What Tools to Put in Your eCommerce Fraud Prevention Stack
Confusion abounds when dealing with fraud in eCommerce today. Merchants are faced with so many eCommerce fraud prevention tools that sound alike that they have a tough time determining what they need in their anti-fraud stack. Below is a short guide as to the different types of solutions you can select to fight online payments fraud and an explanation of what they do.
Manual Review Tools
Manual review tools are a broad category of technologies that are used by fraud and chargeback analysts as part of their review process. Physical address, email, phone number, geolocation and IP address are some of the things manual review tools can tie to a person’s identity.
If you have an internal anti-fraud team, you will need manual review tools. Machine learning based solutions also generally require some manual review training data to stay up to date on changing fraud trends. That means the only time you won’t need manual review tools is if you outsource your entire fraud fighting function to a solution provider. In that case, the solution provider’s own team will have access to manual review tools
Fraud filters are static rules that are used to deny transactions that are likely to be fraudulent. For example, requiring a full address verification service (AVS) match to process an order is a possible filter. These filters are provided as a tool in anti-fraud suites, but they generally are inferior to solutions using risk scoring engines. In the above example, AVS would not be a useful filter for most merchants engaged in cross-border eCommerce since the service only exists in the U.S., Canada and the U.K.
Fraud filters also do not address illegitimate chargebacks, such as friendly fraud and chargeback fraud, since they are designed to allow normal-looking transactions. To deal with illegitimate chargebacks a merchant using filters would need to either hire staff in-house or use an outsourced chargeback management service.
Risk Scoring Engines
Unlike fraud filters, risk scoring engines weigh the risk of various aspects of the transaction to determine the likelihood of fraud based on an overall score. Manual review staff are also typically hired to go over, with human eyes, orders within a predefined borderline range of scores. Many of the risk scoring engines on the market use machine learning, a form of artificial intelligence, to regularly update the weighting of variables based on recent fraud trends in manual review results.
Risk scoring engines that utilize machine learning don’t prevent friendly fraud. Friendly fraud that gets through and is marked as true fraud will increase the number of false declines as the anti-fraud system learns to reject orders with normal appearing shopper behavior. Illegitimate chargebacks for non-fraud reason codes, such as Merchandise/Services Not Received, will also continue to slip through the system.
To better address your fraud problem, consider using a risk scoring engine in tandem with a chargeback management solution. This way you can avoid false positives and denting your approval rates, while still recovering your money from opportunistic friendly fraudsters.
Anti-Fraud Platforms with Chargeback Guarantees
A popular offering on the market in recent years is decision-based platforms that offer chargeback guarantees. These platforms typically use risk-scoring engines with behavioral analytics and machine learning to determine whether to accept or decline an order. What sets them apart from other offerings is that they back up their technology with a “fraud chargeback guarantee” or “ fraud chargeback insurance.” This means that in exchange for a very small percentage of the order value, these vendors will repay the cost of the goods sold (and sometimes shipping costs) if their system makes an error and the sale is lost due to a fraud chargeback.
These policies also cover merchants for cases of friendly fraud that are classed under fraud reason codes with the credit card networks. However, they don’t cover merchants for all the friendly fraud perpetrated under other reasons codes, such as Merchandise/Services Not Received.
False positives will also still hurt approval rates due to the machine learning’s difficulty in distinguishing between normal customers and cases of fraud.
Static biometrics are when a person’s physical characteristics are used to authenticate identity, such as a fingerprint, the sound of the user’s voice or scanning the iris of the user’s eye. Banks have been using static biometrics to identify customers for decades. Some merchants have more recently adapted biometric authentication solutions for payments. For example, iTunes and the Apple App Store’s use fingerprints provided by Touch ID.
Biometrics have grown in importance in eCommerce with the implementation of the Revised Payment Services Directive (PSD2) Strong Customer Authentication requirement in the EU on January 1, 2021. SCA requires multi-factor identity authentication for most customer-initiated transactions, including two of the following three data points: something the customer knows, something they own or something they are.
While fulfilling authentication requirements, static biometrics don’t prevent friendly fraud since the customer is in fact the person engaging in the fraud. As a result, an in-house team or a chargeback mitigation solution will be necessary to fight your illegitimate chargebacks.
Behavioral biometrics authenticates user identity by how they do things instead of what they are. For example, some biometric solutions measure how the user swipes on their smartphone or types on a keyboard to establish their identity. The benefit of this technology is that it doesn’t require additional user steps that would add friction to the payment process.
Behavioral biometrics also don’t prevent friendly fraud since the customer will engage in their regular behavior before requesting a chargeback. An in-house fraud team or a chargeback mitigation solution will be necessary to fight your illegitimate chargebacks.
Chargeback Management Solutions
Chargeback solutions can be divided into two categories: in-house dispute management tools and outsourced mitigation services. The pricing schemes for both types of solutions can vary a good deal, so make sure you do your homework before settling on a specific solution.
Dispute management tools enable merchants to receive alerts on new chargebacks and provide re-usable templates for manually building evidence to fight cases. Merchants must still employ staff to review chargebacks with these tools.
Mitigation services fight chargebacks on behalf of merchants. Instead of hiring and training in-house staff to manage chargebacks, merchants outsource the work to the staff at the mitigation service. The chargeback mitigation service will have all the tools and templates offered by dispute management tools but will allow the merchant to off-load this entire function to refocus their attention on their core business.
Justt is a semi-automated chargeback mitigation solution that is tailored to each individual merchant. The unique configuration of the solution for each merchant is responsible for an industry leading 83 percent success rate for total cases. Pricing for the solution is based on a percentage of won revenue, not transactions reviewed. This makes Justt an ideal partner in your anti-fraud stack – fighting the friendly fraud that other technologies can’t catch and at no added financial risk to you.