Fact: In the next couple of years, online payments will double from below 4% to 8% or 9%.
Fact: If you have no fraud, you’re losing business.
On the most recent Payments Innovation podcast, Chris (Currencycloud) talked to Tedd Huff (VP of Product, GlobalOnePay) about who has the most online fraud, what makes fraud “friendly,” and where the future of fraud prevention is headed.
Tedd calls himself an accidental payments guy who became an accidental product guy. “I like to solve problems, dive into things, figure out what works and what doesn’t work,” he said.
With 19 years in the industry, he’s seen his share of problems that need fixing and the numerous changes to the payment landscape.
For example, just four years ago, the amount of business that was being done online in the form of shopping or purchases was below the 4% mark. “Looking into the next couple of years, it’s going to be reaching anywhere from 8 to 9%,” Tedd said.
“It’s going to explode even faster than that shortly thereafter,” he said.
So, since payments are moving online, fraud is moving online, too. Without a physical presence—like someone with suspicious body language handing you a fake card—you have to figure out different ways to protect your business from fraudsters.
“It’s no longer a fad. The businesses are like, OK, I’m going to start to take this seriously,” Tedd said.
Friendly and criminal fraud
The first way to figure out how to tackle online fraud is to know what kind your main problem is.
If you’re a merchant, you can’t know what controls and security you need if you aren’t aware of the type of fraud that’s costing you the most.
Here’s how to discern between the two.
1) Friendly fraud
It’s akin to buyer’s remorse. “Typically you don’t find out about friendly fraud until after it has happened,” Tedd said.
It’s when someone orders an item online but says they never got it or says it wasn’t as described on the website.
That might be true—or the buyer might just want to avoid the hassle of a return.
“Our systems are designed to look at the transactions as they come in from where they come in. We work with a level of consortium data to manage that across multiple different groups and share that data,” he explained.
GlobalOnePay tries to minimize the risk of all types of fraud by analyzing a merchant’s internal cases to understand what the origin of the problem might be.
Badly worded product description? Vague return policy? Weird item placement on the screen? “Our team will go through and do a full analysis of that to reduce the rate of friendly fraud,” Tedd said.
2) Criminal fraud
This one’s defined by a definite ill intent, a determination from the outset to get something for nothing.
Tedd said his company is mainly focused on reducing the friction between merchants and their customers. “We’re able to look at and analyze the information they have around their chargebacks and the way their business processes are set up,” he said.
His approach is based on individual situations: “We don’t try to give them tools that aren’t going to help them. If they’re getting a lot of counterfeit cards or chargebacks for criminal fraud, then we’re going to dive in and stop the bad ones that we know of from our consortium partners.”
Merchants really don’t like wasting time and energy on things they don’t need. “Having that customizable, very customer-centric focus around what’s right for them is what ends up being what’s right for us,” Tedd said.
Where the fraud’s worst
The bad news is that the fraud is everywhere. GlobalOnePay handles over 80 currencies, so when it says fraud is global, it’s global.
But some areas are higher risk than others.
- AFRICA – 4.3%
- ASIA – 3.6%
- NORTH AMERICA
- MEXICO – 2.3%
- U.S. – 1.6%
Mexico is the leading country for fraud in North America. And despite it being the last to adopt EMV chip technology, the United States has the best handle on fraud right now.
The end goal is not—surprisingly—to get rid of fraud altogether. It’s to reduce it to an acceptable threshold.
“Online fraud on average ranges anywhere from 0.3% up to 3% of total revenues for businesses in North America,” Tedd said.
It usually isn’t possible to stop a breach once it’s happened. So stopping it ahead of time is the key piece to handling fraud.
“When we talk about breaches, physical breaches into security systems, the only way to stop that is to have great security practices and procedures in place,” Tedd said.
Most merchant fraud comes from fraudsters claiming to have made a valid transaction when it was either a stolen credit card or a case of friendly fraud.
Welcoming a little fraud
Tracking the data is how you prevent future instances so the fraud doesn’t happen again. “If you were ever to say, ‘I have no fraud,’ I can guarantee you you’re losing money. Because if you had no fraud, that means you have things so tight that not even the good guys can get through,” Tedd said.
If some fraud comes from too much friction between merchants and customers, no fraud means merchants have no customers.
“You have to have fraud. So really what it comes into is identifying your threshold. As a business, how much am I willing to lose if I can get more?” he said.
It’s a case of “just right”—not too secure that actual customers won’t want to shop online and not too risky that all the fraudsters flock to your site.
As much as merchants don’t want to admit it, some fraud is necessary. Changing the mindset to acceptable minimal exposure will really help reduce the risk of fraud, especially online.