Transaction fraud is on the rise worldwide, and for any industry. In the UK alone, fraudsters managed to steal £1.2B in 2019.
Despite it being inevitable, you need to know what it looks like in practice for online businesses, and how you can improve detection.
The first giveaway that you need to monitor payments more closely will be because of chargebacks.
What is Transaction Fraud?
Transaction fraud is a risk that any business may face if they accept online payments. Fraudsters use stolen credit card numbers to make purchases online, which can hurt your company in the long run. When the legitimate cardholder notices the payment, they will initiate a chargeback request (refund), which is expensive to process.
Chargebacks also drain time and resources, which is why online companies have every interest to stop transaction fraud before it happens. According to MerchantSavvy, transaction fraud is projected to cost worldwide businesses $40.62B by 2027.
How Does Transaction Fraud Work?
There are many types of card fraud. The most common one will occur when bad agents get their hands on card data through phishing, data leaks, or thievery. Here’s an example of how it works with a darknet marketplace.
- Fraudsters acquire stolen credit card details on the darknet
- They purchase goods and services online with it
- They resell the items on the darknet or clearnet marketplaces such as eBay
- The cardholder notices an unusual charge, and files for a chargeback
- Your business has to refund the customer, and pay chargeback admin fees.
This puts a heavy burden on the business to block payment fraud ASAP. And unfortunately, the current trend shows that most businesses will see an increase in chargeback rates.
Why Are Chargeback Rates Going Up?
This is all due to a number of factors:
- Increase in CNP (card not present) payments: online businesses must accept as many payment channels as possible to remain competitive. This makes card not present fraud a growing challenge.
- Consumer demand for a frictionless experience: the more verification steps you put in place between the customer and their purchase, the more churn you will experience.
- Fraudster technology is easy to access: anyone with a computer, Internet connection and bad intentions can easily log onto a darknet marketplace, and use crypto to buy stolen credit card numbers.
- Increase in leaks of personal data: every month, millions of new customer records land on darknet marketplaces. Fraudsters can easily use them to fool verification systems before making a purchase for themselves.
- Friendly fraud is on the rise: whether accidental or malicious, there are certain cases when the real cardholder demands a chargeback. This is also considered fraud, albeit of the “friendly” type.
To top it all, the COVID-19 crisis has boosted the demand for online stores (as brick and mortar retailers had to close their doors worldwide). A high unemployment rate is also correlated with an increase in crime, and cybercrime has also risen by up to 33% during the pandemic.
See here how a Transaction monitoring software works by speeding up KYC, complementing AML, and flagging suspicious users
Find out here
How to Know if You Need Transaction Fraud Detection?
And just in case you aren’t sure of what they are: it’s the buyer protection in place designed by card network operators to ensure their customers aren’t being scammed by businesses. It allows cardholders to contest a charge, and get a refund.
If you start getting an unusual number of chargeback requests, it’s very likely that your business is being abused by bad agents.
This is a warning sign for many reasons.
You will have to pay large amounts in chargeback admin fees. You will spend inordinate amounts of time disputing the cases by providing all the evidence you can gather. And worse, if the rates are too high, card networks like Visa or MasterCard could put you on a high-risk list, or even block you from processing their card payments.
3 Steps to Detect Transaction Fraud
Now that we have a better understanding of why transaction fraud rates go up, let’s see what you can do to detect it and to stop it before your business and legitimate customers have to suffer the consequences.
1. Gather Customer Insights
Complex authentication steps, such as self ID, handwritten messages, or phone verification can be burdensome for customers; verifying the identity of the cardholder with these methods can cost you the frictionless user experience your customers often prefer over security. Find a solution that doesn’t undermine customer experience and also allows you to gather enough insights to make informed decisions.
Email address
You can uncover a lot solely by checking and analyzing the email address provided by the customer: Is it a disposable address? Was it created very recently or it has a history and has been involved in data breaches? Are there any social and digital profiles connected to it? All this information can help you spot typical fraudulent patterns and block malicious users.
Phone number
Same goes for a single phone number: find out if the number is valid, disposable, if there are any social and digital profiles connected to it, or flag suspicious carrier information, virtual SIM cards, or check if the phone number points to the same country as the credit card.
Social and digital profiles
A powerful weapon in the fight against fraudsters is simply checking if they have a social network profile, something you can do by running a search with their email or phone number. Creating a social footprint is time-consuming, and fraudsters often don’t take the time to do these measures. A missing digital footprint should alert you that the user could be using a stolen ID and card details.
IP address
Collecting information on the IP address the customer is connecting to your service from can unveil typical fraudulent behaviour and tools used by fraudsters to cover their tracks. If it points to a proxy, an emulator, or a Tor connection, or the IP address doesn’t match the cardholder’s billing and shipping address, you need to be alert and can suspect an attempt at fraud.
[email_ip_phone_lookup]Device Fingerprinting
A good fraud detection solution should also enable you to get information about how customers connect to your website. The software and hardware configuration you can gather via device fingerprinting can help you track down fraudsters with ease.
In the long run, you can create complete logs of how your users connect to your site, creating specific IDs (or hashes) that represent the most common software and hardware configurations and help highlight suspicious ones and spot if the card might have been stolen.
2. Leveraging Machine Learning Insights
Artificial intelligence and machine learning have been thrown around a lot as the new buzzwords in technology. In online fraud detection and prevention, machine learning is used to collect AI algorithms trained with the historical data you have been gathering on customers and past transactions to suggest new risk rules.
You can then implement these rules to block certain transactions if they appear to be fraudulent. The great thing about machine learning is that it gets increasingly accurate as you feed more and more data into it. You can also actively train it by flagging previous fraudulent transactions so it can connect the dots and find recurring patterns to spot in the future. Even the most experienced fraud managers might miss these, but the learning model system, simply by looking at the data, is able to detect fraud and find connections that were previously invisible, to avoid more chargebacks.
3. Creating Custom Rules
The extra information you collect on customers also needs to be reviewed. Of course, this can be a manual process where you and your team check each user or transaction one by one, but this can be a time-consuming mission.
You can assign a fraud score to each transaction based on all the information gathered and set thresholds to automatically block them above a certain score, helping you speed up the process.
A good fraud prevention solution also allows you to set up custom rules based on industry knowledge, own experience, and your risk appetite to automate this process and allow, block, or review transactions based on a set of conditions you can expand and update at any point.
This is where you can make any fraud detection and prevention solution truly yours and maximize its efficiency. Fraud and methods used by fraudsters who tend to target you can get very specific, but with the right tools and fine tuning over time you can make sure to catch fraudsters and protect both your business and your legitimate customers.
Key Takeaways for Transaction Fraud Detection
Transaction fraud is on the rise. For high-risk merchants it’s inevitable. For any other kind of retailer or online business, it’s a very high possibility.
And unfortunately, it costs a lot more than just chargeback admin fees. There is the time, effort and stress lost to trying to dispute the chargeback, not to mention the fact that you are losing customer trust and damaging your business reputation.
Luckily, fraud prevention tools have increased in sophistication, flexibility and ease of use in recent years. Even a full end-to-end fraud detection services with artificial intelligence is much easier to integrate and affordable these days. So you should be able to check out the pricing to get an idea of ROI when deploying a fraudulent transaction detection system.
Stop new fraud trends and enable your growth with SEON’s real-time data enrichment, whitebox machine learning, and advanced APIs.
Ask an Expert
Frequently Asked Questions
Transaction fraud represents a very large umbrella of potential malicious behavior. However, some of the most common signifiers that transaction fraud is taking place regardless of whether it is on a retail marketplace, bank, lender, or other common fraud target include: sudden spikes in large transaction, declined transactions, bot-like behavior such as rapid transactions, failed password attempts, sudden suspicious changes in geolocation from a single user, and connections via a tor client or from an otherwise suspicious location.
As transactional fraud can refer to any form of fraud that occurs where money is being exchanged, it can broadly include: credit card and CNP fraud, identity theft, account takeovers, phishing, BEC, wire fraud, money laundering, investment fraud, and crypto fraud. This can include both online and offline attacks, and affect all verticals and the transactions they carry out.
Transaction fraud is a broad term that covers numerous types of fraud. One of the most common is account takeover fraud, where the fraudster takes over the cardholder’s account and uses it for themselves. The usual pattern is for the fraudster to make as many fraudulent transactions as possible before the account holder realizes what is happening.
New account fraud is another common type of transaction fraud. This is where the fraudster uses a stolen identity to open a new account and make as many purchases as possible with it before the fraud is spotted.
The old rule of thumb was that 1% of all payments could end up in chargeback requests. If you process 2,500 payments a month, it’s not out of the ordinary if 25 of them end up contested by the cardholders.
But there are some caveats. Firstly, each card issuer calculates monthly rates differently.
Visa: the provider divides the number of chargebacks in a month by the number of transactions processed during the same month
Mastercard: divides the number of chargebacks by the number of transactions the previous month.
You might also be interested in reading about:
- SEON: What Is Transaction Monitoring in AML & How to Set It Up
- SEON: Chargeback Fraud Detection & Prevention
- SEON: Fraud Detection & Prevention: What is it?
Learn more about:
Digital Footprint | Device Fingerprinting | Browser Fingerprinting | Fraud Detection API