Credit card fraud is defined as the unauthorized use of a credit card account to obtain money, products, or services. To do this, cybercriminals can physically steal credit card account information, acquire it via electronic skimming devices or malware, or even purchase it on the dark web.
As e-commerce continues to grow, criminals are increasingly targeting online retailers with fraudulent purchases. In addition to financial losses from chargebacks, the damage to online retailers also includes loss of consumer trust and negative impact on their brand.
Credit card fraud has risen significantly in recent years and now costs consumers and businesses hundreds of millions of dollars annually. Of the 3.2 million cases of fraud reported in 2019, identity theft was the most common, accounting for more than 20 percent, according to the US Federal Trade Commission.
Credit card fraud is the most common type of identity theft. It accounts for more than 271,000 reports from consumers whose information was stolen to gain access to an existing account—or open a new one. These fraudulent activities resulted in more than USD135 million in losses.
While credit card fraud is an increasing problem for consumers and card companies, it also negatively impacts retailers by leading to:
Reputation damage and loss of consumer trust.
Potential merchant account termination because of high chargeback rates.
Each dollar of fraud committed now costs the average retailer USD3.36, up from USD3.13 in 2019. While credit card fraud is on the rise for all retailers, the largest number of attacks are happening to medium and large organisations which have seen a nearly 50 percent increase since 2019.
Chargeback fees, a large portion of which are driven by “friendly” and “card not present” fraud, now cost between USD15 and USD100 per instance. These chargebacks cost online retailers USD40 billion per year, according to Chargebacks911.
Regardless how criminals obtain account information, all credit card fraud ultimately impacts online retailers because that’s typically where purchases are made. The most common types of credit card fraud include:
1. Application fraud: This common method occurs when a criminal gains access to someone’s personal information and then opens a new credit card account in their name.
2. Card not present (CNP) fraud: This is especially concerning for online retailers. It happens when a criminal obtains an account number, expiration date, and verification code and then uses them to make fraudulent orders, usually over a website or via phone. This information is typically obtained via the dark web or by gaining physical access to a card.
3. Assumed identity fraud: This occurs when a fraudster uses a temporary address and false information to obtain a new credit card and then makes purchases with it before the card company, or consumer victim, catches on. While banks typically have systems in place to keep this from happening, some scams still fall through the cracks.
4. Account takeover (ATO) fraud: The most common type of credit card fraud. ATO attacks occur when a criminal gains access to and then takes over a consumer’s account. From there, the criminal impersonates the victim, changes the mailing address, and asks for a replacement card.
5. Friendly fraud: A growing problem for online retailers, this happens when a consumer purchases goods or services and then asks for a refund from the credit card company—typically while claiming they never made the order or received the item.
E-commerce grew more than 44 percent between Q2 2019 and Q2 2020, according to the US Census Bureau. Thanks to this rapid growth in e-commerce and CNP transactions, online retailers are increasingly vulnerable to credit card fraud.
While the adoption of smart cards has strengthened security for physical, in-store transactions, criminals are now targeting online retailers more often because they allow for CNP transactions. In fact, according to a 2018 study by Javelin Strategy & Research, CNP fraud is now 81 percent more likely than card-present fraud.
Fraudulent CNP transactions can be difficult to detect in an online environment. Criminals can make purchases so quickly that most consumers won’t notice their account has been breached until they’ve incurred unauthorized charges on a fraudulent purchase.
In many cases, criminals will test card information on multiple retail sites, determine why it was declined, and then use process of elimination to track down any additional information they may need. They can also use virtual private networks (VPNs) to hide their location.
Online retailers are also vulnerable to friendly fraud. That’s because card networks like Mastercard and Visa have “zero-liability policies,” so consumers usually don’t have to pay when they’re victimized. As a result, criminals (or unscrupulous consumers) can make a purchase then dispute the charges, claiming they never received the item or didn’t place the order.
Savvy online retailers can reduce theft by implementing robust credit card purchase protection. Here are a few suggested strategies:
Prevent and deter theft before it occurs by adopting a fraud prevention strategy that proactively monitors transaction activity in real time. Investing in credit card fraud management technology helps your online retail business mitigate risk, reduce the cost of fraud, and protect your brand’s reputation.
According to Experian’s 2020 Global Identity and Fraud Report, nearly 90 percent of customers say their perception of a business improves when the company makes investments to improve the customer experience—which includes security.
Several new technologies can help online retailers identify their vulnerabilities and mitigate the risks of credit card fraud. Many now use secured data storage and data encryption to ensure the information they gather is secure. Also, data enrichment tools can aggregate data points to monitor for suspicious transactions.
While criminals are always looking for ways to outwit security, AI-enabled solutions continuously learn and adapt to help stay one step ahead of them.
The best solutions tap into a fraud protection network to identify the latest trends. They also use device fingerprinting to determine where transactions originate and how they align with prior purchase data. These solutions can also protect against bots with stolen credentials that gain access to accounts.
Microsoft Dynamics 365 Fraud Protection can help online retailers diagnose transactions, evaluate fraud potential, and protect businesses with customisable rules to obtain recommendations for e-commerce transaction decisions.
Engage with experts and peers, read blog articles, and find local events.
Access industry-leading self-help and support options.
Get ready and learn more about new capabilities.