Online fraud is growing. Last year it cost merchants over $20bn and well over that again in sales they turned down because of fear of fraud. In the last year alone, the information from over 250m credit cards flooded online after a series of high profile data breaches at companies like Target.
As a consumer, from the outside it might look like transactions are simple; just you and the merchant right? But even the simplest online transaction has multiple players involved. So how does payment fraud affect all the players involved? Who are the winners and who are the real losers when fraud rears its ugly head?
When it comes to online fraud, consumers are currently reasonably safe. Most countries enforce legal protections that affect the ability of others to hold card holders liable for the fraud, assuming that they’ve taken precautions. However this is changing in some countries and we’re seeing some places and institutions introduce insurance industry like provisions and excesses to protect the companies from unlimited liability and push more of the burden back on the consumer. The sad reality is though that like every business increased costs are always based back onto the end customer, so as the cost of fraud increases for any card provider or company, more of this cost will be pushed back onto the consumer in terms of higher charges and fees.
The Card Company
Like any company in the financial services sector, card companies spend a lot of time working out how to protect themselves and their revenues against fraud. This usually means that in the event of a fraud event they’re able to pass much, if not all of the liability onto the merchant. This usually comes with hefty fees and penalties attach which translates into substantial incomes for the card companies so many cynics wonder where the motivation for card companies to crack down on fraud comes from.
The key problem for many online retailers is that they're using a system that was never designed for purpose. Credit card systems were designed for in person usage where retailers could physically identify customers, check IDs and generally be certain of the identity of the card user. Transactions over the phone (Card not Present, or CNP transactions) were quickly replaced by online orders and the same CNP treatment adopted for them, without many changes in the rules.
So when a fraudster makes a fraudulent purchase, the merchant ships out the goods to them in good faith. Up to 180 days later the revenues that the merchants received for shipping those goods can be clawed back instantly if fraud is reported. When fraud occurs an online merchant is often left without the paper trail to protect themselves, they won’t have a signature, proof of PIN entry or anything else that a normal retailer would have to back up their claim.
Finally we have the clear winner, the Fraudster. If fraud is detected, the credit card company will decide whether the cost of investigating the fraud is more than simply compensating the buyer and sending them a new card. Large fraudulent transactions prompt credit card companies to do investigations, which typically involve the police. The police can use detective work, surveillance, and other methods to track down perpetrators. Contrary to popular opinion, the thieves do leave a trail, and they don't always get away with it. Credit card fraud is a felony, and perpetrators can look forward to jail time, plus a permanent criminal record.
What to do to protect yourself or your business
At Trustev, we’re pioneering a new approach to fraud prevention that allows you to protect your revenues from fraud without the nasty blocking activity of the past that often caused more harm in lost or abandoned sales , than the fraud it helped prevent. At its core its about identity and ensuring that you know exactly who you're doing business with!
If you’re selling or processing payments online, we’d love to talk. You can contact us here