You probably know that every day billions of credit card transactions occur online. According to the Nilson Report, transactions on credit cards like Visa, Mastercard, UnionPay, American Express, Diners Club and JCB are expected to reach 800.41 billion in 2026 globally. The region with the highest number of core credit card transactions is the Asia-Pacific, followed by Europe and the United States.
The anticipated increase in credit card transactions is great news for online merchants and, unfortunately, even better news for ecommerce fraudsters, whose activity costs merchants billions every year in chargeback fees.
The most costly online fraud — for now
Did you know that the most common form of ecommerce fraud is Card-Not-Present (CNP) fraud? CNP fraud is of utmost concern for merchants and credit card issuers, because of the costs associated with suspected and actual fraud (chargebacks).
This growing global problem of credit card fraud detection and prevention has spurred intercountry agreements — such as PSD2 — to protect consumers’ privacy. Since merchants and issuers are responsible for verifying a card user’s identity, technology partners have come up with fraud prevention solutions to reduce risks for consumers and merchants.
If you are responsible for your company’s fraud prevention, we want you to know what CNP fraud is and how to prevent it with 3DS2 solutions, like GPayments. Because what you don’t know about fraudulent purchases should frighten you.
What online merchants need to know about ecommerce fraud prevention
Ecommerce merchants ought to be aware of the increase in fraudulent activity. CNP fraud may sound like someone has stolen your actual credit card, instead, this type of fraud uses stolen card details.
Online fraud is growing
When a stolen credit card’s information is used online, fraudsters do not have to contend with the high level of security embedded on an EMV chip. The information on the chip is only detected by an EMV reader, and these smart cards are impossible to duplicate. What contributes to the increase in e-commerce fraud? Large transaction volumes and their high value are too enticing for fraudsters.
Shockingly, a fraudster can buy credit card information on the dark web very affordably. According to Experian, a credit card number with its three-digit credit verification value (CVV) costs only $5 USD. Credit card information can also be obtained via hacking, phishing, malware or stealing credit card applications.
There are other types of CNP fraud, such as refund fraud or friendly fraud, which involves a cardholder making a purchase and then reporting a fraudulent transaction to their credit card. Friendly fraud is hard to detect because it is committed by an authorised user. Nonetheless, CNP ecommerce fraud results in the merchant incurring costs like loss of inventory, paying the refund and a chargeback fee.
The Federal Reserve Bank of Kansas City reported that merchants incurred 70-80% of chargeback losses. As online fraud grows, the share of that burden disproportionately lands on ecommerce merchants.
Business impact of ecommerce fraud
No one likes the thought of being cheated, and transaction fraud brings a particular salt to the ecommerce merchant’s wound, called the chargeback fee. It is estimated that these fees cost U.S. merchants $40 billion. Consider the cost per fraudulent payment. An average online transaction is between $100 to $500.
When an ecommerce merchant transacts with a fraudster, they will lose more than the cost of the item. Depending on an acquiring bank’s rate, each refunded charge could cost between $20 to $100 for costs associated with covering a chargeback. Meaning, for every $100 transaction made with stolen information, the actual price is $240.
The chargeback fee is a direct cost for repaying 100% of the charge to the issuing bank and the fees for handling the process. There are other risks and costs related to chargebacks:
- A higher transaction fee assessed by payment processors for an unfavourable chargeback ratio. If the ratio is too high, a merchant can be terminated from a credit card network resulting in the inability to accept that card as payment.
- Credit card networks enforce monitoring programs upon merchants with high chargeback rates in hopes that they will improve their fraud detection. These programs come with their own monthly fees (some in the thousands).
- Customer friction (steps to purchase) can result in losing loyal customers and lead to higher new customer acquisition costs and reputation loss for the merchant.
The exorbitant and growing expense of chargebacks to merchants is enough to do everything possible to guard against CNP and other types of online payment fraud.
Detecting fraudsters online
Card-Not-Present fraud can be particularly difficult to detect online without the right fraud prevention technology to help them verify and authenticate their customers’ identification. Merchants may not have
the capability to discern “friendly” refund fraud from CNP fraud. Nonetheless, issuing banks fulfilling a disputed charge request from their customer compel online sellers to pay chargeback fees. No doubt, the stakes are high for ecommerce merchants trying to avoid a high chargeback ratio, higher transaction fees and customer friction.
Detecting suspicious activity is a merchant’s first line of defence against actual CNP fraud.
Protect your business and your customers’ data
Cyber criminals are good at phishing or hacking their way to stolen information. Did you know that in the U.S., where credit card and identity theft are among the highest in the world, fraudsters opening new accounts increased 88% between 2018-2019? In light of greedy tactics, online merchants must protect their customers’ data and their own.
While there is no way to totally prevent online deception, and in particular card-not-present fraud and identity theft, there are fraud detection solutions that can help to prevent a stolen credit card’s information from being used dishonestly.
Fraud prevention regulations
In light of the global problem online CNP fraud presents to consumers and businesses, the European Union created a Payment Services Directive in 2007 and revised it in 2018. The second directive is known as the PSD2. This directive for payment service providers and ecommerce merchants established technical standards for authentication, incident reporting and security measures for security risks that all major card schemes support.
Furthermore, the EU put in effect a General Data Protection Regulation (GDPR) for any business that offers goods or services in the EU in 2018. The GDPR requires demonstration of compliance with transparent information handling practices that protect personal data.
The PSD2 created a regulatory framework for ecommerce fraud prevention that mitigates chargebacks and enhances the payment experience for customers.
3D Secure 2 is welcome news
In response to the PSD2 standard for strong customer authentication (SCA), a protocol dubbed 3D Secure was developed by Arcot Systems and Visa to more securely transmit information to issuing banks. Until 3DS2, online sellers integrated a risk management solution that was costly. The up-front investment in a risk-based solution could run companies AUD$150 – AUD$500,000. Today, a 3D Secure 2 solution shifts the liability of chargebacks from the merchant to the issuing bank. Similarly, 3DS2 does the following for online businesses:
- Eliminates the cost of a risk management solution.
- Removes chargeback fees.
- Reduces the risk of a high chargeback ratio that might increase your transaction fees or place your business in a monitoring program.
- Reduce cart abandonment rated
- Frictionless flow
Learn more about how PDS2 and its new SCA regulations play an important part in fraud prevention, for the benefit of ecommerce merchants in our article.
You now know that ecommerce fraud prevention is multi-layered and that there are powerful solutions available to protect your customers’ data and your business. It is also important to remember:
- Card-Not-Present and other online transaction fraud costs businesses $40 billion annually in the U.S.
- Chargeback fees amount to $2.40 for every dollar.
- 3D Secure 2 shifts chargeback liability from merchants to issuing banks.
Where there is greater security there is also an opportunity for an enhanced online buying experience. Customers will no longer be frustrated by the verification process, they would not even know it is there.
When you use a 3D Secure 2 fraud prevention solution, your customers enjoy a frictionless payment experience with you. GPayments takes care of CNP fraud for ecommerce merchants. Contact us.