a request for a change of delivery address, does this change the risk evaluation? It seems obvious that such information is relevant to risk after the payment and should be collected and factored.
2. A payment was split into installments and customers’ satisfaction drops; they might turn into friendly fraudsters.
3. Or simply the customer tried to cancel an order with no success and is pushed towards falsely denying the transaction.
4. A recurring payment subscriber is unhappy with a deal and turns to disputing the charge.

Payment risk tools evolve beyond a “snapshot” at POS

Many merchants shore the dynamic aspect of risk by shifting liability through 3D Secure or other forms of insurance, but these are costly measures with negative effects on the topline. FUGU with its innovative post – payment risk monitoring solution offers a way to gain visibility on payment relationship, spreading sensors along the delivery and payment timeline, continuously analyzing signals captured and anticipating fraud on a sequential time award basis. FUGU with post-payment monitoring capabilities is the only solution in the market who can alert merchants when:

1. Customers update delivery address after the payment, this could have a direct impact on the risk analysis and it is logged and factored.
2. Customer with a split payment contacts customer care with a complaint, this could lead to a dispute. Fugu logs and factors the action as well as its embedded data, alerting to risk while shoring it with further documentation.
3. Customer consulting the return policy after delivery, could be a sign of customer considering turning to friendly fraud, logging and factoring the visit can also trigger proactive measures that mitigate and deter fraud.
4. A recurring charge generates recurring touch points with the customer; these are analyzed and factored to provide a dynamic view of long-term risk.

All these offer merchants ways to mitigate that risk without negatively affecting conversion rates. (checkout our blog post)