Built to power innovative
eCommerce experiences.

pic

Ecommerce Fraud Prevention

Back when Fish Finder Source was an ecommerce store, there was one period of time where I received a ton of fraudulent orders. Unfortunately, I was new to this then, and in the excitement of receiving orders, I fulfilled them without really vetting them.

As a result, I received a string of chargebacks that nearly meant losing my business. A chargeback is when someone calls their bank or credit card company and informs them that they don’t recognize a charge on their statement.

Here’s an eye-opening statistic. In 2012, ecommerce fraud cost merchants a staggering $3.5 billion!

If this happens, the bank will immediately return those funds back to the customer. But where do they get those funds from? Your and my pocket! In the event of a chargeback, the bank will deduct the funds back from whoever they were charged to without even asking the merchant for their side of the story first. How can the bank access your funds? Through your merchant account!

On top of that, you’ll be slapped with a penalty, and you’ll lose a little bit of your credibility. This information actually gets attached to your EIN number, so it sticks with you for good.

Chargebacks are not permanent – merchants can fight them, but the process is long, and even if it comes out in your favor, the fact that you received the chargeback still sticks.

The reason you lose credibility is that ideally, a chargeback should only happen when a merchant commits a fraud on a customer – either not delivering the goods, or falsely advertising their products. So more chargebacks ideally means we aren’t doing our jobs as merchants.

With too many chargebacks(most merchant accounts have a set percentage they allow for per month), you’ll lose your merchant account(as I did mine) and since the data is tied to your EIN number, you’ll have a very hard time getting a new one anywhere.

Now this system is in place to protect consumers – but it is completely consumer-centric, and is built very unfairly for merchants, so some unscrupulous individuals take advantage of this at our expense.
Two major types of chargeback fraud

As a merchant, you’ll face two types of fraud most of the time.

    A cheating customer buys a product from you, you ship it to them, and when they receive their statement, they’ll claim the charge from your store was not recognized. The bank blindly returns them your money. Somebody buys something from your store using a stolen credit card. You ship the item to the thief, and when the original cardholder gets their statement, they don’t recognize your charge, and claim a chargeback.

Dealing with the first one is very easy. Most merchant accounts have a process for you to submit documents that prove you are in the right. Usually, these documents are your original invoice and proof of shipping.

Dealing with the second one gets a little tricky. It’s hazy because you never really know whether the card was truly stolen or not – the only thing you can do after the fact is submit your documents and hope for the best.
Ways to avoid fraud

The best way to deal with fraud is to protect yourself before it happens. While there is no way to protect yourself from an unscrupulous customer, fortunately for us, most people are honest. On top of that, providing good customer service will mean that customers will be very appreciative, most of the time.

On an episode of National Geographic’s Brain Games, the host ran an experiment where a coffee shop barista gave back too much change. Everyone they tried the experiment on gave the change back. When the barista became distracted and gave poor service, though, a few people kept the extra change – but most people still gave it back.

Here are some warning signs for potential fraud orders.

Red flag 1: Different shipping/billing address

For most orders you receive, the shipping and billing address are going to be the same. They may be different on occasion, such as when somebody is buying a gift for someone else. But use your common sense here. My general rule is that if the addresses are close by, chances are someone’s billing address is their home and they are shipping it to their office, or vice versa.

Red flag 2: The IP address of the order is different than the region being shipped to

Most ecommerce platforms automatically log the IP address of where an order was placed from. If you receive an order with a billing address in one place, the shipping address somewhere else, and the IP address in yet another place, something may be fishy.
 
Red flag 3: Addresses are different on big-ticket items

If the products you sell are relatively inexpensive($100 and below), it’s highly unlikely someone is going to go through all of this trouble for something inexpensive. If you are selling electronics, expensive items, or items that can easily be flipped elsewhere, you’ll have to be more careful about things.

If you are doubtful about any order, the easiest way to sort out the confusion is by calling up the customer and confirming what’s going on. Most fraudsters will not have a real phone number – so it’s important that you call, and not email. If you are still doubtful, you can just ask them to send a picture of their driving license and credit card side by side. If they want, they can cover up all numbers except the last four on their card.

When you ask for this information, be courteous and inform the customer that you are asking for this information for their protection to make sure someone isn’t using their information without their knowledge. Once you point this out, most honest customers will not mind complying.

Red flag 5: Repetitive orders

One way I realized that an order I received on Fish Finder Source was a fraud was when I got two orders for fish finders in succession from the same address. One day, I received an order, and I shipped it out. Two days later, after the first order was delivered, I immediately got another order from the same guy for another fish finder. Nobody’s going to need two fish finders in three days! I cancelled and refunded the second order, but I had to face a chargeback and the subsequent loss on the second one.
Red flag 6: Big-ticket orders overseas

One of the fraudulent orders I received was for a $1500 fish finder that was supposed to be shipped to Canada. I fell prey to that one, too, unfortunately, but it was an expensive lesson. If you get a large order for an address overseas, be careful. First, it’s harder to verify the customer, and second, unless you use FedEx or some other expensive private shipping, you have no way of knowing whether or not your order will actually reach the customer. Of course, there’s also the chance that it’s some cybercriminal holed up in a room somewhere, too!

Red flag 7: Shipping address doesn’t look right

It’s time to do some sleuthing! Head over to Google Maps and enter the shipping address, and have a look at it in Satellite View. Is the delivery address somewhere you would expect your product to go? Most of the time, it will be a house or apartment building, or maybe an office building.

What if it’s a warehouse? Or if the address seems to be a little off? One order I received on Fish Finder Source was supposed to be delivered to strange large warehouse. This raised a red flag – because the billing address was different, too.

Red flag 8: Express shipping

Most stolen cards have a very limited window before they are reported stolen, so orders with different billing/shipping addresses and requesting rush or overnight shipping are suspicious – it’s best to confirm with the customer in this case, too.

If you are not able to get in touch with your customer about a suspicious order because the phone number provided was incorrect, you can lookup the billing address in the White Pages and see if you can find a phone number there.
AVS settings

In your merchant account, there are a few security settings you can tweak to set how rigorous the verification process for any credit card transaction is. These are usually called “AVS” settings – which stands for “Address Verification Service.”

Usually the settings will be zip code matching, billing address matching, or no matching. If it’s no matching, just a card number, expiration date, and CVV code will let the charge through. It’s a good idea to have at least zip code matching enabled, and if your niche has lots of fraud, then have both matches enabled.

Refund a small amount

Another neat way to verify if an order is genuine or not was talked about by Andrew Youderian on one of his podcast episodes. If you receive a suspicious order, just refund a small, odd amount like $1.32 back to the customer, and contact them asking for how much they’ve received as a refund. If they are the genuine cardholder, they’ll be able to tell you, no issues. Such a small amount is a tiny price to pay for staying safe!

To finish this post off, here are some fraud prevention apps you can look into.

image
SUBSCRIBE TO NEWSLETTER