Cybercriminals are on the lookout now for new opportunities, now that the world of eCommerce has expanded. Here, Tal Fadlon gives a brief rundown on the three types of authentication methods that help merchants protect themselves against consumer fraud. 

As the Coronavirus pandemic continues to spread, much of the world is adjusting to a brand-new reality. With shoppers now unable to frequent physical brick and mortar stores and retailers being forced to close their doors, e-commerce is booming like never before.

However, e-commerce merchants are not only dealing with an increase in customers, they are also dealing with a huge surge in fraud.  Cybercriminals, well aware of how COVID-19 has impacted the commerce landscape, are on the lookout for brand new opportunities to make a quick buck from inexperienced online shopping newcomers.

In addition, eCommerce businesses traditionally not exposed to cyber-attacks – such as online learning platforms, rideshare, and food delivery companies – could potentially see an increased risk due to the new high volume and attention they are now getting.
Traditional businesses previously not online but forced to go digital in order to survive, lack vital knowledge on how to protect their now-online paying customers.

New world order, new merchant challenges

As part of financial obligations to card schemes, merchants must ensure that fraud rates are kept to acceptable levels. If fraud rates exceed the thresholds dictated by Visa or MasterCard, the merchant may be exposed to fines and additional fees.

To date, card schemes have suspended their fraud monitoring program assessments for 4-6 months for fraud disputes coming from merchants in the travel industry (airlines, lodging, and car rental for example). This “grace period”, is a good time to start rethinking and build protection for your business.

Current, widely accepted fraud solutions

Today, three types of fraud solutions are most commonly used by online merchants:

  • Address Verification Service (AVS): An automated program that compares the billing address used in a credit card transaction against the information the bank has on file. AVS can help reduce the risk of fraud and chargebacks, but it’s not a comprehensive solution.
  • CVV code: Fraud protection to verify the card security code. The CVV appears only on the credit card itself, and not on receipts or statements
  • EMV 3-D Secure: An anti-fraud messaging protocol that allows consumers to authenticate themselves with the issuer of their payment card at the time of non-contact transactions (CNP).

While these basic settings do of course help battle fraud, even more sophisticated layers of fraud protection should be used to keep online business safe. AVS, 3D Secure and rules engine-based solutions are limited and typically, result in a high false-positive rate (a result that indicates that a given condition is present when it is not), and loss of legitimate payments. Regularly, purchase patterns that could be classified as atypical and therefore be declined, can at these times make a lot of sense. 

For example, a $300 digital content purchase (e.g. in-app purchases, opening locked levels, buying token games with real money) from a brand new customer, might be unusual at any time, but be reasonable for people who are constantly staying at home due to COVID-19 outbreaks and playing 12 hours on their gaming console. This example reveals the weakness of rules engine-based solutions in a changing environment. 

Credorax offers online merchants advanced fraud solutions designed to provide lower false-positive rates and higher conversions. Powered by a machine learning algorithm, every transaction is evaluated and scored according to its calculated risk and a predefined threshold.

To find out how Credorax’s advanced fraud solutions can help protect your online business, contact us at:  

contact us

Read more about the Three Things Your Payment Platform Needs in Times of Crisis