Skip to content

‘Soup To Nuts’ – A Multi-Layered Fraud Menu for the Holiday Season

Multilayered fraud approach

The holiday shopping season is well underway, with Black Friday now behind us and many retailers around the world braced for higher levels of eCommerce fraud, from Cyber Monday all the way though until Christmas.

It’s a nerve-wracking, adrenalin-fuelled time of the year for any retailer – because of the potential traffic and sales volume, the technical challenges, and the potential to close out the year in an immensely profitable manner. But it’s always marred, in part, by the ever-increasing interest – and ingenuity – of fraudsters.

It’s not exactly ‘new news’ that holiday season fraud, especially in online channels, continues to rise year-on-year – but this is a trend that is truly global. A recent report by the Australian Payments Network, for example, highlighted the fact that 85% of all Australian card fraud (out of $561.4 million in total losses) falls in the card-not-present category. Retailers certainly can’t be blamed for experiencing elevated levels of stress at this time of the year!

 

Preparing for the perfect storm

We’ve said it before (probably around this time every year), but it bears repeating – it is critical that merchants prepare for a significant uptick in fraud attempts during the holiday period, especially in eCommerce channels. Partly because the industry has been so successful in securing card-present transactions with the now commonplace EMV chip and PIN cards that the online space is the one attracting the attention of criminals. But when you marry that trend with the business growth in the online channel, you have the potential for the perfect storm.

Keeping the fraudster ‘out’ is everyone’s responsibility. Consumers need to be more vigilant than ever during the holiday shopping season, and no-one is immune to fraudulent attacks, as high-profile data breaches have shown. Stealing and reselling data from ordinary consumers is a highly organized criminal activity and fraudsters have been finding ever more sophisticated ways to hack databases or obtain data from individual consumers, including via social engineering and phishing activities.

We’ve also seen new pathways being exploited by fraudsters, due to the increase in omni-channel shopping. Analysis of our own data shows that digital downloads (virtual gift cards or eGifting) have the highest attempted fraud rates, followed by online purchases with next day/overnight delivery. Fraud rate attempts for international online orders also made the top 10, as did ‘buy online/pickup in store.’ This last one has become an attractive option for fraudsters, as some retailers do not require consumers to re-run cards when they pick up products in store.

Merchants must be more vigilant than ever and shore up eCommerce fraud protocols. I can’t overstate the benefit of a targeted risk strategy based on peak holiday trading predictions to ensure maximum revenue, but also to minimize false positives. Keep an eye on your promotions teams and marketing efforts – don’t get taken by surprise!

The need to effectively identify and block fraud, but keep the ‘good’ sales flowing, is what makes this such a tricky time of year. Retailers should look to implement a real-time fraud solution that is both hyper-scalable (watch this space – this catchphrase is going to grow in the context of eCommerce) and continuously monitors fraud behavior and trends across all channels, both online and in-store.

 

The role of service providers and ‘hyper-scalability’

What can we do, as service providers, to help ensure that fraud in digital channels (as highlighted in the Australian Payment Network’s report) doesn’t take the sheen off what otherwise should be a season of joy?

You may have read reports that indicate that less than half of consumers trust stores, online shopping sites and restaurants to protect their financial data – but in reality, that doesn’t seem to be dampening the appetite of those same consumers to ‘take the risk’ and shop online anyway. And fraudsters’ appetite in targeting this channel is not going to diminish as long as this is the case.

With highly targeted and increasingly sophisticated fraud, merchants will only ever be as successful as their weakest link – so service providers MUST be able to demonstrate the ability to hyper-scale. They need to be fast to cope with the ever-increasing traffic over shorter and shorter timeframes. Peaks within the peak season.

It is such ‘non-functional requirements’ (NFRs) – namely, security, scalability, globality, serviceability, capacity and availability – that are increasingly the differentiator for service providers.

At ACI, we have an emphasis on delivering against these NFRs, but also focus on how consortium data can be used across our user-base in a more comprehensive way, allowing us to create calculations within the consortium that can be used in creating rules. Existing customers are seeing uplifts in conversion, reduction of false positives, faster through-put and fraud savings as a result of this consortium approach – something that is more important than ever as holiday season shifts into high gear.

There is no magical ‘silver bullet’ to fraud prevention though – I strongly believe that a multi-layered approach – a “soup to nuts” solution, if you will – provides the best results. Machine learning capabilities alone will not suffice. You must also have rules that enable you to react to immediate needs, promotions and deviations from ‘the norm’ (for example, the peak processing period!).

It’s also imperative to have the flexibility to decision in real-time, or in near real-time, if your business lends the opportunity to conduct manual reviews. A comprehensive business intelligence capability provides a window into transactions in near real-time and is necessary to pre-empt where fraud strategies need tweaking as the holiday shopping season progresses.

 

Find out more about ACI's UP Payments Risk Management solution for Merchants, or read tactical recommendations about stopping holiday fraud from our Leader of Risk Services, Erika Dietrich.