Online Merchants Need an EMV Era Fraud Plan

Online Merchants Need an EMV Era Fraud Plan



With the highly anticipated EMV liability shift now in effect in the U.S., merchants have been adopting point-of-sale terminals that can accept chip-based cards.

However, merchants aren’t the only ones on the move. Deterred by these more secure terminals, fraudsters may also migrate to the online arena.

Card not present fraud, which includes card transactions made online, in the U.S. is expected to be nearly four times greater than point-of-sale card fraud by 2018, according to Javelin Strategy & Research. As a result, eCommerce merchants who lack a clear understanding about the risks of online card acceptance could face increased fraud losses.

To avoid becoming part of the growing statistic, online merchants should develop an action plan based on a clear understanding of the current fraud landscape, including the most common causes of loss.

Fraudulent credit-card transactions occur when stolen card information is used to make online purchases. Online merchants typically experience two main types of fraud losses: merchandise value and original charge amount.

In general, cardholders have up to 120 days to dispute a fraudulent charge. However, most online merchants process online orders within one to two business days. Before the real cardholder has a chance to notice the fraudulent transaction, the merchandise has already left the warehouse.

For merchants selling low to mid-priced products, recovering these products through the shipping carrier may cost more money than the value of the product. For higher priced in-transit items, products may be recovered, but with additional fees. If a product has already been delivered, the primary way to start the process of merchandise recovery is to file a police report.

It’s also helpful to get to know the package carrier and carrier’s route. Merchants can redirect a shipment while it’s in transit by using their carrier’s package-intercept service. Another form of mitigation is to require signature upon delivery for items over a certain price point. This can help verify that the recipient is who they say they are at a designated address.

Once a cardholder notices a fraudulent charge, he or she can file a dispute with their card issuer. If the issuer determines the dispute is valid, the consumer then files a dispute with the merchant’s bank. Once the merchant receives a chargeback, the consumer is debited the disputed amount. The merchant’s bank will request specific documentation from the merchant in order to try and reverse the chargeback. If they are unable to provide the documents requested, the cardholder filing the dispute keeps the refund.

To combat fraudulent transactions, online merchants may require customers to provide detailed verification information. This includes additional data points such as a cardholder’s name, billing address and the card’s security code. Additionally, merchants can activate 3D Secure (3DS) technology, which requires online shoppers to enter a separate password for additional security.

While these security measures may discourage fraudsters, they may also deter real customers from placing an order if they can’t remember their billing information. At first, several abandoned carts may not seem like a loss, but merchants should consider the marketing costs associated with drawing customers to the website. With each missed conversion, the average cost of acquiring a customer increases. Unfortunately, there is no failsafe way to balance the loss of a sale with potential fraud screening processes. For most online merchants, it requires trial and error to find the ideal balance.

Losing the product and the original charge amount are not the only potential consequences of chargebacks. Every time a claim is filed against an online merchant, the merchant account is assessed a chargeback fee. This fee covers the costs that the merchant’s bank incurs for handling the claim. Regardless of the claim’s result, merchants must pay this fee. In addition to the standard fee, merchants may have to pay an additional fee, called a representment fee, to fight the chargeback.

Although the occasional chargeback fee may seem minor, excessive claims against the merchant can add up quickly, and merchant acquirers monitor these excessive claim rates. Receiving too many chargeback claims can also result in increased processing rates, higher reserve requirements (a proportion of a merchant’s monthly revenue held by an acquiring bank) or account termination.

With “friendly fraud,” the rightful owner of a card makes a legitimate purchase online. However, they make the purchase with the intent of filing a dispute or demanding a refund. These customers typically file claims stating the product is not as pictured; the product is not as described or marketed; the product was never delivered or received; or there is a product missing from the package

Not only is friendly fraud easy to commit, it is easy to replicate. With information readily available online, individuals can share a merchant’s vulnerabilities by listing instructions on how they successfully committed fraud. Because of the potential increase in new fraudsters, online businesses need to build a strong reputation for cracking down early.

Merchants can more effectively fight fraud in the eCommerce channel by understanding the most common types of losses. By researching, implementing and enforcing security measures for all their credit-card payment options, online merchants can more easily control losses associated with credit card payments.

This is especially true for losses from chargebacks. The earlier merchants have chargeback management processes in place, the faster they can begin to prevent losses.

Lorenzo Soriano is president of Accertify.

Source: PaymentsSource, October 30, 2015