E-Commerce Risk Management

The advent of the e-commerce a decade ago presented retailers with a brand new avenue for selling their goods and services. Existing customers now had an alternative to actually going to a physical store, while online stores now had the world as their market. The other side of the coin is that criminals see the e-commerce as an additional source for gathering sensitive personal information that can be later used for processing fraudulent transactions.

Personal data can be compromised or stolen in a number of different ways, but web-based merchants can and should develop risk management procedures and implement them into their sales process to help protect consumer information from falling into the wrong hands. As a step in this direction, and in order to reduce losses resulting from excessive risk exposure, e-commerce merchants must implement internal fraud prevention measures and controls that are designed to their environment’s specifics. A dedicated fraud control department can provide the direction that your organization needs, in order to fight fraud effectively. The following risk management measures should be incorporated into your organization’s fraud prevention system:

• Create an official fraud control function in your organization. Consider implementing the following procedures when setting up a fraud control position or department:
  • Make fraud detection and prevention your organization’s highest priority. In addition to all obvious reasons, high levels of fraud-related chargebacks can lead to the suspension of your merchant account.
  • Develop and monitor the achievement of day-to-day objectives that promote profitability, such as:
    • Minimizing the percentage of fraudulent transactions. Set concrete targets.
    • Minimizing the effect of fraud-prevention procedures on legitimate sales. Your goal should be to have your fraud prevention efforts produce minimal effect on legitimate sales.
    • Minimizing fraud-related chargebacks. Chargebacks are costly and, as mentioned above, can lead to the suspension or closure of your merchant account.
  • Clearly define responsibilities within your organization for detecting and reviewing fraudulent transactions.
  • If yours is a larger organization and you have a separate group that deals with chargebacks, you should promote a close cooperation between the fraud prevention and chargeback monitoring groups, as one of the most common causes for chargebacks is fraud. The better the separate departments cooperate with each other, the better the overall results of your fraud prevention efforts.
• Monitor fraud control performance. Your fraud prevention efforts will become more effective if you track areas like:
  • Total fraud volumes as a percentage of your total sales. Set targets and stick to them. Needless to say, over time your fraud volumes should decrease.
  • Fraud recoveries as a percentage of your total fraud. A good indication that your fraud prevention efforts are producing results would be a gradual increase of your fraud recovery rate.
  • Speed of reviewing and making decisions on suspicious transactions. As consumers expect that their online transactions will be processed within seconds of submitting their payment information, you do not have much time to investigate suspicious data. Your fraud prevention procedures must be streamlined enough to reconcile these two opposing requirements. There are plenty of tools out there to help you automate the process.
  • Number of complaints from customers regarding legitimate sales. This particular item is especially important, as you want your fraud prevention efforts to not affect legitimate sales. As your organization becomes more experienced in handling suspicious data, such complaints should decrease. You should set targets and be very stringent in enforcing their achievement. Yet, you will never be able to completely eradicate complaints regarding legitimate sales. Whenever you receive such a complaint, you should address it immediately and explain to the affected customer that the inconvenience is caused by your efforts to protect the customer’s personal information and that you are doing your best to better identify fraud signals.

Image credit: Parkcommunity.com.