Throughout history, businesses from all sectors had to deal with fraud, and today is no different. The only difference is that today fraud has become more sophisticated and evolved than ever. While almost all businesses deal with fraud, commerce has always been hit hardest, especially when eCommerce is becoming more dominant. Online sales went over $ 4.2 trillion worldwide in 2020, experiencing 385% growth compared to $1.4 in 2014. With the development of eCommerce, fraudsters gained new opportunities for their malicious actions, with card-not-present fraud becoming a prevalent form of eCommerce fraud. It is up to all eCommerce shops to actively fight against card-not-present fraud and protect their business and customers.
What exactly is card-not-present fraud?
In recent years, cards have become the most dominant payment method, especially since the pandemic started, and we have been using online shopping more often. The most significant difference between standard commerce and eCommerce businesses is the presence of the customers. In the traditional shops, you can interact with customers and confirm their transaction with a PIN, signature, or ID. That is not possible during online transactions, so it brings a much higher risk of fraudulent actions. To complete an online purchase you only need credit card information which fraudsters can get through cyberattacks like phishing, account takeover, or data breach. By getting stolen card details and using them for fraudulent transactions, fraudsters commit card-not-present fraud and cause financial and reputational damage to your business.
How can you protect your business from CNP fraud?
Unfortunately, it is impossible to eliminate the risk of fraud, but you can reduce it by following the next steps.
1) Collect Customer Information
Knowing as much as you can about your customer helps you confirm they are who they say they are and reduce the risk of account takeover or identity theft. The details that need to be essential to complete any transaction are:
- Name on the card
- Credit card number
- Expiration date
- CVV security code
- Customers contact details ( Phone number and Email address)
- Billing and shipping address
You should also collect any additional data as it helps you verify customers’ identities. This should be done as sophisticated as possible since you don’t want to cause user friction, especially when a large number of customers abandon carts because of the lengthy process. This can be done much easier and quicker by using fraud prevention tools like device fingerprinting or data enrichment. These tools use customers’ own devices or internal and external databases to collect additional information about users, which can help you notice suspicious activities like discrepancies between users’ IP and billing or shipping addresses.
2) Keep an eye on red flags
In some cases, you can prevent fraud by keeping your eyes open and using your common sense to recognize the red flags that might indicate the fraud attempt.
Not all of these red flags will mean the fraud is actually happening, but they will give you a warning about some suspicious activity and allow you to implement additional levels of security.
Some of the red flags are:
- Multiple login attempts or passwords reset requests for one account
- Several changes happening to an account in a short period
- Different users are logging in from the same IP address
- Unreasonably large or small purchases
You know your business better than anyone. Take some time and investigate which actions usually indicate fraud attempts in your business and use them as your red flags.
3) Implement additional security measures
You should have cyber security protocols in place already to ensure the safety of your business, and if you don’t hurry up if you want to have a fighting chance against fraudsters. In addition to it, you should implement additional security measures that can reduce fraud attempts in your business, like introducing multi-factor authentication or requiring CVV code with every transaction.