Navigating e-commerce fraud blind spots

Fraudsters are constantly innovating which means that the businesses that are a target of fraud can develop blind spots – with costly consequences. In this article, we outline how e-commerce fraud is changing, why that leads to a fraud blind spot for many e-commerce businesses, and which strategies companies can follow to combat the evolving threat of fraud.

Fraud is increasingly complex

Fraudsters are becoming experts at assimilating the behaviour of a normal customer. Simple checks based on individual data points no longer cut it because fraudsters increasingly look like everyday consumers — including all their nuances and complexities.

At the root is e-commerce, which is growing in complexity, with new risks throughout the user journey. Every touchpoint in the customer journey, from initial landing page traffic and account creation to platform usage, payments, and more – all present distinct fraud threats.

However, it’s also a matter of a growing fraud universe. In one study, 59% of businesses reported a rise in online payment fraud. And that goes for every fraud vector: we already know that account takeover (ATO) fraud is a major risk vector, but it’s compounded by the widespread availability of large volumes of stolen credentials on the dark web — which grew by 65% in just two years.

The challenge: focusing on endless variations

E-commerce complexity leads to a variety of fraud techniques. Consider payment card fraud which manifests distinctly across different payment types with cards, digital wallets, and alternative payment methods all suffering from unique vulnerabilities. In terms of anti-fraud measures, merchants have seen progress in reducing payment card fraud by complying with increased security measures, e.g. the 2-factor authentication mandated in several regions.

Payments through digital wallets including Apple Pay and PayPal are more vulnerable – and lead to chargebacks that are difficult to contest successfully. Understanding the nuances of the fraud vectors for each payment method is important to correctly mitigate the associated fraud schemes – relying on minimum compliance requirements risks leaving a huge blind spot.

And that’s broadly true for e-commerce fraud. It’s increasingly the case that for every fraud method merchants require tailored logic and data to effectively mitigate the threat. It requires intelligence.

Case in point: bots are a rising threat because bots can imitate human behaviour to create fake accounts, test stolen cards, or scrape valuable data. Distinguishing between good bots performing legitimate activities vs bad bots is critical – but that requires significant insight.

Protect your business with cross-team capabilities

Siloed thinking centred around a single team’s function makes it more difficult to spot complex fraud techniques. After all, fraudsters don’t care which team handles which part of the process and won’t necessarily behave in a way that meets a specific viewpoint or specific fraud criteria.

Merchants should therefore involve different departments in anti-fraud activities. For example, product development teams should communicate with fraud and cybersecurity colleagues whenever they are entering a new market or launching a new feature.

Similarly, fraud teams thus need to equip a broad range of business stakeholders with relevant intelligence around fraud risks and customer impact. It allows leadership to guide priorities and provide adequate detection capabilities across various initiatives.

That means tight anti-fraud collaboration across marketing, operations, and technology teams right from the initial customer login. The aim should be to unite the understanding of risks and accountability to better address novel vulnerabilities and counter an ever-evolving fraudster playbook.

Balance friction and user experience

The only thing worse than failing to prevent fraud is stifling a viable business through excessive anti-fraud measures.

As account takeover fraud and payment manipulation through digital wallets rise there’s always the challenge of balancing anti-fraud measures with the customer experience. Blanket steps like two-factor authentication often backfire as excessive friction hurts users, though it’s hard to argue against the increased security.

A measured, dynamic approach supported by enriched data collected across customer touchpoints can help. Intelligent risk scoring separates trusted users from potentially fraudulent ones, and higher-risk transactions may necessitate added authentication, while low-risk transactions retain a frictionless experience.

Such layered defences also require assimilating insights from an array of anti-fraud tools. That includes combining detection inputs across the organisation into a single place to manage user journeys – and reduce fraud blind spots by aggregating risk profiles using both internal and third-party data.

A holistic view to combat fraud blindspots

Without superior visibility and collaboration, you leave the door ajar for elaborate fraud schemes that often span web, mobile, payments and identity channels. Attackers actively seek out these cracks to infiltrate businesses and commit fraud.

The scale of rising fraud requires checking blind spots with shared vigilance across the business. Yet fraud teams equipped with a holistic view of user behaviour throughout their journey, supported by automated analytics can dynamically optimise security and user experience.

Your toolset matters too. Alphacomm’s Protectmaxx is a next-gen fraud solution that delivers the insight and protection you need to prevent e-commerce fraud – including a 100% chargeback guarantee. To find out how Protectmaxx can protect your e-commerce business from payment fraud get in touch with one of our Revenue Geeks here.