While it is important to mitigate fraud, you want to be sure that you are not inadvertently denying legitimate business. With the current credit card system in place, we are not as protected as a traditional retailer is. Because we are working in a “Card Not Present” environment, chargebacks will occur. We have found on average, 12% of your orders may appear to be suspicious, but only 1% will end up being fraudulent. It is very important that you don’t insult the 11% legitimate customers just to catch the 1% fraudulent customers. While working with digital products, losses are less formidable because there are no shipping fees and no items to be lost. The following information will help you to differentiate between legitimate customers and fraudsters.

Our administration area has many pieces of information that should receive consideration when fulfilling an order. Among the information you should be taking note of is the amount of the purchase, the credit card used, the AVS and CVV responses, the language of the sales page, name, email, billing address, and IP address. When reviewing an order, be sure that the amount of the sale makes sense with what is being purchased. If a customer places multiple orders in a short period, pay attention to the card being used for each sale. If you notice many transactions being placed with multiple credit cards, this is a possible indication of fraud. American credit cards have built in security features such as AVS (address verification system) and CVV (security code on the card). Although our system captures this information, it is not always 100% accurate. You should not depend solely on these two pieces of information, as we can receive inaccurate responses. People move and the security code can be rubbed off the card. You should not base your decision on these two pieces of information alone. Use this information in conjunction with the other tools available to you to make your determination.

The information on the sales page can tell you a lot about the customer as well. The name, the email address, the language of the customer, the IP address, and the billing address should have some continuity. If you notice discrepancies between the IP and billing address, this can be an indication of fraud. Likewise, if you notice discrepancies between the name, email address, and language of the customer, this can be an indication of fraud. Keep in mind that in today’s world of business, it is common to see discrepancies between these pieces of information. Please consider all of this information when you receive our fraud review. We strongly advise that you do not fulfill services until receiving our review. Unfortunately, we cannot guarantee that our review is 100% accurate. You know your business and customers better than we do, so it is important that you review the orders as well. If at anytime, you feel that we have made the wrong decision, or you would like a second opinion, please contact us and we will be pleased to conduct a manual review.

2Checkout has matured with the evolution of fraud. We continue to compile various tools for you to use. Utilizing the tools available to you can help differentiate between fraudulent and legitimate orders. As long as you consider all the information when fulfilling services, you should be able to mitigate losses due to fraud. The importance of keeping your insult rate low cannot be overstated. Allowing legitimate business is far more important than catching every fraudster. You can contact us 24 hours a day 7 days a week. We are here for you.

By Jamal and Nathan

A merchant selling PC to Phone services was being targeted by a fraud ring. This type of fraud is very tricky to catch. The orders appeared to look legitimate. The card BIN, billing addresses and I.P. addresses all matched. What tipped off the fraud analyst to further investigate this, was the spelling of the customers’ names, name placement, and the frequency of the orders. Most orders had a French I.P. address, but there was one with the I.P. of Côte d’Ivoire. This one mistake led us to believe this was fraud coming out of Ghana. Using some deeper methods of fraud detection such as Device Identification, we were able to connect the orders to each other.

Intervention:

• We added the account to our Fraud Monitoring program.
• The Fraud Monitoring Program is a program developed to provide a magnified look into the account. We monitor accounts who receive fraudulent orders regularly missed by our internal-automated Fraud System. Accounts that we see fraud chargebacks come in where the system approved the order/s. Representatives within the Fraud Department are assigned a list of accounts where they check the account daily, review the last day’s worth of sales to ensure the Fraud System didn’t approve orders it shouldn’t have. In the cases where we do find a fraud order approved by the system, as long as we are monitoring daily, we will have caught it within 24 hours. We can notify the merchant, and take corrective action. This provides an additional level of protection for our suppliers.
• The orders that are determined fraudulent are canceled before the funds have a chance to deposit.
• Weekly reports are generated and shared between the account analysts and supervisor to determine the program’s success and what other steps should be taken.

Results:

• We caught fraudulent orders that were previously approved and canceled them. We added those orders to our negative database. Adding the information attached to the order allows us to manually review new orders with identified fraudulent information. This process makes it harder for the fraudster to make repeat purchases using the same information.
• Creates a barrier from the fraudsters targeting one merchant with multiple orders with different information.
• Lowers the merchant’s fraud chargebacks
• Frustrates the fraudsters into moving on.

Nicole and LaShona 2Checkout Disputes Team

Types of customers and fraud:

With all new accounts, we must start from the ground up. From the moment our partnership begins, we attempt to assess what types of customers our merchants will be receiving. For the purpose of this study, we reviewed one of our new accounts and will now refer to them as “Supplier A“. In the case of Supplier A, several discrepancies were located in each order placed through their system. We noticed discrepancies between the billing information and the IP addresses, as well as discrepancies within our internal tools. While not unusual to find orders with these types of discrepancies, we did find that each new order placed had very similar discrepancies. This made it appear that the same person or group was attempting to circumvent the fraud review process and get by undetected. When we noticed such a large percent of Supplier A’s orders with these same discrepancies we then proceeded to take a higher level of caution with all new orders reviewed. It appeared that the trends changed slightly, receiving orders with matching billing addresses and IP addresses but suspicious email addresses as well as substantial and consistent discrepancies within our internal tools. This may have been the work of the same person or fraud ring placing the original orders, but it is also possible that the vendor was being hit by other fraudsters.

Fraud types and the likelihood of fraudulent activity:

Supplier A is providing a virtual private network or VPN service. A VPN service is both an intangible service and easily accessed long before the legitimate cardholder is likely to notice this fraudulent transaction, making this service a prime target for fraudsters. Knowing that this service is highly likely to attract fraudulent activity, we will be more prepared and inclined to contact the customers to provide a more in-depth review of the customer before reaching a conclusion.

Friendly fraud:

Unfortunately, everyone is at risk of friendly fraud. A VPN service, however, is less likely to receive this type of fraud than a vendor providing a product or service of a more personal nature such as dating or adult products. Friendly fraud is also the most difficult type of fraud to catch, as the correct information is generally listed on the order. The customer is more likely to report this as fraud if they do not recall the purchase or issuing a charge back instead of requesting a refund. Suppliers should keep records of the order, communicate with the customer, and save any other pertinent information to aid in disputing these charges when the time comes.

How can we minimize the risk to the vendor and the overall results?

The best advice that we can offer to any vendor is to be proactive with their own orders. Review any order, even briefly, to look for discrepancies listed on the vendor page or the information listed within their own system that we may not be able to access. If a vendor is suspicious of an order due to the discrepancies they find, or for any other reason, we encourage them to research it further. One of the most readily available tools around is the internet, and there are several helpful tools that are free for anyone to use. Google maps will help you know if the address listed is a home, business, or even an empty field thanks to the satellite images. The directions feature is also quite useful, letting you plot the distance between the billing address and the IP location. An IP location 500 miles away from the billing address tends to be a bit more suspicious than one within 50 miles. Another useful tool is whois domain tools this lets you check where an IP is coming from or search on an email domain to find out additional details. Is this an established business that has been around for years, or was the domain just created recently to appear legitimate? There are countless tools available to anyone if they wish to search for information about a customer. Our merchants are also more than welcome to contact us by emailing fraud@2co.com through our ticket system or by calling 877-294-0273 to express concern. We will take an additional look into the order with any new information provided. Once a vendor is aware of the types of fraud that they receive, they are more likely to understand and locate the types of fraud that they may be getting.

The world of fraud is ever changing and while we would like to say that we can prevent every instance of fraud, this is unfortunately not the case. Only by working together will we be able to provide the most effective protection.

Mike and JR – Fraud Department

All types of e-commerce companies have dealt with friendly fraud at one time or another. Within the past few years there has been an increase in deliberate friendly fraud. There are a few factors that have contributed to the rise in deliberate friendly fraud; such as the shape of the economy worldwide, individual financial situations, and consumer’s knowledge of how to take advantage of the banking system. Unfortunately, the economy can impact a person’s financial stability which can cause this type of deliberate fraud. What someone can afford today, they may not be able to afford tomorrow. This can lead them to drastic measures to hold on to any funds they have.

Another type of friendly fraud are fraudsters that regularly manipulate the system to get their products for free. Since these fraudsters are constantly finding new ways to use the system to their advantage, there is no real way to avoid this type of friendly fraud from happening. Basically the only thing that can be done is to try to protect your business as much as possible.

Accidental friendly fraud is when the consumer mistakenly disputes a charge and doesn’t take the incentive to rectify the situation. In many cases it can be helpful to contact the customer directly to give them additional information about the charge and the product or service that was purchased. Accidental friendly fraud can be easily fixed. Once the consumer realizes they made the mistake, they remedy the situation. The following suggestion may help to avoid this type of friendly fraud. If your business uses a reseller, a payment processor, or any type of third party billing service; such as 2Checkout.com, PayPal, Clickbank, WorldPay, or Google; it is very important that your customers are aware of this. Placing this company’s information on your website and on your receipts will help customers recognize the charge on their billing statement. An additional feature available to 2Checkout.com suppliers is the use of a “soft descriptor”. Each supplier can enter their own “soft descriptor” to be included within the description sent to the credit card companies when a credit card is billed.

With all of this in mind, before you send a product or provide a service to a customer, make sure you know the customer. If you don’t know them or are skeptical, use the tools on the internet or any other tools made available to you in order to screen the customer. You may request that the customer fax information to you such as their photo ID or a utility bill. Additionally, you may contact the Fraud Department to request that 2Checkout.com require additional documentation from the customer before providing the item(s) ordered.

These preventative methods may lower the chance of receiving a fraud related chargeback. However, even with doing all of this, there is really no way to predict cases of friendly fraud. It is a good idea to prepare your business for these special cases. The best way to prepare is to keep all documentation about the customer, the product/service that was provided, and any contact you have had with the customer; as these may be needed to challenge a chargeback. Some examples of documentation you should retain are:

• Proof of Successful Download
• Proof of Product Usage (Login, IP, etc.)
• Signed Terms Of Service/Contract
• Signed Proof of Delivery/Delivery Confirmation
• Tracking Pictures of Shipped Products
• Detailed Description of Product

Since there is no real way to stop this type of fraud from happening, a good business practice is allocating funds to offset any possible losses due to all types of friendly fraud. This can help ensure your business continues to grow while you are trying to recoup the loss of funds from the chargeback. All online companies spend time and money looking for fraud, but fewer companies spend enough time gathering the information required to fight friendly fraud. As this is “Fraud Awareness Week” we decided to take this opportunity to remind you that friendly fraud is out there and can negatively impact your business. With all of this information, you can be better prepared to fight friendly fraud.

Amanda and Leona – Disputes Department

“This weeklong campaign encourages business leaders and employees to proactively take steps to minimize the impact of fraud by promoting anti-fraud awareness and education.”

Share your ideas with us this week in a series of articles that will help define different types of fraud, highlight 2Checkout’s role in fighting fraud, and what we can all do to reduce the amount of fraud. By working together and communicating our ideas we can make online shopping safer for both customers and merchants.