5 Key Elements to Building a CNP Fraud Fighting Framework
by Ethoca
Card-not-present (CNP) fraud—which is predominantly fraud from ecommerce—can have big impacts on merchants. Not only do they lose the transaction value when online purchases are found to be fraudulent, they also pay a fee for every dispute that ends up becoming a chargeback.
What’s more, ecommerce fraud is very common. The 2019 American Digital Payments Survey of 400 business leaders found that 27% of all online transactions were fraudulent that year—a 10 percent increase from a year earlier.
So, how can merchants stop CNP fraud in its tracks? The best defense is to create a multilayered approach to CNP fraud prevention.
What is a multilayered approach to fighting CNP fraud?
There’s no silver bullet to protect every transaction, but a multilayered approach means using multiple, complementary fraud-prevention solutions to reduce fraud risk at different points along the purchase journey. It means every potential point in the journey is secure, because even one weak link can become an opportunity for fraud.
So, what are the key tools and solutions for building a multilayered approach and ultimately preventing CNP fraud? Here is a look at five types of solutions.
1. Behavioral biometrics
Behavioral biometrics software tracks individuals’ unique behavior on a website to build a profile. This helps spot fraud by looking for patterns that fall outside a person’s normal behavior. For example, if most users tend to visit a website multiple times before making a purchase, the software would likely raise a red flag if a particular user makes a purchase quickly after visiting the website only once. When unusual behavior is spotted, additional credentials may be required before the transaction is completed to ensure the user is the authorised cardholder.
2. Multi-factor authentication
Multi-factor authentication (MFA) involves requiring buyers to authenticate themselves using three key factors:
- Something they know, such as a password or security question.
- Something they have, such as their device.
- Something they are, such as a fingerprint or facial recognition.
Two simple ways merchants can deploy MFA are requiring online shoppers to provide their card verification value (CVV)—the three or four-digit code on the back of payment cards—as well as deploying 3DS 2.0.
3. Fraud detection software
Fraud detection software is another tool merchants can use to protect themselves from CNP fraud. Each software platform will vary, but generally speaking, they monitor a merchant’s online transactions and use data modeling and analytics to assign each transaction a risk score based on a range of different factors. Merchants can then determine what level of risk they’re willing to assume and deny transactions suspected of fraud.
4. Digital receipts + enriched transaction information
A significant share of CNP fraud is what’s called “friendly fraud”—when a cardholder disputes a purchase they or someone else in their household made because they don’t recognise it on their bank statement. Providing shoppers with more detailed transaction information directly in their bank’s online or in-app statements greatly increases the likelihood a cardholder will recognise them, reducing cases of friendly fraud. Existing tools such as Consumer Clarity™ enable merchants to share rich transaction details easily to some of the world’s largest issuers.
5. Fraud & chargeback alerts
One challenge for merchants is they may not find out about cardholder disputes until days or even weeks after the dispute is made. That means they potentially miss the opportunity to prevent or reduce losses, such as stopping the fraudulent order from being shipped out. Ethoca Alerts, for example, is a collaborative tool that notifies merchants in near-real time of fraud and customer service disputes so they can respond to them immediately—stopping the fulfillment of goods, refunding the customer, and ultimately avoiding a chargeback altogether.
At the end of the day, preventing CNP fraud before it happens can be far less costly than the time and resources needed to deal with the aftermath. Deploying multiple technologies that work together can help merchants create a strong protective web that prevents fraud. Having a multi-layered fraud strategy not only protects merchants - it also helps protect customers and a brand’s reputation.
