Four ways to adapt your business to the changing fraud landscape

What is it that unites ecommerce across size, industry, business model, and geography? The answer, unfortunately, is fraud.  

Whether you’re running a clothing store in Latin America or a subscription business in Europe, your fraud risk—and potential for revenue loss—has likely grown noticeably over the past two years. And it’s only getting worse. If you’re like most business owners, you’re finding it more challenging to strike the right balance between cutting back on fraudulent transactions without hurting legitimate business and reducing losses without increasing operational overhead. 

Stripe, MYFUNDBOX's financial infrastructure platform, recently published an in-depth report on the state of online fraud around the world. Stripe surveyed 2,500 business leaders in nine countries and analyzed data from billions of attempted payments across millions of businesses on Stripe over a two-year period.

The findings were illuminating. Among them: 

• 64% of global business leaders say it’s become harder for their business to fight fraud since the start of the pandemic. 
• Early in the pandemic, Stripe observed a 156% increase in product-related disputes. 
• 40% more businesses experienced attempted card testing attacks. 
• Fraud increased everywhere, but the rates varied widely by region and country. 

What accounts for the dramatic increase in fraud? Quite simply, the historic wave of ecommerce growth since 2020 opened up a wealth of opportunity to fraudulent actors. Businesses came online in record numbers, and new ones were created each day. To give you a sense of the scale of growth, in 2021, businesses on Stripe processed more than $640 billion in payments (up 60% from the year prior), and 1,400 new companies (and 100 non profits) joined Stripe each day. 

While at first glance the situation may seem dire, our friends at Stripe have identified, based on their predictions for the evolution of fraud, four key ways that you can adapt and stay a step ahead of the fraudulent actors. 

Interventions are, essentially, a “challenge” issued to customers to prove that the transaction is legitimate or otherwise authorized. Instead of automatically blocking suspicious transactions, they allow businesses an additional check and ultimately enable more legitimate transactions. Interventions can take many forms, including CAPTCHA tools, identity verifications such as scanning a government ID, card scans to ensure the customer has a physical card, and 3D Secure (3DS), which requires completion of a two-factor authentication. 

Interventions are becoming an increasingly popular way to avert fraudulent actors without sacrificing customer experience. Stripe analyzed the 3DS intervention in particular and found that adoption increased across the board in 2021. 3D Secure is an especially important intervention for companies doing business in Europe, as it’s the main card authentication used to meet the European Strong Customer Authentication (SCA) requirements. 

Consider employing a mix of interventions, and tailor them to your business needs. Remember, there’s no one-size-fits-all approach: The key to successful fraud mitigation is to select the right intervention, the right intervention trigger, and the right placement in the user journey based on your organization’s margins and unique risk tolerance. 

Stripe predicts that the next big wave in fraud management will center on gathering richer data to provide a holistic view of the customer and better inform fraud models. So what does that mean, exactly? Machine learning has gone from “new frontier” to table stakes.  There is, however, a wealth of data that each business possesses—if they are able to consolidate it—that can augment the results of machine learning. 

Many businesses are already collecting data from across the customer journey that can give a holistic view of a customer’s risk—including behavioral data, social networking data, biometrics, and enriched third-party data, among other things—but the tools and technology used to gather each of these data points are often in siloed, disparate systems.  

It may be a good time to invest in new technologies to unlock and consolidate your customer data (in a compliant way), enabling your organization to reach a greater degree of accuracy in detecting and fending off fraud. 

Fraud isn’t a battle you should fight alone. Combatting a problem as large and ever-shifting as fraud necessitates collaboration and a sharing of resources across entities. In this case, information is a key defense.  

When your customer completes the checkout process on your site, your payments provider sends the details to the customer’s bank (the card issuer) for authentication. Based on limited information received, the issuer then calculates the fraud risk of the transaction. 

It should come as no surprise that limited information can lead to lower authorization rates, but the scale is indeed stunning: False declines in 2021 resulted in lost revenue to the tune of $443 billion. But, as we mentioned above, most businesses like yours already have relevant customer data that can better inform the fraud risk calculation. Even the simplest of data points such as email or billing addresses can help. Combining this data with the issuer’s data can yield more accurate predictions, thereby increasing authorization rates and decreasing fraud rates in the process. 

Larger businesses are beginning to invest in the technology needed to integrate with issuers in an effort to mitigate fraud risks. Smaller businesses that are not ready to make that investment may want to instead rely on their financial partner or payments provider to help facilitate that flow of information. 

Customer payment preferences have continued to shift over the years, and many businesses have adapted, offering newer payment methods like buy now, pay later (BNPL), crypto cards, and digital wallets. BNPL in particular, has seen accelerated adoption around the world—in fact, it was the fastest-growing payment method in both India and the UK in  2020.  

Some of these newer payment methods can be more susceptible to fraud than traditional payment methods. For example, BNPL transactions can fall prey to fraudulent accounts opened during a poorly protected onboarding flow, and to account takeovers by a malicious third party. 

So how to balance the increased exposure to fraud with the importance of customer convenience? Instead of focusing on the transaction itself, screen for suspicious activity earlier in the customer journey. 

Here are a few things you can do right from the start: 

1. Confirm a customer’s identity during onboarding. 
2. Check for duplicate accounts. 
3. Enforce identity verification measures (such as two-factor authentication) at login. 

While fraud shows no signs of slowing, one thing you can count on is for MYFUNDBOX and Stripe to keep you informed, prepared, and protected. You don’t have to figure any of this out alone. Reach out at customersupport@myfundbox.com to learn more about how we can help.