In 2016, hacked credit card fraud reached $4 billion, a record amount. And it’s likely to grow again this year. Since 2010, “card not present” (online) fraud in Canada has increased by 205% - in 2015 alone, it rose 24%. As e-commerce continues to grow at a rapid rate, these numbers will continue to rise.
What's often obscured by almost incomprehensibly large numbers like these is the impact of fraud to an individual business. Credit card fraud at any scale can be devastating to a business, costing it more than simply merchant penalty fees or lost products but also staff time, institutional reputation, and morale. Speaking from personal experience, when confronted with fraud it's hard not to feel under siege.
The Summer Siege of 2016
Such was the case last summer when attractions around Vancouver and Vancouver Island noticed a sudden and very significant increase in fraudulent online activity. In spite of every effort being made jointly to combat fraud, losses continued to mount because when it comes to credit card fraud online, the criminals sadly have the advantage.
There are a number of reasons for this, but ultimately, the security measures currently employed by banks to combat online credit card fraud are ineffectual. Checking CVV (“card verification value” - that number on the back of your card) and AVS (“address verification system” - comparing the numeric portions of your billing address) can't prevent fraud. Making matters worse is the fact that merchants generally don't find out about a fraudulent transaction for days or even weeks afterwards, discovering it only after the bank (having been notified by the cardholder of the fraud) has pulled the money out of the merchant's account.
As the business accepting payments, you are ultimately responsible for ensuring that your customer is who they say they are. If a transaction is fraudulent, you’ll be liable to reimburse the charge as well as the loss of any goods or services already provided. The costs add up quickly.
LexisNexis has reported that on average, US merchants have incurred an 8% increase over last year in the cost per dollar of fraud losses, from $2.23 to $2.40. This means that for every dollar of losses, merchants are losing $2.40 based on chargebacks, fees, and merchandise replacement.
With fraudulent transactions, not only do you lose revenue and merchandise, you also get dinged with fees and fines (“chargebacks”) by processors. Those penalties can range from $15 - $100 per chargeback, with additional (hefty) fees if you exceed your chargeback threshold. On top of that, the lost labour costs involved with processing and investigating dodgy transactions, the risk of declining legitimate purchases, and the detrimental impact on reputation all add up to compounding losses.
We did not want to employ such a strong anti-fraud strategy that we ended up with false positives and the blocking of legitimate purchases and the consequent load on the customer service team. But we were also unwilling to accept that this fraud was simply a "cost of doing business." We considered several potential solutions before settling on one: Stripe.
Stripe is a modern software platform which enables merchants to process credit cards while dynamically tailoring their risk tolerance. It makes use of powerful Artificial Intelligence and Machine Learning tools that are constantly learning from the transactions of more than 100,000 stores globally. It also enables businesses to customize “rules” or methods that evaluate payments based on their specific criteria - including the more common checks such as CVC and AVS, as well as rules that block payments from certain countries or card types that you’re experiencing increased fraud from.
For our client, deploying Stripe had an immediate effect. Names and email address that had previously been connected with recurring fraud suddenly disappeared, unable even to attempt processing a transaction. Chargebacks dropped to virtually nil thanks to AI-blocked transactions and the ability to immediately review AI-flagged suspicious transactions. Quite simply, the advantage was taken away from those who commit fraud and put squarely back in our client's hands.
Fraud remains an ever evolving threat. But with the right tools and partners it can be one that your business can get in front of and actively combat.