Skip to Main Content Skip to Footer Content
Close Search

Preparing for Peak: Tactical Recommendations for Stopping Holiday Season Fraud

preparing for peak fraud season

Business might be booming for eCommerce merchants, who see increases in holiday spending climbing steadily upwards each year, but with fraud growing nearly twice as fast as sales, merchants need to have their fraud strategy fine-tuned to ensure that peak retail season is a success. I spoke to Erika Dietrich, ACI’s Leader of Risk Services, to find out how merchants can best prepare their fraud management strategies for the holiday season, ensuring risk strategies are effective – with low friction for genuine customers and high accuracy in detecting fraud.

Chris Taine: What are the first steps that you would recommend for merchants, when it comes to preparing their systems for the holiday shopping season?

Erika Dietrich: First, I would recommend that merchants have the capability to manage and deploy different risk strategies quickly and easily. This can help increase acceptance rates and reduce manual review rates, thus lowering call center expenses. This, in turn, helps to reduce demand on internal resources, who can focus energy elsewhere. Then, be sure to utilize early warning indicators, such as increased fraud attempts or increase in genuine sales because of marketing promotions.

eCommerce fraud growth rates

CT: Beyond software, what else can merchants do?

ED: Merchants need to understand where they have weak points, be sure those weaknesses have been addressed – or closely monitored – and tailor their strategies to ensure those weaknesses are not exploited again. If something like delivery fraud has been an issue in the past, identify the areas and behaviors that require additional enhanced decisioning, authentication and verification to mitigate risk.

Also consider other things that may have changed since the last peak period. Are there new product lines, sales channels, payment methods, mobile applications, and/or delivery options? Are these initiatives protected with specific and tailored fraud strategies? It’s imperative to account for this when planning.

CT: How can merchants maintain security and deliver a great customer experience?

ED: It starts with being mindful of the customer experience; fraud solutions must be complementary to a great experience. Identify loyal customers and their preferred channels. Customers today are using many devices and methods when shopping, and it’s important to recognize and to enable this audience.

One way to do this is to use customer consortium profiling and feature calculation techniques – such as the number of times a card has been seen across an entire shared merchant database over a specified time period – to maintain the customer experience for valued customers and ensure good transactions are still accepted, while also mitigating potential account takeover fraud. This maintains good customer experience, while still being strong enough to recognize popular attack methods.

CT: Can you speak a bit about the need for proactivity and manual reviews?

ED: Merchants need to be proactive, but manual reviews aren’t required for all merchants. Merchants should have key data points they are proactivity monitoring and have alerts set up if there are abnormal behaviors. In regard to manual reviews, most of the merchants we work with have accept or decline models, especially during peak volumes, while fewer merchants are conducting manual reviews – these are becoming increasingly automated with the use of automated data authentication services. It’s the ongoing question of “Human vs. Machine” – while all our decision and analytical components are automated and leveraging multiple machine learning algorithms, it’s still necessary to have humans constantly validating the overall strategy and driving the strategy down the correct path.

CT: With all this to incorporate into holiday fraud strategy, how important is it to gain internal alignment?

ED: Very! Cross-functional communication and awareness (with IT, finance, customer services and marketing) can help to build a picture of previous efforts and outcomes, which can then inform how merchants prepare for 2018 peak. It is essential that to gain a 360-degree view of the organization’s seasonal campaigns, changes to payment checkout pages or consumer account logins, and any new customer payment options or methods. Be aware of anything that may inadvertently provide opportunities for fraudsters. Raise concerns about potential problems – and offer solutions that are informed by fraud monitoring processes, analytics and reporting.

Once seasonal plans are known and understood, adjust rules accordingly to allow for the potential changes in genuine customer buying behavior. After all, a successful campaign will drive more sales and possibly form new channels and customers. The marketing department will be quite happy to see their efforts rewarded by a fraud solution that welcomes these new (good) transactions.

CT: Beyond marketing, finance and IT, what other teams should be involved?

ED: Engaging with web and mobile site security management is a must. These teams should be equipped with the tools, techniques and procedures to detect, contain and mitigate botnets (which we predict will account for the highest number of fraud events during the peak season). These events overtake accounts, impact site resources and result in losses.

We recommend regular communication with these teams on a scheduled (often daily) basis during the holiday period. And considering the presence of both good bots (i.e. re-sellers, price grabbers, etc.) and bad bots, merchants must put business policies into place to address this issue with clarity for both teams.

CT: So, with all that said, now what? Continue to monitor and update?

ED: Stay vigilant. Continue to monitor systems and update as necessary. Business intelligence tools and real-time monitoring should give merchants the power to make up-to-the minute decisions and continually improve the experience for genuine customers. Don’t wait until after the peak is over to see how and where you can improve – employ rapid access to fraud intelligence to inform rules changes in real time.


ACI’s fraud solutions support more than 1,500 merchants, issuers, processors and switch networks protecting 17 billion transactions. Find out more about our award-winning Payments Risk Management solution.