E-commerce is experiencing solid ongoing growth; this year online retail sales are expected to grow at over 16 percent compared to 2016. However, that growth and opportunity has also caught the attention of criminals.
There has been a significant rise in global eCommerce fraud, including online payment fraud, mobile fraud, merchant identity fraud, and the loss of personal data. These and other global eCommerce fraud trends are important to track for a business to help combat risk and vulnerability.
Although it is a global problem, U.S. merchants are the primary target of fraudsters. In 2014, U.S. merchants had to contend with 52 percent of total attack volume. Other countries impacted include the United Kingdom, China, and the Netherlands. E-commerce merchants most at risk of this type of fraud are airlines and money transfer companies. Retail eCommerce companies affected by online fraud, include general and clothing retailers, followed by online computer and electronics merchants.
Mobile Fraud Growing Rapidly
Mobile transactions are garnering more attention from fraudsters due to the existing vulnerabilities that make this type of fraud quick and easy to undertake, and oftentimes unnoticed by users. Unfortunately, many mobile users make fraud easy because they just use an easy-to-guess PIN. Plus, much of the data from wireless transmissions is not necessarily encrypted, which means that hackers can steal personal information and use it to get payment credentials.
Now, the trend with mobile fraud has been to use even more advanced strategies to get this information. This includes malware added to applications through malicious code or other means. The user does not notice because the app they are using continues to work normally. Meanwhile, the code is gathering personal data, gaining control, and even changing the security settings. Criminals continue to exploit this channel of eCommerce because merchants and mobile users don't understand this type of fraud.
The Threat of Merchant Identity Fraud
For merchants, this type of eCommerce fraud can result in some serious issues. Typically, this fraud includes a criminal who establishes a merchant account for what seems like a legitimate business. They then use stolen credit cards to do numerous of charges and then take off with the proceeds before the cardholders realize they have unauthorized transactions on their accounts. The payment facilitator cannot recover the funds because the fraudster has disappeared and then they are held liable for the loss and accompanying fees.
Criminals are becoming smarter when it comes to creating these false identities, going as far as to create false identity documents like birth certificates, credit reports, and identification cards. They also leverage the fact that it is difficult for companies to actually verify these online merchant accounts and determine an imposter company from a legitimate one. Plus, the schemes and level of involvement by multiple people in the merchant identity fraud make it even harder to detect and catch these criminals.
More Friendly Fraud
Another trend in eCommerce fraud types has been the increase in friendly fraud, also known as chargebacks. What happens is that a customer pays for their items online using a debit or credit card. Then, they do a deliberate chargeback after receiving the goods claiming they didn't receive the items. The card is typically reimbursed and they keep the items they said were never received. Often, the merchandise is then re-sold to get the cash.
International eCommerce Fraud Growth
As global eCommerce transactions increase, so does the risk of fraud. Often, online stores in other countries do not use the same security filters and have not invested in the same type of security technology. Yet, the demand for buying online from international merchants continues to grow. The trend is to help these international eCommerce companies to better secure personal data during these transactions.
Combatting Fraud with Social Media Data Authentication
One of the unique ways that eCommerce retailers can outsmart fraudsters is to use social media data. This data can authenticate customers during the transaction process, but is complicated, time-consuming, and costly. However, the trend going forward indicates further exploration of this authentication method as artificial intelligence may enable automation and faster analysis of existing social media data.
Another approach is social sign-in. While users don't have to remember their passwords or even enter anything in order to access certain apps, not many online retailers offer this approach. According to Rita Marini, of SAP Hybris, consumers want an experience that is “snoop-free” and not allow even more information collection.
Conflicts Between Fraud Prevention and User Experiences
The problem with implementing so many layers of fraud protection into the eCommerce user experience is that it creates friction, slowing down the transaction and creating a bad user experience for the customer. Customers expect fast, frictionless, and hassle-free user experiences in today’s digital word.
Merchants must make decisions about potential fraud in a matter of milliseconds to keep customers happy. That's where artificial intelligence can help maintain satisfying user experiences.
It oftentimes feels like an uphill battle for merchants. For every “win” gained from fraud prevention of a certain technique, fraudsters will continue to find other vulnerabilities to exploit. Since fraudsters know how to steal while looking completely legitimate online, eCommerce businesses will have to become smarter. The future trends will need to take on more of a proactive approach versus reactive. Some proactive approaches include machine-learning, predictive analysis, and AI.
As eCommerce fraud becomes more complex, risks grow among the opportunity. Luckily, payment technology that leverage machine-learning, social authorization, and Internet of Things (IoT) payment methods with greater security will emerge.
As Michael Lynch, Chief Strategy Officer for InAuth, states “financial institutions prioritizing enhanced digital experience and reduced operational costs can’t afford to not to implement such solutions. Mobile payments is an emerging technology rife with opportunity that many players, including cutting-edge financial institutions and non-traditional players, are vying to capitalize on.”