Are High-Security Checks Worth It?

by Tamas Kadar
Your business must offer as many online payment methods as possible. Just don’t forget to keep an eye on the potential fraud payments risks.
Businesses have little choice in the matter these days: they must adapt to their customers’ needs on a global scale. They must localize their content, segment their marketing, and understand how products and services are consumed around the world.
But nothing represents this imperative more than offering the right checkout option to their customers.
In this post, we’ll see why enabling as many checkout options as possible looks good on paper, but that there are inherent risks with every option.
When we think of online payment, we tend to think of credit cards. But people around the world have different preferences. And it’s more cultural than you might think. Some regions, like Germany, favour push payments via bank transfers. APAC customers will need to see an option for Alipay, China UnionPay or WeChat Pay.
The eternal balance act for businesses: how do you accept as many options as possible, without increasing transaction fraud rates?
The current trend is to favour UX over security, even if it means losing a percentage of your sales to fraudsters. Amazon, for instance, doesn’t even force users to enter a credit card CVV, just so you can complete your checkout faster.
Of course, with the right prevention in place, this becomes a false dichotomy. You don’t need to sacrifice friction for prevention, regardless of the kind of option you offer. But before we go into the detection techniques, let’s first go over each method and their associated risks.
Credit and debit cards are the preferred method for purchases, accounting for around 41% of all transactions. The cards are linked to the user’s bank account, and allow them to debit the account, or borrow the amount and repay it within a grace period (for credit cards).
While Visa and MasterCard are the two largest card networks in the world, your business could also accept credit cards from American Express, Discover and Diners, China UnionPay, Cartes Bancaires, Interac or JCB.
To accept card payments in these CNP scenarios (card-not-present), you’ll need to integrate a gateway, such as Stripe, Braintree, PayU, or another service with similar features.
Visa monitors your chargeback ratio
If you go above a 1% chargeback to sale ratio, you are placed on the high-risk list (VCMP)
You must work with your acquirer on a chargeback mitigation plan and present it to Visa
You have to pay extra chargeback fees, including a $25,000 review every 6 months
If you remain in the program for an extended period, you can lose your processing account
Friendly fraud is the fastest growing trend in the fraud world. Put simply, it happens when a customer uses their card to make a legitimate purchase on your site, and later disputes it. It could be for three main reasons:
Digital wallets allow users to store funds and make payments online, from a computer or mobile phone. They are also known as e-wallets, and include famous mobile payment systems such as Apple Pay, Google Pay, and AliPay.
The authentication system can vary (Face ID, PIN, etc…) but digital wallets are generally considered safer than credit card payments.
The fintech giant is one of the most popular checkout options for users thanks to its low friction and ease of use.
For businesses, data encryption and built-in prevention tools should also be a boon.
But unfortunately, PayPal is no stranger to chargeback requests. And historically, the company has tended to side with customers, leaving online retailers more susceptible to friendly fraud than with credit or debit cards.
The company may also freeze a PayPal business account for any length of time, which means your profits could potentially be unreachable until you sort out the issue.
Bank debits are known as “pull payments”. After entering their account information on your site, funds are pulled directly. Here again, a third party integration is often used, such as Plaid for processing these kinds of payments.
While it may seem safer on paper, the danger here is that there is no chargeback protocol in place to protect customers who pay via bank debits. If the account details are stolen, any fraudulent transaction will be lost forever. Moreover, these kinds of payments are delayed, sometimes up to four working days.
To improve security, you may also look at Authenticated Bank Debits, which add a layer of security for each debit. The payments are processed faster, and they are favoured for recurring, automated payments.
These methods are country-specific. For instance, in the UK, 14% of authenticated bank debit transfers are processed via Bacs Direct Debits, which includes an evergreen dispute policy. They take three working days to clear and can only be used for GBP payments.
ACH debits, or Automated Clearing house debits, is the US process which enables transfers. It is one of the largest and most reliable payment systems, but can take up to five business days. ACH errors are also protected under federal law, as long as the customer reports an issue with their bank within 60 days.
For Belgian customers, you’ll probably encounter Bancontact, which combines direct debit with mobile QR codes and a PIN confirmation, allowing you to retrieve the bank account details for SEPA direct debit.
In Australia, BECS Direct Debit is the preferred method, which takes up to four business days to process payment.
A growing category of payment methods which offers customers immediate financing. Like with credit cards, the funds are repaid over time, and, usually in fixed instalments.
The most popular companies for Buy Now, Pay Later (or BNPL) payments include Afterpay and their new acquisition Pagantis, Klarna and even PayPal’s own solution. They make money from late fees and interest rates, but also by charging you a fee. The idea is that customers are more likely to spend money on your goods or services thanks to their offer, so they should get a cut of the profit – for instance, 4.17% in the case of Afterpay.
Crypto payments are now easier than ever to accept on your site thanks to solutions like BitPay or Coinbase Commerce.
There are a number of benefits for businesses, such as the very low transaction fees, and the fact that there is no chargeback process in place. Crypto payments are therefore near instant, affordable, and a true one-way transaction.
Their pseudonymous or anonymous nature, however, makes crypto fraudsters and criminals’ favoured method of payment. This could attract them to your business, and even incentivize them to take over your user’s accounts.
It’s plain to see that no payment method is truly secure for your online business. However, you can certainly reduce the risk of chargebacks by accepting payments via bank debit, BNPL, or even digital wallets.
But even these methods can’t ensure you’ll be dealing with the right customers 100% of the time. Account takeover and creating accounts with fake identities becomes a strong incentive for fraudsters if they know your site accepts payments too easily.
And as friction becomes the new battleground where users are won and lost, organizations want to reduce the number of obstacles between customers and their purchases.
The key is to enable online payment processing with as many options and flexibility as possible, all while ensuring your users are who they say they are.
This is exactly where we can help. By understanding how risky each options are, you can easily create custom rules that adapt to calculate the right fraud score. Combined with powerful device fingerprinting and social media analysis, you’ll have all the payment monitoring to accept payments from a variety of sources with complete peace of mind.
You might also be interested in reading about:
Learn more about:
Data Enrichment | Browser Fingerprinting | Device Fingerprinting | Fraud Detection API | Fraud Detection with Machine Learning & AI
Showing all with `` tag
Click here
Tamás Kádár is the Chief Executive Officer and co-founder of SEON. His mission to create a fraud-free world began after he founded the CEE’s first crypto exchange in 2017 and found it under constant attack. The solution he built now reduces fraud for 5,000+ companies worldwide, including global leaders such as KLM, Avis, and Patreon. In his spare time, he’s devouring data visualizations and injuring himself while doing basic DIY around his London pad.
The top stories of the month delivered straight to your inbox