Over the past year, merchants have experienced an increase in fraud volume as fraudsters employ new tactics to take advantage of businesses and consumers alike. At the same time, payments technology is also evolving to help improve the customer experience and reduce fraud—but only as long as customers’ data and access remain secure. Merchants need to monitor the following three areas in particular and take steps to mitigate the risks:
Fraudulent Chargebacks
Many merchants have reported more chargebacks since March 2020. That correlates with an increase in the number of consumers who admit they have committed fraud by claiming they never received items they ordered from online retailers. One study found that one-third of American and British shoppers have filed a false chargeback since the start of the pandemic.
Each chargeback comes with a bank fee of $20 to $100—money that is not refunded even if the merchant successfully disputes the chargeback. Too many chargebacks in one month can prompt an increase in the merchant’s card processing rates or even the closure of their merchant account.
Despite the risks, PYMNTS reports that only a quarter of friendly fraud chargebacks are disputed by merchants, either because the merchants do not have time for more disputes or because they assume they will lose. However, if consumers continue to commit chargeback fraud at higher-than-normal rates, or if it becomes a long-term habit for those who have started since early 2020, merchants could be dealing with elevated chargeback costs for the foreseeable future.
What merchants can do now: End-to-end package tracking lets customers see where their order is, schedule delivery when they are at home, and get visual proof of delivery—usually in the form of a photo taken by the driver. Implementing this documentation improves the customer experience and helps merchants fight chargebacks more effectively, which can discourage fraudsters and push them to move along.
Higher-Value Fraud Attacks
Consumers spent 44% more online in 2020 than in 2019, and fraudsters raised their “spending,” too. The average order value of an attempted fraudulent order in 2020 was $710, up from $416 the year before, according to a study reported in Card Not Present. It appears that fraudsters have been trying bigger purchases because they think they can avoid detection amid the huge increase in online shopping.
Every instance of completed fraud represents a loss for the merchant, but higher ticket values raise the stakes. As e-commerce continues to grow, merchants need a plan to manage more order volume in a way that screens out fraud without rejecting good customers.
What merchants can do now: Analyze your store’s fraud data trends to see if you have had an increase in fraud order amounts. If so, you can adjust your automated fraud screening rules to put extra focus on orders in the range where you are seeing the most attempts and completed fraud.
It is important not to rely on automated rules, however. If your store automatically rejects all flagged orders, you are likely turning away good customers. A March 2020 survey of online shoppers in five countries by Sapio Research for ClearSale found that 39% will not buy again from a store that declines their order and 28% will comment about the experience on social media.
A better approach in terms of customer retention and fraud detection is to manually review all flagged orders. That assures that good orders go through and your fraud program’s AI can learn to better sort fraud from good customer behavior.
PSD2, SCA and Open Banking
PSD2, the EU’s most recent digital payments directive, aims to reduce fraud and support innovations in open banking. It is one of the most dynamic developments in payments, and it is affecting merchants in several ways. On one hand, it has the potential to reduce the fraud risk merchants face. On the other, the new directive requires extra customer authentication that can add friction to the checkout process and increase cart abandonment.
Merchants in the European Economic Area and merchants outside the EEA who process local payments inside must comply with PSD2’s Strong Customer Authentication (SCA) requirements. That means that a customer must either validate their identity in two ways to complete a transaction or grant authorization in advance for purchases from trusted merchants. The UK will require SCA in September 2021.
Concerns about added friction and increased cart abandonment have led merchants and fintech companies to explore the preauthorization aspect of SCA, which lets consumers “delegate SCA to a merchant or wallet” and shop without having to satisfy two-factor authentication requirements for every order.
Meanwhile in the EU and UK and possibly soon in the United States, open banking promises to make shopping, credit card management and loan applications easier for consumers, while also helping merchants and lenders to tailor offers to each customer. By securely sharing their banking data through trusted third-party apps, consumers can take care of their financial lives and get more relevant choices without having to enter passwords anywhere but with their bank.
The convenience of open banking requires unifying consumer data from different banks, merchants and payment systems, which presents opportunities for data loss and fraud. For example, if a bank or merchant suffers a data breach, whether it is a criminal hack or an accidental exposure, customers’ financial lives could be open to account takeover fraud.
What merchants can do now: Merchants operating in the EU and UK and those who plan to expand there must follow developments on PSD2 and SCA compliance, especially delegated authentication options that reduce friction while providing fraud protection.
Merchants who want to participate in open banking should “make certain their data storage and protection practices are up to speed,” per PYMNTS, and keep an eye on developing technology, regulations and digital privacy standards as open banking evolves in different markets.
Reducing chargeback fraud and tracking fraudster tactics as they change are two ways merchants can protect their revenue and stay competitive in 2021. Keeping up with PSD2 requirements and SCA can help merchants who want to reduce the risks of fraud and deliver an optimal, low-friction customer experience to EU and UK customers. And securing customer data to prevent account takeover fraud is always a best practice, especially now that open banking is gaining popularity in many markets. By tackling these issues now, merchants can position themselves to succeed in 2021 and be ready to adapt to whatever fraud tactics and payment innovations come next.