How to Handle Potentially Fraudulent E-Commerce Transactions

Once your fraud prevention system identifies suspicious e-commerce transaction characteristics, you need to be able to review them quickly and within budget. First of all, however, you will need to set cost effective thresholds for determining which of the suspicious transactions to review. As reviewing all transactions manually is both time-consuming and costly, it is generally not justified for all high-risk transactions.

To ensure that your review costs remain lower than the potential losses from suspect transactions, consider implementing the following procedures:

• Implement card-not-present transaction screening that lets you avoid the manual reviews of low-risk transactions. Criteria that you can use in your transaction screening procedures can include:
  • Low transaction amounts. If the cost of reviewing the suspicious transaction equals or is not much lower than the transaction amount itself, it does not make much sense to subject it to a review. Your screening process should be designed to automatically exclude low-amount transactions from the review process.
  • Repeat customers with a good record. If an order has been received from a customer with a good payment record for at least the past 90 days and merchandise has been shipped to their address before, you should not subject the transaction to further review, even if it displays high-risk characteristics. The customer’s good history serves as a proof that he or she can be trusted.
  • An Address Verification Service (AVS) match and a shipping address that is the same as the billing address. An AVS match, combined with a match with the billing address is typically enough to guarantee that the transaction is genuine. However, if multiple high-risk characteristics are present and if the purchase amount is above the established dollar threshold, you may want to review the transaction.
• Decline all credit card transactions that display high-risk characteristics and are not routed for fraud review. Such transactions should include the ones that fall below your preset dollar threshold and that:
  • Match information in your internal negative file. Your organization should build and maintain an internal negative file where details from previously processed fraudulent transactions are recorded and stored. Information that relates to customer disputes or chargebacks should be left out of the negative file.
  • Come from international IP addresses. Transactions placed from international IP addresses are proved to produce higher levels of fraud. Some merchants have decided not to accept international orders altogether, regardless of the amount.
  • Have international billing or shipping addresses. Similarly to the above characteristic, international billing and shipping addresses are linked to high levels of fraud. It has to be said, however, that not all merchants suffer the same levels of fraud from international transactions. Some types of merchandise and services are related to higher fraud rates than others and you should find out what your fraud risk is before deciding how to handle international orders.

Image credit: Preisvergleich-versicherungen.de.