The True Cost of eCommerce Fraudby Vesta E-Commerce Blog May 3, 2021
This article takes a closer look at how much fraud is really costing merchants, and what companies can do to better balance their acceptance and fraud rates.
When it comes to eCommerce fraud management, businesses tend to focus on the direct financial hit from chargeback remediation rather than examining their fraud problem holistically. Beyond the financial impact that fraud attacks have on a business, there are a variety of indirect costs that can negatively impact a company’s ability to scale.
In this article we’ll be looking at the key costs associated with eCommerce fraud, and how businesses can effectively manage their fraud problem to maximize approval rates and eliminate their fraud risk.
Here’s what we’ll be covering:
- The current state of eCommerce in 2021
- The collateral damage of mismanaged fraud
- How to manage fraud holistically
- Next steps
Note: This article is based around content that was presented in a recent webinar for Merchant Risk Council, “eCommerce Fraud: It’s Costing Merchants More Than They Think”. To view that webinar recording, please visit the MRC Website.
The Current State of eCommerce
It’s no secret that eCommerce penetration has increased dramatically since early-2020. It’s estimated that consumers spent over $861 billion online with U.S. merchants alone in 2020, which is up by a staggering 44% from the prior year.
This unprecedented growth in online spending continued into 2021, with Q1 eCommerce sales in the U.S. reaching $196.6 billion – a 39% increase over the prior year.
The widespread adoption of the eCommerce channel by traditional brick-and-mortar retailers was a key driver in this spending increase.
Here’s the problem: the sudden growth in online spending has prompted a rise in card-not-present (CNP) fraud. In 2020, CNP fraud cost merchants an estimated $35.54 billion globally. That number is only projected to grow as more consumers shift to eCommerce as their primary channel for purchasing products and services.
What are the driving forces behind this increase in fraud?
- New purchasing behaviors makes it difficult to identify fraudulent transactions. Traditional fraud prevention software relies on identifying patterns in purchasing behavior to help spot fraudulent orders. As purchasing behavior fluctuates—as it did quite often throughout the pandemic—it becomes challenging for fraud platforms to quickly adapt and understand this new behavior. For example: Last year, eCommerce brands that sold home office supplies likely experienced a dramatic increase in orders when consumers shifted to working from home. This unexpected change in average order volume presented an opportunity for fraudsters to bypass the typical risk threshold rules that may have been in place several months prior.
- Merchants don’t have the proper tools to prevent fraud attacks. Many eCommerce businesses simply weren’t prepared for the influx in fraud attacks that have occurred in the last year. Merchants that were new to eCommerce may not have had the proper tools to effectively prevent fraud. Traditional identify verification methods that use physical attributes (IP address, date of birth, social security number) are becoming less effective at accurately identifying fraudulent orders.
- The scale and sophistication of fraud attacks is expanding. The use of botnets and automation is allowing fraudsters to carry out attacks at a much greater scale than ever before. Traditional identify verification methods that use physical attributes (IP address, date of birth, social security number) are becoming less effective at accurately identifying fraudulent orders.
As fraud becomes an increasingly difficult problem to manage for merchants, the costs associated with fighting fraud are also increasing.
The Collateral Damage of Mismanaged Fraud
Both the direct and indirect costs associated with fraud are increasing along with the rising number of fraud attacks.
A 2020 report from the Association of Certified Fraud Examiners revealed just how impactful CNP fraud can be on a business’s bottom line. The report noted that companies lose roughly 5% of their revenue to fraud each year. This is factoring in chargeback-related expenses, lost inventory, operational costs associated with shipping fraudulent orders, and false declines.
False declines are undoubtedly the most detrimental result of fraud. Merchants are projected to lose $443 billion in false declines by the end of 2021 alone.
Direct fraud loss is a significant component of the total cost of fraud, but we can’t overlook the fact that it’s also the catalyst for loss in other areas of your business. The indirect cost of fraud may not be as easily measured, but it’s just as detrimental to the success of your business.
Consider the following indirect costs that CNP fraud can impose on merchants:
- Decreased customer trust. Falling victim to a fraud attack can erode customer trust and influence the perceived trustworthiness of your brand. In a recent survey, 81% of consumers said they would stop engaging with a brand online following a data breach.
- Increased operational costs. Businesses that deal with a high volume of fraudulent transactions often need to employ an in-house fraud team to manually review transactions and ensure that their fraud software is working properly. Additionally, chargeback remediation can put strain on your finance team as it’s not always a simple process to undergo.
- Damaged customer experience. If your fraud software interferes with the customer experience of your website, it’s very likely that users will switch to a competitor before they purchase from you again. For example, if your website’s checkout process involves multiple ID verification steps, this friction will result in customers bouncing from your website before completing their purchase.
- Tarnished brand reputation. If your company has a high fraud rate, you can potentially be flagged as a high-risk vendor by card networks. This will result in higher card processing fees, and in some cases may lead to your business getting blacklisted by a card network.
Many businesses are investing in fraud prevention platforms to protect their revenue. If you’re worried about the cost/benefit of paying for these services, check out Vesta’s fraud savings calculator. This can help you make an informed decision.
- [Infographic] The Direct and Indirect Costs of Fraud
- [Blog] What Are the Costs of Not Having eCommerce Fraud Protection?
- [Whitepaper] Addressing the False Decline Epidemic
How to Manage Fraud Holistically
Businesses need to take a strategic approach to how they manage and prevent fraud. Organizations that move towards a holistic fraud prevention program don’t just manage fraud more effectively, but also have a better structure for preventing future attacks.
Here are six key principles that will help to improve your ability to fight fraud:
- Understand your fraud and acceptance rates. Understanding how your fraud rate is measured is the first step in learning how to effectively manage fraud. If you were to accept 100% of the transactions that come through your website – how many of those transactions would be fraudulent? Measuring your fraud and acceptance rates against industry benchmarks will help give you a good idea of how your business should be performing.
- Implement strategic, not stringent rules during checkout. Many fraud prevention platforms rely on pre-determined rules that flag orders as fraudulent if they don’t meet a specific criteria. For example, orders that are placed with a domestic billing address but an international shipping address might be flagged as fraudulent, even if the order is placed by a legitimate customer. Merchants need to optimize their fraud detection rules based on extensive knowledge of their audience. This is one of the best ways to improve the success rate of future transactions and reduce the likelihood of false declines.
- Employ low-friction authentication. Use biometric and behavioral analytics to reduce friction with authentication and validation during the checkout process. Biometric authentication is less intrusive on the customer experience and is becoming a standard for eCommerce businesses.
- Implement return and refund policies that minimize friendly fraud. Instead of filing a chargeback with their banks, you want your customers to reach out to you and facilitate a refund and return for products that did not meet their expectations. Make sure that your return and refund policies are prominently displayed on all relevant channels such as your website, social media channels, order confirmation emails and receipts.
- Integrate machine learning solutions to improve speed and decisioning. AI and machine learning combine to create computer systems and machines that think like us but faster, more reliably… and never need to sleep. For fraud prevention, that means many more sources of data can be analyzed, from more angles, in real-time. Use manual reviews periodically to allow your fraud managers to understand what transactions were automatically accepted, declined, and submitted for further evaluation.
- Invest in fraud-related chargeback guarantees. Investing in fraud-related chargeback guarantees is like investing in insurance policies. The reality is at some point, you will be hit with fraud-related chargebacks. The volume of chargebacks can be higher or lower depending on the season (i.e., peak shopping seasons are often associated with higher chargebacks). Having a chargeback guarantee minimizes the financial loss on your end.
Applying these principles to your fraud management program will help you achieve more impactful results and will lead to significantly reduced fraud losses in the long-term. The direct benefits you can expect to see from a well-managed fraud program include:
- Higher approval rates, and increased revenue
- Increased customer lifetime value
- Simplified and frictionless customer experience
- A better view and understanding of your target customers
- [Whitepaper] The Merchant’s Guide to Chargeback Management
- [Blog] eCommerce Fraud Trends You Need to Know About
First appeared on Vesta’s Blog on eCommerce Fraud.