“[Though] fraud prevention specialists understand that none of [these] elements on their own indicate a fraudulent order, looking at the types of email user names, types of email domain names, customer order history… and understanding geographic fraud trends [can] all help identify a fraudulent order,” says Alyse Serritella, team leader, fraud prevention, Cleverbridge. “Through training, experience and pattern recognition, [you can] see how all these elements interact with each other and identify a pattern that indicates a fraudulent order.”
“Fraudsters tend to target high value items, as they can make the most money on these,” adds James Kingsbury, owner, Vivid 3D. “Also, they tend to have items shipped to an obscure overseas address, often so far out of the way to stop you ever having a chance at getting your stock back.”
“The easiest way to protect yourself against credit card fraud for online orders, and the resulting charge backs, is to ship only to the verified credit card billing address,” says Ron Yates, owner, Titanium Jewelry. “If the buyer wishes to have a different shipping address, the merchant could require that the buyer give the alternate address to the credit card company. Then the merchant can verify this. And have signature required for the delivery, to ensure the package was in fact received by the buyer.”
You can also use an AVS (address verification system), says Kingsbury. “An AVS will confirm the billing address entered by the client, with the address on the credit card company’s data file. This should pre-warn you of any possible fraudulent orders. You can then do some manual due diligence on the order to confirm its authenticity.”
And because “fraud spikes during the holidays,” says Juan Benitez, General Manager, Braintree, “integrate the latest fraud protection tools, like Kount, to identify and prevent fraudulent activity before a transaction or verification ever reaches a customer’s bank.”
What to do if your ecommerce business is hacked
Make sure your site is being regularly backed up – to a safe, offsite server or service. That way in case your site is disabled or hacked, you can more easily restore it.
Invest in small business cyber insurance. “It’s important to minimize your risk of being hacked by patching software regularly, using strong passwords and installing antivirus software, but you can’t prevent every breach,” says Ted Devine, CEO, Insureon. “In the event that a hacker gets into your data, a Cyber Liability policy can be a lifesaver. It covers the cost of notifying affected customers, investigating the breach and buying credit monitoring services for affected customers. That’s important because a lot of states require businesses to provide those services,” he says. “Some policies also offer funds for doing good-faith PR efforts to help restore your reputation.”
Sign up for CIO Asia eNewsletters.