In today’s world where much shopping occurs online where people never see each other face to face, one of the biggest costs to merchants is fraud.
People will try to game the system to benefit themselves and cheat the merchant out of money. Every merchant should be aware of common ways fraud can occur so they can take steps to recognize when a fraudulent order is placed with their company.
Companies also exist that assist merchants in recognizing fraud by integrating with their shopping cart, payment processor, or order management system and applying a set of rules to determine how likely a particular order is to be fraudulent. In many cases the cost of these companies can be significantly less than the time a merchant would spend reviewing orders, or the losses they would incur by allowing fraudulent orders to be fulfilled.
Here are some things merchants should look for when examining orders for fraud.
- AVS check on the credit card. This is a common indicator to look at. When the credit card is processed, a check is done against the zip and address to see if they match what the bank has on file. If either say “N” then a merchant should take a closer look at the order. These orders should not be immediately deemed fraudulent based on this alone however as banks records are sometimes not updated quickly.
- Are the billing and shipping addresses vastly different in geography? Is one of them international while the other isn’t? This could be a good sign of a fraudulent order. Especially if it’s from an odd country a merchant doesn’t get orders from often. A merchant will come to know which countries are most likely sources of fraudulent orders.
- Email address. People come up with weird addresses sometimes, but nonsensical ones can be a red flag. If an email address seems odd, a merchant can verify it by sending an email to it asking for a response. If someone responds there’s a better chance the order is legitimate.
- Fast Shipping methods. People who commit fraud want the goods fast before anyone realizes what they’re doing. Use this in conjunction with the other checks.
Fraud Detection Services
To make fraud detection easier on merchants, there are many services that have cropped up to assist. Some integrate with shopping carts or payment processors. Here are a few of the many out there.
- MaxMind. This service has an open API, so check google to see if a developer has implemented a plugin for your preferred software (either shopping cart or order management system) or if your software already built an integration in. The service gives you a score between 0.01 and 100, indicating the percentage of how likely an order is to be fraudulent. Depending on whether you get Standard or Premium service, there are a wide variety of criteria Maxmind checks, including, but not limited to, address, proxies, email, BIN, and IP Address.
- ThreatMetrix. This service, in addition to the usual checks, also identifies transactions by malware.
- Authorize.net. Not only is this one of the more popular payment gateways, but they have their own fraud detection suite merchants can pay for. This allows merchants to set criteria in filters to weed out fraudulent transactions. The merchant can also set actions for Authorize.net to carry out when filters are met.
These are just a few of the services out there to help merchants detect fraud. There are also others to choose from, so be sure to choose the one that suits your business and software best. What service do you use for fraud detection, if any? How have your rate of fraudulent orders changed since you started? What have your experiences been with fraud detection services?
This post was originally featured on May 29, 2013.