As long as businesses have existed, there have been people looking to defraud their customers. eCommerce is no different. Here’s what you can do to stay safe and avoid eCommerce fraud risk.
In any retail industry, you need to take measures to protect yourself from fraud. There’ll always be people looking to get something for nothing – unscrupulous men and women whose only goal is to either rip of your business or its customers. It’s your responsibility as a merchant to educate yourself on what the different types of eCommerce fraud look like, and take measures to protect your business. Luckily, eCommerce fraud prevention techniques exist to help you with security.
Fraud in eCommerce comes in several distinct flavors – the first involves unauthorized purchases. Most storefronts provide their customers with a means of storing personal information such as purchase history and delivery details. Hackers who gain access to these accounts can hijack them to net some free stuff.
Thing is, that’s actually preferable to the alternative – identity theft. If you don’t properly safeguard the customer information stored on your servers, hackers can and will make off with it. Anything is fair game here: usernames, passwords, credit card numbers, and so on.
At that point, they’ll either sell the data to other criminals, or use it to commit fraud themselves.
There’s a third type of fraud – one that targets your business directly, rather than victimizing your customers. Chargeback fraud refers to instances where a customer purchases something from your store with a financial account they own, then proceeds to request a chargeback from their bank after receiving the goods they purchased. They might also contact your business and claim the product they ordered was never delivered.
Once they receive the chargeback, they keep their purchase, and you’re out however much they spent.
How Do I Protect Myself from eCommerce fraud?
Ecommerce fraud management is a big part of your customers’ data security. For identity theft and account fraud, take the following steps to keep your customers safe:
1. Ensure all systems are PCI compliant.
The Payment Card Industry has established clear guidelines for storage and security where payment card data is concerned. The easiest way to ensure your store follows them is through an eCommerce platform or third-party tool. Magento and WooCommerce are great choices.
2. Use address verification to avoid eCommerce fraud risk
Require a zip or postal code for all purchases. While this won’t stop every fraudulent purchase attempt, it will be enough to protect against a large portion.
3. Require Security codes for all credit card purchases.
Modern credit cards have a set of three identifying numbers on their back – requiring those numbers be entered for every credit card purchase should be standard practice. It is a big part of eCommerce fraud detection.
4. Track customer behavior and purchase history.
Is a Philadelphia-based customer who primarily purchases beard oil and face cleanser suddenly making a massive order for women’s cosmetics to Russia? That’s a sure sign something fishy is going on.
5. Require delivered packages to be signed for.
This is about preventing criminals from receiving fraudulent packages, as it’s unlikely they’ll be able to spoof a customer’s signature.
6. Screen suspicious activity.
Ecommerce fraud prevention implies to configure automatic reports for any of the following:
- Multiple orders to the same account using different credit cards.
- Multiple purchases to a single credit card in a short timeframe.
- Phone numbers that don’t match a billing address’s area code.
- Unusually large orders that pay for expedited shipping
- Sudden, unusual changes to a customer’s shipping address.
7. Mandate strong customer passwords.
This should be standard practice. Here’s some advice on what constitutes a strong password.
8. Keep track of prior fraud attempts.
This will allow you to both learn from fraud attempts against your business, and to establish a clear pattern – possibly even identifying the region or demographic in which those attempts most frequently occur.
9. Establish clear anti-fraud policies.
What security protocols are in place? How should employees react if they suspect your business has been defrauded?
As for defending yourself against chargeback fraud, that’s a little trickier. The best way you can protect yourself against chargeback fraud is through tracking numbers. That way, if a customer tries to claim a purchase was fraudulent, you can contact their bank with their shipping address and a notice of delivery.
Fraud is a fact of life in every industry, but eCommerce seems especially vulnerable to it. You need to educate yourself on the different breeds of fraud you might encounter. That’s the only way you’ll ever protect yourself and your business.