How e-commerce fraud works

How does
e-commerce fraud work?

With the increase in ecommerce sales due to the pandemic, the volume of fraudulent transactions is increasing as well. What causes e-commerce fraud and what can online business do to manage it?

A report by Google and Temasek in 2016 forecasted that Southeast Asia’s internet economy will exceed US$200 billion, but with recent developments, it is no surprise that the growth rate has greatly accelerated, benefiting online merchants. However, online merchants are not the only players who are looking to scale up their businesses, fraudsters are also taking advantage of the situation to engage in more illicit activities. Most recently, a whopping 34 million user records from 17 individual data breaches were up for sale on an online forum which claimed to have data such as names, phone numbers and partial credit card numbers.

What are the consequences of fraud?

Needless to say, fraud attacks including data breaches have far-reaching consequences for both consumers and the corporations involved. Following fraud attacks like a data breach, cybercriminals typically put up the stolen consumer information for sale on the Dark Web. And armed with the stolen data like login IDs, passwords and credit card details, fraudsters can easily access various accounts of the same user, especially since most users use the same password across their online accounts. This hijacking or hacking of an account is also known as account takeover.

Responsibility of Businesses

Businesses are not spared from the consequences of fraud either — besides direct revenue loss, consumer trust and brand loyalty are often weakened. According to a report by PwC, majority of consumers said that they would choose to shop elsewhere if their data has been compromised.

The same report also found that 60% of consumers felt that corporations are responsible for protecting their data. Fortunately for merchants, there are ways to deal with the impact of malicious fraud attacks and prevent them from happening.

Protection Against Account Takeover

1.Set Up 2FA authentication

A tool that online retailers can consider using is two-factor authentication (2FA) which adds a layer of security on top of typical login credentials such as username and password. However, if done aggressively, verifying login using 2FA can greatly disrupt user experience and users often choose to disable it if given a choice to do so.

This is where having a system that uses dynamic friction can be helpful to provide legitimate users with a seamless experience, while blocking fraudulent transactions and requesting for further verification.

2. Fraud Detection Technologies

Most fraud detection technologies in the market are mostly either rules-based or machine learning. Rules-based fraud detection utilise the if-then logic which is effective in detecting known patterns of fraud. However, the nature of fraud isn’t static, with cybercriminals continually looking for new ways to mine and steal data. This also means that the logic behind rules-based fraud detection is unlikely to be agile enough to keep up with the ever-changing nature of fraud.

On the other hand, fraud systems that deploy machine learning technology can adapt and uncover emerging patterns of fraud, and, if done well, can do so without disrupting the user experience of legitimate users.

Poccupine’s payment gateway is integrated with Sift’s fraud detection technology, which scores users in real time using years of data spanning over 6,000 sites and app to pick up on potentially fraudsters in real time to prevent fraudulent activity including account takeovers.

About Poccupine

Asia’s online payments environment can be complicated with the inherent fraud risks and ever-growing number of payment methods. Simplify your payments with Poccupine, Asia’s payment service innovator. Learn more about Poccupine and our services here.

Start accepting payments securely.
Speak with us to learn more.
By using this site, you acknowledge and accept our privacy policy.
Dismiss