Finding the pattern of fraud

Jeff King is director of product management at Framingham, Mass.-based CyberSource Corp. King wrote this piece for Computerworld's communities.

Online credit card fraud continues to be a major concern for businesses selling online, primarily because it's the merchant who is held financially responsible for fraudulent charges. In addition to paying for the lost merchandise and shipping costs, the merchant must also pay a chargeback fee, a fine levied by credit card processors for each fraudulent transaction. Furthermore, certain procedures and mechanisms implemented to deter fraud often result in operational inefficiency, which can further impact a business's bottom line.

In addition to employing automated risk management solutions, businesses selling online can follow a number of best practices to protect themselves from fraudulent transactions while preserving operational efficiency and facilitating rapid processing of valid customer orders.

    Complete an analysis of the problem.

    Identify fraud patterns and determine level of risk. To begin this effort, merchants need to identify common fraud patterns (for example, more than 80% of orders from a specific country are historically fraudulent) and the most affected products. Then they should assign a risk value to the merchandise and determine where the amount lost begins to significantly impact bottom-line business or product-line profitability. One critical element for doing this is to understand the liquidity value of the products.

    Establish a base set of rules to automatically reject a transaction.

    Once risk values and common fraud patterns have been identified, merchants should establish a base set of black-and-white rules intended to automatically reject certain transactions with a very high probability of risk because of the variables historically observed to be fraudulent. This may seem overly simple, but a rule might be to reject all orders received from Russia that are submitted between the hours of 2 and 4 a.m. for a specific product. One must be careful not to establish rules that so broad that many valid orders can also be automatically rejected.

    Use technology tuned for the Internet to apply rules and detect potential fraud.

    In addition to implementing rules, leveraging internet-tuned technologies to process e-commerce transactions and detect fraud in real time is critical to account for additional variables like IP address as it relates to shipping address, cardholder address and purchaser location, and transaction velocity -- all of which can help a merchant identify potentially fraudulent orders.

    Follow up on suspicious transactions.

    Immediately report any unusual experiences, including security breaches or loss of computer systems, to your local police department and the Internet Fraud Complaint Center

. These basic steps are essential to begin addressing online credit card fraud. However, to significantly minimize the financial and operational impacts of fraud can be a daunting task for the uninitiated. But consider the ROI impact of the establishment of a comprehensive risk management system that addresses multiple facets of fraud management, including customer support techniques to help convert questionable orders. If a merchant business does $10 million in quarterly sales and is experiencing a chargeback rate of 3%, dropping the loss to 1% immediately impacts the bottom line by as much as $900,000 annually. Further, a correctly implemented risk management system will positively impact customer satisfaction and loyalty if consumers believe a merchant's site is safe and reliable.

Copyright © 2002 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon