SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image

Digital commerce fraud: What it is and how to stop it

Tue, 31st May 2022
FYI, this story is more than a year old

Australia is the eleventh largest eCommerce market in the world, and revenue is predicted to reach USD 32.3 billion by 2024. This represents a year on year increase of 15.5 per cent.

New Zealand, with a population of just 4.5 million, is the 46th largest eCommerce market globally, with a value of USD4.6 billion in 2021. This was a 15 per cent increase in sales from the previous year.

This spike continues a trend that first accelerated during the pandemic as the world turned to online shopping. The businesses that not only survived but prospered during shutdowns were those that quickly pivoted their business models to support digital commerce.

Unfortunately, the rising popularity of digital commerce has also brought a wave of online fraud to businesses everywhere. Bad actors follow the money trail, and, right now, digital commerce is at the epicentre.

There are three common types of fraud that retailers should be aware of: card testing, account takeover and chargeback.

Recognising digital commerce fraud 

Card testing fraud

With card testing fraud, the fraudster illegally obtains credit card numbers. Typically, fraudsters will obtain these numbers by stealing them directly or purchasing them from the dark web.

Card testing fraud starts with smaller 'test' transactions. The fraudster will attempt smaller purchases with each card number to determine which ones are valid without drawing too much attention. Smaller purchases also help determine the limits on each of the credit cards.

After initial testing, fraudsters begin making larger purchases. By the time many merchants discover what's happened, the fraudster has made several large purchases.

Account takeover fraud

Bad actors have a variety of methods they can use to gain access to customer accounts. Purchasing stolen passwords and security codes, obtaining customer info from the web, and implementing phishing schemes are just some of the tactics at their disposal.

Once the account has been taken over, fraudsters are now "the customer," allowing them to:

  • Change account details
  • Make purchases
  • Withdraw funds (if this functionality is present)
  • Access other accounts owned by the user

Account takeover fraud is essentially a form of identity theft.

Once a customer's account details are compromised, that relationship with the vendor is effectively over. Furthermore, account takeover fraud tends to be highly reported by the media, so any breaches will have a significant negative effect on the company's goodwill and credibility. This makes account takeover activity one of the most damaging forms of eCommerce fraud.

Chargeback fraud

Chargeback fraud occurs when a customer purchases a product or service and then contacts their credit card company to void the purchase, resulting in a "chargeback.

Chargeback fraud also holds some extra levels of complexity because, in certain circumstances, it can result from a legitimate purchase simply not being recognised by the customer.

This particular case is often called "friendly fraud." Friendly fraud is no less detrimental to merchants, though, and can still have a negative impact on both the business and the customer relationship.

Some fraudsters intentionally commit chargeback fraud by abusing company policies to get items for free, knowing the purchase will be refunded to their credit card.

Chargebacks cost companies big in multiple ways, including:

  • Chargeback fees
  • Lost merchandise
  • Shipping costs
  • Penalties and administrative costs
  • Banking fines

While it's important to stay on top of the fraud trends, it's even more important to approve all legitimate shoppers. While the loss of revenue from fraud is $1, the loss in revenue from false declines is $30. The most reliable way to protect a business is with a digital commerce trust platform that not only identifies and prevents fraud, but actually optimises the customer buying experience.

An effective, automated solution will allow the company to approve more legitimate transactions and avoid false declines, which will have a significant effect on the bottom line.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X