The online store, the bank, and the cardholder himself may suffer from fraudulent transactions. In the event of a leak of card data, cybercriminals try to withdraw the maximum amount of money and leave no traces so that online stores deal with banks, who should still reimburse the lost amount.
It is impossible to keep track of the cardholders - the online store cannot know who is on the other side of the screen: an intruder or a respectable client. There is always a risk, but in order to bring its value closer to zero, there are many tools for checking payments and verifying payers. In this article, we will talk about what anti-fraud is, how to check high-risk orders, and also share useful services.
What is Fraud?
Fraud is fraudulent transactions, in particular, on the Internet. There are various types of fraud, most of which are aimed at obtaining the details of a person's bank card or the physical card itself.
High-risk orders in online stores are dangerous not only for cardholders, but also for the owners of online stores, since they are responsible for checking all incoming payments. In case of illegal debiting of funds from the card, the person will apply to the bank for a refund, and the bank, in turn, will withdraw them from the store's account + will take an additional fee.
As a rule, the whole process usually looks like this: as a result of skimming / phishing or any other illegal actions, the bank card holder unknowingly transfers his card details to the attackers, sufficient to make a purchase in the online store.
- An attacker completes an online purchase and purchases a product / service.
- The cardholder, having learned about the unauthorized debiting, reports the loss of money to the bank that issued the card. The bank, in turn, initiates chargeback, that is, the return of the debited funds. The online store must return these funds.
- If the product has already been received by an intruder, then the online store "hits" three times:
- returns money to the cardholder + additional fee for opening a dispute;
- loses goods that have already been paid for from the supplier;
- the percentage of disputes in the payment system is increasing, which may threaten with a freeze of funds or a complete ban on accepting online payments.
To identify fraudulent transactions, both Shopify and most platforms have their own built-in fraud monitoring systems.
How the anti-fraud system works
Antifraud is a system for monitoring and preventing fraudulent transactions that checks each payment in real time, running them through dozens, and sometimes hundreds of filters. Anti-fraud mechanisms work in such a way as to see if there is anything "unusual" in the payment. The task of the system is to check each transaction, find "suspicious" moments and make a decision - to reject the payment or to pass it. The anti-fraud system consists of several components:
- automatic monitoring of transactions, which includes many customizable filters;
- mechanisms for cardholder authentication and card validation;
- monitoring transactions in "manual" mode for extreme cases.
The system can include hundreds of different filters, and the more a business area is susceptible to fraudulent activities, the more filters are included and the more detailed each of them is configured for a specific online store or online service. Fraud monitoring systems do not work perfectly, therefore, in order to avoid possible unpleasant situations, it is necessary to check orders manually.
Checking fraud orders in shops
Before you start verifying a transaction, you should understand that you do not have much time to identify high-risk payments. If this order was made from a USA card, you have 1-3 days to identify fraudulent transactions, from European cards - 7-14 days, but in any case, it is better not to delay the verification period. In addition, European banks do not have an AVS system and such orders must be given special attention during verification, since a fraudster can indicate any address in the shipping.
The first step is to carefully study the field with the cardholder's data - whether the mail and name, payment and postal data match. If the mail is written in the Latin alphabet, but you see the Russian word, you should pay attention - this is not typical for citizens of foreign countries. If the shipping and billing addresses are different, you should contact the buyer shortly and request a receipt or screenshot of the transaction from the bank. We will return to the documents that must be requested in case of suspicion of fraud a little later.
After initial verification on the order page, we will need the Fraud analysis tab where we can learn more about the payment details. Here we see information about the correct entry of CVV, about how many attempts were made to enter, how many cards were used, how many unsuccessful transactions were, etc. And the most important thing is the location of the buyer at the time of purchase and his IP. The radar will show the distance between the customer at the time of ordering and the place where the order will go. We propose to consider in more detail each of the listed points.
Card Verification Value (CVV) is correct. This point says that everything is fine with the order, and the buyer entered the code correctly on the first try.
Card Verification Value (CVV) isn't correct. In this case, the transaction will fail. Even if the CVV is entered correctly, the next time you try to enter it, this is a reason to pay attention to this order.
Billing address or credit card's address wasn't available. The case when the order was made with a European bank card, and you will not be able to find out the real address of the card holder. Despite the fact that the order will not be highlighted in red (high risk) or orange (medium risk) colors, you should still pay attention to it. The icon on the right will be gray.
Billing address or credit card's address available. Everything is in order with the order, the buyer has entered the correct billing address data - the icon next to it will be green.
Billing address or credit card's address isn`t correct. In this case, you can already start contacting the buyer to find out the reason for entering incorrect billing data. The icon will turn red.
Billing address ZIP or postal code isn't available to match with credit card's registered address. You will see such a description of the transaction when paying with a European card, where there is no AVS system. The icon will be gray.
Billing address ZIP or postal code is correct to match with credit card's registered address. The data is correct. The icon will be green.
There were 3 payment attempts. This line indicates the number of attempts to enter card data. Accordingly, the greater the number of attempts, the more suspicious the order looks for an online store.
Payment was attempted with 2 credit cards. In this line, the system says how many cards were used for payment. Likewise, the more cards there are, the more likely it is that the cards do not belong to the person placing the order on your online store.
Location of IP address used to place the order is Akita, Japan. At this point, the system shows where the order was previously made using this card. You can compare whether the parcel is going to the right city. If the locations are different, this is a reason to contact the client.
Shipping address is 1 mile from location of IP address. At this point, Shopify's radar shows the distance between the client and the place where the order will go. The longer the distance, the more questions for the buyer, especially if these are different countries or continents. Even at a distance of 15 miles or more, it is worth contacting a customer. The icon will turn red.
Billing country matches the country from which the order was placed. The point where Shopify reports that the country where the order was placed and the country where the parcel is sent matches. If there is a discrepancy, then you should contact the client and request documents for verification.
The IP address used to place the order isn't a high risk internet connection (web proxy). The item responsible for the purity of the IP. In most cases, it is marked in green because it has a weak IP verification level. That is why we recommend using auxiliary services to check IP. For example,
https://www.ipqualityscore.com/free-ip-lookup-proxy-vpn-test/lookup/.
To check the IP, copy it from Shopify and paste it into the appropriate field on the above site. If the IP is clear, it will be marked with a green LOW RISK label.
Otherwise (bad IP or using VPN / proxy), the service will inform you about it, and the IP will have fraud points, dangerous values will be highlighted in red.
Thus, having opened the Fraud Analysis window, you need to analyze each item and conclude whether you can immediately place an order from the supplier, whether you need to contact the buyer in advance, what documents you will request, which method of communication you will choose, etc. In some cases, you should immediately cancel the order and return the money without any communication with the buyer.
List of documents for client verification:
- Screen or bank statement of the operation;
- Selfie with ID;
- Photo of the card itself without the last 4 digits
What happens if you disable anti-fraud completely or if you enable all filters?
If you use Stripe and turn off the system completely, the store will start skipping fraudulent payments. In the event of a massive skip of fraudulent transactions, the percentage of disputes will increase sharply and the store may be disconnected from the payment system, and part of the funds will be frozen.
Provided that 3D-secure is used, when the buyer is obliged to confirm the payment using a one-time password received via SMS, the online store can minimize losses. However, it is enough that the number of fraud transactions reaches 1-2% of the number of all payments on the site for a certain period, and the issuing bank will already be able to block payments.
In a situation where 3D-secure is not used, the situation may turn out to be more than deplorable: the conversion into successful payments can tend to 100%, but the losses will be catastrophic for the store. However, in the realities of the modern market, it is difficult to imagine the situation with the disconnection of all protection mechanisms - on such conditions, processing, banks and payment systems will refuse to work with the store even at the stage of connection.
When all filters are enabled, the percentage of accepted payments can drop significantly. For some businesses, such protection can simply kill: for example, if we are talking about the sale of air tickets, a restriction by country can negatively affect sales, because a buyer with a bank card can be in some country and pay for a ticket on a website on another country.
Accordingly, when all filters are turned on, we provide a 100% security level, but significantly reduce the conversion into successful payments - the mismatch of the country of the issuing bank, the seller's website and the country from which the purchase is made is a reason not to miss the payment.
The advantages of the system for monitoring fraudulent transactions are obvious - automatic rejection of dubious transactions, protection of the online store from subsequent proceedings with banks, payment systems and real cardholders. And, of course, minimization of reputational and financial risks. The store's reputation will not suffer, and users will trust such a resource, which means that their loyalty will grow.
