You review orders manually. Not all of them, but some of them. So does every other merchant and for a good reason. Ever since you paid out your first chargeback you’ve been careful not to ship orders to customers who look fraudulent. But over time this has resulted in rules that decline good orders. As you’ve grown you’ve learned to accept this as a “cost of doing business”. According to a recent CyberSource report, the average merchant manually reviews about ⅓ of all orders and rejects 2.3% of them. But 70% of merchants still believe that they are rejecting valid customers.
So why are you facing so many issues handling order review for fraud? We believe there are a few key reasons why you’re not achieving your desired result, despite your best efforts.
1. Fraud detection is often a secondary job.
Depending on the size of your organization your customer service team may be the ones performing your order review. The reasoning behind this arrangement is quite sound because the same people who support and interact with your customers should be pretty good at reviewing their orders. However, reviewing orders for fraud is really an additional responsibility that’s being thrust upon your team who are more than likely already busy with their core job functions.
When you’re trying to verify a customer’s identity it’s quite normal to reach out to them to verify their details. However, this process can have several rounds of back and forth and can truly become a burden on your team. Also, your customer service team specializes in assisting customers and fraudsters know exactly how to emulate good customer behavior so you’re inclined to trust them when they provide even minimally credible information or documentation. Fraudsters are now bold and sophisticated enough to be ready for your call.
2. Fraud is constantly evolving.
Your business thrives because you’re really good at what you do. You have a specialized skillset and a niche in the market that you’re actively defending from competitors. Unfortunately, the order and payment details you’re seeing about your customer are largely insufficient because you’re judging them from a limited perspective across just one (or a few) purchase. Fraudsters are regularly targeting merchants across industries and their patterns change as you get better at implementing rules based on fraud you’ve successfully detected.
For those of you at smaller companies the sample size is truly limited. And you will have greater difficulty extrapolating patterns and trends that can be successfully applied to other customers. In other words, if you know what customers and orders have turned up as fraud in the past you’re likely profiling these characteristics or attributes as “bad” orders going forward. But the more emphasis you put on filtering out orders that don’t fit your “good customer” profile, the more orders you’re declining incorrectly.
This problem grows with you as you begin to review and filter out more orders until you ultimately accept a certain percentage of orders that will simply be declined.
3. Fraudsters are professional and organized.
One of the most vexing things about fraud is that professional fraudsters change their methods and adapt quickly. So the right data points for your defenses also need to change rapidly.
Let’s assume for a moment that you could spend as much time and have access to as much data as you’d like for any particular order. You’d still likely face at least these three problems:
- You’re unable to thoroughly train your staff to prioritize the right data in the right context for each order and customer.
- Being reactive, as opposed to proactive, about learning new methods and patterns of fraud across your industry and across online payments more broadly.
- Relying on rules-based fraud detection instead of a pattern-recognition solution which can constantly update your defense methodologies.
For example, you often experience fraud in waves and even intense periods of targeted onslaught while at other times there’s much less fraudulent activity. This is due to an inherent issue in deploying a rules-based method on a semi-regular basis. Fraudsters usually find a weakness in your review methods and then repeatedly exploit it until you catch on. After you’ve detected their activity and created a new set of rules they’ll test these until the next vulnerability allows for a series of successful fraudulent orders. This puts you in a cycle that encourages stricter rules which decline good orders and good customers. So your good customers are the unsuspecting victims of this vicious cycle.
Let’s keep things in perspective. You’ve built a successful business and fraud hasn’t shut you down but it is taking a share of your margin every week, every month and every year. We encourage you to consider some of our suggested changes to improve your order review process specifically for fraud detection in ecommerce. We also encourage you take a proactive approach to detect fraud and ensure you’re not tolerating incorrect declines as a method of avoiding fraud. Because the data shows this approach simply isn’t working for your customers.