Trying to stop cyber-criminals from making fraudulent transactions can be similar to playing whack-a-mole as a kid. As soon as retailers plug a hole, thieves find another way to breach their defenses. Because of this dynamic, online retailers should never stop protecting their business and customer information, especially given the influx of shopping throughout the holiday season.
According to Forrester Research, approximately $248.7 billion of online sales are expected to occur in the U.S. in 2014. Additionally, this holiday season seems like it will be even more prosperous than years before, with predictions estimating that online retailers will see a 19.7% increase in sales year over year (YOY) on Thanksgiving, an 18.9% increase YOY on Black Friday and a 20.6% increase YOY on Cyber Monday. With so much activity occurring, keeping businesses safe and fraud-free is key!
Several factors are at play with fraud occurrences. For one, it’s easier to commit fraud online than in the physical world because of the many ways people can mask their identities, such as by using proxy servers to hide their true location or by creating an alternative IP address for the device being used. Second, online stores are open for business 24 hours a day, seven days a week, allowing criminals to operate at anytime and anywhere in the world. Here are a few tips for keeping these pesky cyber-criminals at bay:
Stay Updated on Trends
To effectively combat criminal activity, e-retailers must continually upgrade their fraud-detection systems and defenses to protect cardholder data. Merchants that don’t stay on top of new fraud trends will not only fall behind advances by these crooks, but they will set themselves up for huge fraud losses. A retailer’s poor security record can lead to stiff fines from the credit-card networks and require high-price fixes to its payment and security systems.
Tailor Security Measures
Retailers cannot depend solely on a blanket fraud-detection strategy, especially if they sell a wide variety of merchandise. For example, a company should have various fraud-prevention strategies for each type of product, regardless of whether it’s a hard good or soft good or whether the customer has an option to pick up the item in store. Each type of product has a different set of fraud characteristics that can be exploited; keeping each strategy specific to the type of item sold will create a solid defense and won’t leave loopholes for criminals.
Real Time Is Everything
Criminals’ growing sophistication in dodging fraud-prevention tools and maximizing their profits from online fraud makes real-time fraud detection a must. At the same time, consumers expect a retailer to prevent fraud without hindering their online shopping trips in any way. Online retailers can turn to companies, like Accudata Technologies, that can verify a customer’s identity associated with the phone number entered at the time of check out in a matter of seconds. By doing so, the process is seamless, and it as saves online retailers unnecessary costs and frustration. Without such strategies, companies can experience slow site performance and diminish a customer’s goodwill, hurting the retailer’s brand and losing sales.
Encrypt, Encrypt, Encrypt
Whether for storing phone numbers, email addresses, tax information or invoices, data encryption will help protect businesses and their customers. Even if the information is lost or stolen, it will be protected and inaccessible if an encryption system is in place. To add another level of security, change passwords regularly and don’t use the same password for all accounts. The combination of encrypted data and ever-changing passwords on all accounts will make it much more difficult for a hacker to access the data.
Require Logins and Strong Passwords
Although it’s the responsibility of the retailer to keep customer information safe on the back end, helping customers help themselves on the front end can ensure they’re being responsible, too. First, require the customer to create a login before purchasing an item. Next, require the login password to have a minimum number of characters and use symbols or numbers. Longer, more complex logins will make it harder for criminals to breach the site from the front end.
Set Up System Alerts for Suspicious Activity
Be on the lookout for suspicious activity. Set an alert notice for multiple orders placed by the same person using different credit cards, phone numbers in areas that differ from the billing address and orders where the recipient name is different from the cardholder name. When an alert occurs, be sure to reach out to the registered customer to verify the purchase information. If you suspect fraud or any type of cybercrime, take the necessary steps in prohibiting the customer from making the purchase and contact appropriate law enforcement to report the suspicious activity.
Make It a Team Effort
One way to keep up with fraud as it happens is for merchants to exchange data about suspicious transactions with the banks that issue credit and debit cards. Although merchants and card issuers have shared information in the past, they did not necessarily exchange detailed data about suspicious activity, such as what was purchased or the shipping destination. Additionally, they didn’t always share the data in time to stop shipment of the order. Communicating and working as a team with these banks can help retailers avoid having to refund money for a purchase and taking a loss for the value of the merchandise shipped.
As e-tailers expand into other countries and offer local payment options, such as bank transfers, as a way to attract consumers who lack credit cards or prefer to pay with cash, these retailers need to be aware that those payment options come with their own set of fraud risks. The best way to understand how to prevent fraud in another country is learning the fraud patterns being perpetrated in each region and how to combat them. To do so, research online for the specific country and any recent reports of fraud schemes.
Selling online shouldn’t be an arcade game. These tips provide simple, easy-to-implement protection for online retailers that will give them peace of mind and the ability to put down the hammer when it comes to fraud protection.
About the Author
Greg Smith is president and CEO of Accudata Technologies. Multi-award-winning Accudata Technologies provides flexible access to data validation through innovative approaches to data transmission. For more information, visit www.accudatatech.com.