As expected, the growth of e-commerce, like every other industry, is not without growing pains.
Two reports released in the past week have revealed alarming trends in increased online fraud and identity theft that could potentially impact small e-tailers. Yet, while online fraud is not something to be taken lightly, some businesses have become overzealous in their approach to assessing risk, and may inadvertently be rejecting legitimate business.
The Merchant Risk Council (MRC) released the results of its 2003 member survey identifying e-commerce fraud trends for 2003. The MRC is a non-profit organization made up of 6,500 merchants, vendors, financial institutions and law enforcement agencies. Its purpose is to protect and encourage growth in online commerce industry by establishing best practices for cyber-fraud prevention.
In its survey, the MRC asked merchant members to quantify their spending on fraud prevention, analyze charge-back rates due to fraud and rate the categories of fraud that are most problematic for their business.
The results include the following findings:
- More spent on fraud prevention. Merchants are spending higher percentages of their revenue on fraud prevention 17 percent of merchants spent greater than two percent on fraud prevention this year, versus 13 percent in 2002.
- Charge-back rates are down. The proportion of e-commerce businesses with fraudulent charge-back rates greater than one percent has dropped into single-digit levels, averaging an overall rate of 9.7 percent a significant improvement from 2002 when almost twice as many (18 percent) of the merchants experienced a greater than one percent fraudulent charge-back rate.
- International fraud is still a big problem. Thirty-eighty percent of responding businesses in 2003 declared international fraud to be "out of control" or "a big problem" a drop from 2002, where 41 percent reported this level of concern.
Substantiating the fact that U.S.-based online merchants are feeling the pressures of online fraud, recent results from a VeriSign study revealed that the U.S. led all countries in total volume of fraud in the fourth quarter of 2003. Indonesia ranked number one among the world's nations by percentage of fraud per transaction, followed by Nigeria, Pakistan, Ghana and Israel.
In its second edition of the quarterly VeriSign Internet Security Intelligence Briefing, VeriSign also revealed that, although e-commerce volume increased by 59 percent during the 2003 holiday shopping season, at the same time merchants rejected approximately seven percent of overall transactions as "too risky" an indication that merchants are turning away a significant mount of potential business for fear of potential online fraud.
In response to increasing fraud rates associated with international transactions, VeriSign also reported that some merchants are restricting sales to the U.S. only, perceiving international business as too dicey.
As a method of fraud screening, merchants are beginning to rely more on automated screening procedures through the use of risk detection systems versus manual (human) oversight.
The top five rules merchants used to review transactions during the 2003 holidays include:
- Address verification service
- Card Security Code
- Card Bin number screening
- E-mail service provider screening
- International order screening
Establishing set standards of good practices for all credit card processing will not eliminate fraud entirely, but it will lessen the sting small e-tailer receive when payments run awry.