EMV payment regulations, which mandate the use of chip cards at the point of sale, have been effective in mitigating fraud for in-person Card Present transactions worldwide. Unfortunately, fraudsters have migrated to less protected targets, particularly the Card Not Present (CNP) transactions that dominate e-Commerce.
Non-U.S. retailers are particularly vulnerable, according to a study from LexisNexis. Non-U.S. retailers with an e-Commerce operation have the highest fraud-related costs as a percentage of annual revenue, with charges that are 22% higher than U.S. retailers, according to a study from LexisNexis. These merchants’ overall fraud costs are 85% higher than their brick-and-mortar-only counterparts.
“From September 2016 to February 2017, we’ve seen a 50% decrease in fraud at the POS,” said Cleveland Brown, CEO of global payment processing provider Payscout in an interview with Retail TouchPoints. “The reason for that is the chip technology and the card’s 16-digit primary account number (PAN), which isn’t valuable for creating counterfeit cards for card-present transactions. As you see the fraud decrease at the POS, when you look at cross-border e-Commerce, that 16-digit card number only has relevance in that e-Commerce environment.”
Advertisement
Retailers must contend with numerous types of fraud online to ensure that they aren’t losing money during transactions, including:
-
Losses attributed to friendly fraud chargebacks (30%);
-
Lost or stolen merchandise (30%);
-
Identity theft (22%); and
-
Fraudulent requests for return/refund (17%).
Protecting From CNP Fraud
With cybercriminals and disgruntled consumers alike having so many ways to conduct online fraud outside the U.S., these retailers now must get their basic identity protection protocols into shape. This starts with verifying name, address, phone number, email address, device used and other types of personal information with every purchase.
But as newer technologies become available, retailers now can go beyond basic information to implement features that bolster ID verification, including:
-
Device fingerprinting;
-
Geolocation services; and
-
Biometrics (voice and retinal scans).
Brown said that cross-border brands must identify a fraud management suite offering a customized fraud algorithm connected to global multiple data sources, so that they can address these issues from a worldwide (as opposed to a domestic or regional) lens. With regulatory environments varying from one country to another, retailers should partner with merchant service providers that are licensed in different countries to ensure optimal fraud protection across all channels.
The 4 ‘E’s’ Of Fraud Protection
Brown recommended that foreign brands follow a four-step framework to combat card-not-present fraud while they expand their cross-border commerce: Educate, Enable, Enforce and Evolve.
-
Educate the stakeholders on fraudsters and cross-border policies and requirements: “The merchant is a stakeholder. The consumer is a stakeholder. And there’s so many layers in between, so brands must educate the stakeholders on who the bad actors are and how to avoid those bad actors,” he said;
-
Through this education process, enable retailers to be compliant in their country of choice, with the correct infrastructure in place;
-
Enforce the correct features and protocols necessary to combat fraudsters; and
-
Evolve. “We learn how these bad actors come into the system and we go back and educate again,” said Brown.
