How to Screen Fraudulent Small-Ticket E-Commerce Transactions
When it comes to fraud prevention, the size of your average sale’s amount is of a huge importance. In effect, it sets a limit on the amount you can spend on verifying each transaction’s validity, which places small-ticket merchants at a disadvantage, while the opposite is true for their big-ticket counterparts. Not to mention that it is often physically impossible for merchants selling small-ticket items to scrutinize each transaction, even if it were financially justifiable.
On the other hand, the good news for small-ticket merchants is that they can absorb much more easily a number of fraudulent transactions that would be totally unacceptable (possibly ruinous) to a seller of large-ticket items. It is a numbers game for both merchant types and you need to know how to play it.
Why Fraud Is Hard to Combat
In theory, e-commerce merchants can prevent just about all fraudulent credit card transactions from being processed. Online shopping has been around long enough to have allowed for solid fraud prevention tools and best practices to be developed that could, if applied consistently, shut down the vast majority, if not all, of fraudulent transactions. And yet, fraud stubbornly persists and even thrives. Yes, criminals are hard at work at devising ever more sophisticated strategies of their own, but their ingenuity can take us only so far towards explaining why fraud is so hard to combat.
Part of the reason for the failure to eradicate fraud is that many merchants are either inexperienced or do not allocate enough resources for fraud prevention. But even well-funded e-commerce businesses that take the issue seriously and have equipped their well-trained fraud prevention staff with the latest tools find it hard to achieve a total victory over the criminals.
For a big-ticket merchant, anything less than a complete shutdown of fraud may well be unacceptable, but that is not the case for small-ticket ones. It’s a numbers game in both cases, but the lower your average sale’s amount is, the greater the number of fraudulent transactions you can live with. With that in mind, if you sell inexpensive merchandise, your goal should not be to eradicate, but to control fraud. Achieving total victory, even if it were possible, could turn out to be unaffordable.
How to Screen Small-Ticket Transactions
When devising your fraud screening procedures, you should account for the fact that it is not cost-effective to review each and every one of your transactions. Your system should be able to identify and set aside for review only transactions with potential fraud losses that are lower than the cost of a manual examination. In particular, consider the following factors:
- Dollar amount of the sale. Set a lower limit on transactions for manual reviews.
- Cardholder relationship. You would not want to review orders placed by returning customers.
- AVS result. You should not be reviewing transactions, for which you received a negative AVS result. These should be rejected.
- Card security code. As with the AVS, you should put a stop to transactions, for which the security code provided by the cardholder did not match the one on file with the issuer.
- Cardholder authentication result. If it makes financial sense to participate in Verified by Visa and MasterCard SecureCode, these two services will be doing some of the screening for you.
Once you have applied these fraud screening procedures, you can proceed to manually review the transactions that have survived the culling process or, again if it makes financial sense, you can run them through a third party fraud scoring service to further narrow the field.
The Takeaway
The victory over e-commerce fraud comes at a cost and the point of implementing fraud screening procedures is to ensure that we don’t spend more trying to prevent it than what makes sense. That means that we have to learn to live with risk and to accept fraud losses as a cost of doing business. Again, it is a numbers game and what counts is winning the war, not each individual battle. Moreover, if you process thousands of small-ticket transactions, individual losses don’t really matter all that much.
Image credit: Serglo.
Google’s Latest Android OS to Support Mobile Payments
WePay, Online Invoicing and Bachelor Parties
Great article. I would like to add a couple comments that merchants can look out for.
1) Different products/services have different risk levels. If time is limited, focus on the products with resell value or ones prone to chargebacks. For example, electronics, webhosting, and even things like baby clothes attract more fraud attempts than say perishable food.
2) For physical goods, fraud rates are much higher when the billing and shipping don’t match. There are scenarios where fraudsters use same billing and shipping and get the goods by intercepting package or requesting for local UPS pickup.
For small ticket items, the loss of a single sale may not matter much but the cost of chargebacks can add up to be a significant problem. Having some internal checks or paying for 3rd party services can definitely help mitigate the risks.
Good suggestions! Just to make it clear, I’m not advocating that merchants should totally give up on trying to prevent small-ticket fraud. At the very least they must be authorizing all transactions and verifying the cards’ security codes, as well as obtaining an AVS verification. The point is that there is a limit on how much you should be doing to prevent fraud, which is largely determined by each transaction’s dollar amount.