Why Outsource the Fraud Protection in Your Growing Online Business

If you are doing any kind of business online these days, then fraud protection has to be one of your top concerns. It’s no secret that incidents of online fraud and significant, high profile breaches in data security have been on the rise over the past decade. In fact, ecommerce fraud rose a whopping 30 percent in 2016, and according to a recent survey of executives, over 80 percent reported that their companies were the targets of cyber attacks, originating both from within the company and from the outside. That’s up from 75 percent in 2015, and 70 percent in 2013.

As more and more financial and commerce-based transactions move online and on mobile devices, cyber criminals are setting their sights on these channels. Many of these individuals are armed with a sophisticated toolbox of bots and stolen consumer data that includes credit card numbers and other identifying information, which they can use to hijack or create customer accounts in order to make purchases.

Online fraud can not only lead to lost revenue, but it can compromise sensitive customer or business data, lead to expensive charge-back fees, the loss of merchant accounts, and put a big dent in a business’ reputation. The bottom line is succumbing to a cyber attack is just like any other business emergency or disaster and should be treated that way.

Why Outsourcing Fraud Protection is a Smart Move

In an effort to save money, many smaller online companies typically try to manage their fraud prevention in-house. But more often than not the numbers don’t support this approach. The reality is that fraud protection can get very expensive. For example, recent research suggests that fraud and charge-back management can consume between 13 to 20 percent of a business’ operational budget. There are also numerous significant limitations inherent to many in-house fraud prevention programs and systems, such as being able to keep up with the constantly changing tactics, tools, and platforms being employed by cyber criminals. For businesses that operate world-wide, in-house systems must also be able to keep up with a large-scale set of transactions that may vary by region. Without this ability, many legitimate orders may be rejected, leading to a significant loss in current and future sales.

While letting go of in-house systems may be hard to do for something as sensitive and as important as fraud prevention, they are many benefits to outsourcing this function. Here is a rundown of the three biggest pluses:

  1. They use the latest technology. By outsourcing fraud prevention to an outside company, the business will gain access to the latest technology and screening techniques, as well as up-to-date industry knowledge. So, as the world of cyber crime evolves or consumer behavior changes, the business will still enjoy protection.
  1. Sales are processed more efficiently and accurately. Today, online consumers have come to expect instant results. Whenever an order is flagged for further verification, a dedicated, outside service can quickly move to confirm customer details. Furthermore, a good fraud protection provider will use more accurate screening tools for global and regional sales so that fewer legitimate orders require verification in the first place. This can lead to a better customer experience and the ability to enter more markets.
  1. Businesses can free up precious resources. When a growing online business diverts significant resources to in-house fraud prevention that means fewer resources are available for things like product research and development and strategic management. By passing this responsibility off to a qualified fraud prevention service, business owners and their staff are then free to focus growing and developing the business.

Now, it almost goes without saying that the quality, level, and extensiveness of service among fraud screening providers will vary, so business owners and their management teams need to be exercising their full due diligence before agreeing to work with a particular company. But, once an appropriate fraud screening provider has been found, relying on their services can bring a dramatic, positive change for online sales and business growth in general, and that’s something any business would want.

Credit Card Fraud Among Ecommerce Grows While POS Fraud Declines

With the evolution and proliferation of ecommerce and chip enabled credit cards, credit card fraud has been going through a metamorphosis over the past couple of years. As the tides change, smaller businesses in particular need to be paying attention and taking action. Without the proper precautions, small businesses are prime targets for fraudsters and hackers who can compromise sensitive data and send a crippling financial blow.

The Closing Window of Opportunity and the Opening of a New Window

As the US is slowly introduced to EMV chip credit cards, point-of-sale credit card fraud is expected to decline in the coming years. According to reports by Javelin Strategy and Research:

POS card fraud will become progressively less lucrative. Card counterfeiting will border on impossible, given the inherent security of EMV chip-cards…  Additionally, merchants who use encryption or tokenization would effectively render data gained from compromised terminals useless for future POS transactions. These factors will largely restrict POS card fraud to lost or stolen cards… [which] are significantly more difficult to acquire and are more likely to be canceled shortly after compromise… [F]raudsters at brick and mortar stores face a closing window of opportunity.

But while physical credit card fraud may be on the decline, all indications point to a significant rise in online credit card fraud as the surge in ecommerce continues. According to Javelin Strategy and Research, online fraud in the U.S. is expected to nearly double to $19 billion by 2018 from $10 billion in 2014.

Though all businesses and organizations operating online are being affected by fraudulant activity, small businesses are the most vulnerable because many are unable to afford the systems to detect and prevent it. Moreover, when it comes to online purchases, the merchant is typically the one paying for the fraud. If for example, a fraudulent customer uses a stolen credit card to purchase a product, typically by the time the real cardholder discovers the charges, the fraudster already has possession of the items. While the real cardholders are often not liable for unauthorized transactions, retailers have no such protection. Thus, when the true cardholder eventually reverses the payment, the retailer must foot the bill- an amount that includes the cost of fulfilling the order, the lost revenue of the sale, and the fees associated with receiving the chargeback (which can easily reach 25% of the transaction amount)!

What Can Small Businesses Do to Prevent Online Fraud?

In order to prevent or at least reduce a small business’ exposure to credit card fraud online, there are three things that need to be in place: knowledge of safety compliance, technology, and good payment processing practices. We’ll briefly go through each one below.

1. Maintain PCI Compliance. The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that all companies that process, store, or transmit credit card information do so in a secure way. PCI is developed to proactively protect customer data, such as account numbers, names, addresses, and social security numbers. PCI compliance generally involves basic security precautions, such as maintaining a firewall between the business’ Internet connection and any system that stores credit card numbers.

2. Technology. There are various software applications out there that can help companies weed out fraudulant activity. Usually, these tools consider a number of potential red flags, such as whether the shipping and billing addresses match, whether the order is placed from an unfamiliar computer, device, or location, and whether the email address associated with the order has changed. Once suspicious activity has been identified, the business can then investigate further.

Another important element to consider is the ecommerce platform. Some of the most popular platforms actually do not offer so much fraud protection. So, this is something that should be researched before hand.

3. Payment Processing Best Practices. The best software in the world, however, won’t help a business that is careless with sensitive data. Businesses that are serious about data security will make the effort to routinely check that their fraud protection systems are working as they should. For example, business owners should check to see if all checkout URLs maintain a secure connection (“https”) during the checkout process. They should also set up system alerts that allow them to quickly and effectively screen out fraudulant activity, and make it a point not to store any more data than needed on customers and their transactions.

Bottom line: those businesses that process payments online need to be extra vigilant these days. Online fraud can easily ensnare a business, causing severe damage to a business’ reputation and its profitability. But, with the right knowledge, preparation, and tools, small businesses have the best chance of making it through unscathed.