E-Commerce Fraud: Securing the Entire Customer Journey

As the E-commerce industry continues to grow, the expectations of customers do simultaneously. For instance, trends show that customers want “more personalization, instant gratification, and fewer hoops to jump through during check-out” and companies are doing all they can to meet these online needs in order to gain a bigger consumer base (Ortiz, 2022).

With this significant influx in new customer accounts, comes the burden of online fraudsters who are also evolving and developing more elite ways to take advantage of company and customer information and experiences. While businesses are familiar with the more generic types of fraud, such as chargeback fraud and phishing, many new forms have developed and it is important to understand such variations to implement the best practices to prevent them which will be discussed in this SPOOKY October blog. 👻

To further analyze this topic, we referenced the Big Commerce article “E-commerce Fraud: Securing the Entire Customer Journey.” It is only right that we give credit to Big Commerce, and author, Chelsea Ortiz, as the content in this summary comes from their original research and ideas.

Where is Fraud Likely to Occur in the Customer Journey?

Creating an Account

During this step in the process, fraudsters “create an entirely new fake person using a combination of fake information, and real identity information” (Ortiz, 2022). The reason they do this, is so that they can shop online, add things to cart, accumulate a total, and then abandon the cart. This makes it incredibly difficult for merchants to understand their customer analytics and preferences, as they are unsure which users are real humans compared to fraudsters since the user activity of that account ended entirely without completing a purchase.

Updating an Account

When updating an account, users unfortunately can be subject to Account Takeover Fraud (ATO). This type of fraud refers to when a fraudster gains access to all aspects of a user’s E-commerce account. Once inside, fraudsters are able to steal information, change data to represent wrong information, as well as make purchases of all sizes. ATO is one of the most common, yet serious attempts of fraud, and can severely negatively affect brand reputation.

Payment Authorization

Fraud often occurs in the payment step of a process, as fraudsters make purchases with stolen credit card numbers. These purchases are not always recognized after the first successful attempt, yet once bigger purchases are made, it becomes more noticeable. Companies must ensure they are creating a safe transactional platform, which is why many, if not all, businesses check with other parties such as payment processors, and issuing banks after a purchase is made.

Fulfillment

The buy online, pick up in store (BOPIS) experience has become incredibly popular in the shopping industry due to it convenience and ease. However, by “using the same stolen credit card used to place the order, fraudsters [can] simply pick up the order with the confirmation receipt they received,” and easily obtain the product(s) they stole (Ortiz, 2022). This tactic is so successful for fraudsters, because merchants rarely check for identification during pick-up, and this strategy also limits the likelihood of such online activity being linked back to them.

Loyalty and Retention

“Aside from increasing customer retention and reducing customer acquisition costs, loyalty programs generate a goldmine of data which can be used to fine-tune offers and personalize the experience. Customers receive special recognition, access to exclusive offers and have a foundation to cement a relationship with the merchant” (Ortiz, 2022). However, these loyalty accounts and gifts are not regularly checked, which leaves room for fraudsters to enter the account and steal the rewards before they can be used by the right person.

Returns

From purchasing a large order with the sole intention of getting free shipping and returning many pieces, to using a product before it is returned, fraud in the “Returns” phase can come in many forms. Additionally, more experienced fraudsters, return items in efforts to obtain store credit or gift cards that they can sell for a higher value through other platforms and channels.

Despite the significant lost revenue resulting from returns abuse, companies lose even more resources due to the added operational cost of processing returns, shipping and restocking inventory. Unfortunately, return abuse can be challenging to detect and stop, since fraudsters frequently set up new accounts and payment methods to avoid being caught.

How Can Businesses Combat These Issues?

BioMetrics: Learn Customers’ Behavior.

Understanding and using BioMetrics, also known as the act of analyzing how a user interacts with an E-commerce site, such as how they “scroll through a page, type on a keyboard, and use a mouse,” can help businesses compare such actions to those known to come from legitimate users. This tactic allows merchants and businesses to authenticate users and decipher if their actions are valid, or concerning and of high-risk, ultimately limiting fraud attempts and cases.

BioMetrics are tracked in the background of an E-commerce site without hindering customers’ journeys, and learns what typical behavior is like for the average customer so that it can step in and flag a user if their actions do not match up with what is expected.

While this strategy may flag a subject that is harmless once-in-awhile, it is better for companies to be safe than sorry, and it is highly likely that many consumers will appreciate such efforts to keep them and their personal information secure.

References

https://www.bigcommerce.com/blog/ecommerce-fraud-touchpoints/#wrapping-up-how-to-out-innovate-the-fraudsters