August 19, 2016
Trick or Treat? 4 Ways to Sweeten a Scary Time for Merchants
By Karisse Hendrick, Editor-at-Large, CardNotPresent.com
When CNP merchants and their fraud departments think of the holidays, they aren’t usually worried about the one that comes in October. Their eyes are on the end of the year and the long hours ahead of them battling the increased fraud that comes with more transactions. But the monsters and ghouls of their nightmares are right around the corner and Halloween is a good time to remember a few lessons that are valuable all year long, but can be especially helpful when the weather turns crisp. So, be afraid. Be very afraid. But be prepared.
1. Reviewing CNP orders is a lot like trick-or-treating . All those cute little ghosts, goblins, superheroes and princesses that knock on your door are anonymous, and you never know which one is going to egg your car. Your customers may also be wearing disguises such as IP proxies, pseudonyms and fake e-mail addresses and it’s not always easy to tell. The bloodstained zombie at your door could be harmless, while the cutie in the fairy costume may have bad intent. It may be tempting to be cautious and skeptical, especially after being hit by a large amount of fraud. But, canceling good orders can sometimes have more of a negative impact on your bottom line than you may think.
A 2014 study asked 3,200 consumers about their experience with credit card declines. The results found one in every six had at least one transaction falsely declined due to fear of fraud. Last year alone, an estimated $118 billion in sales was declined due to suspected fraud. And, most concerning for fraud managers, two-thirds of consumers polled in the study said they discontinued their patronage of a company after having an order falsely declined and took their business to a competitor. This data solidifies the importance of advanced tools and processes that help merchants be more selective and confident about orders canceled because of fraud. After all, you might be fine with sending a trick-or-treater with bad intentions to your neighbor’s house, but it would be a shame to deny an innocent kid his candy and become the house that everyone avoids.
2. Watch out for “demonic possession.” Some of the most famous horror movies of all time featured innocent victims who were possessed by evil spirits, inflicting harm and chaos on the host body and innocent bystanders. Those of us who watched the Exorcist too early in life were soothed by friends or family reminding us it wasn’t real. But demonic possession in the CNP world—account takeover—is all too real, wreaking financial havoc on the merchant, and sometimes the host account.
The best way to prevent or stop these possessions is to get to know the behavior of the “devils” attacking your company. Do they change the credit card on file or use the credit card on file? Do they change the e-mail on the account right away? Is there a specific item or average dollar spend associated with these instances? Understanding the behavior and canceling transactions before real damage can be done will not only save your company from the financial impact of that transaction, but it will exorcise the demon before it gets too comfortable, never giving the body back to the host.
3. “Werewolves” are hard to spot, and harder to stop. Werewolves are classic characters in horror stories because they’re hard to identify. They blend in with humans until the full moon reveals their true form. Friendly fraud is the werewolf of CNP commerce. Because a legitimate cardholder participates in the transaction, merchants are unable to distinguish them from other legitimate orders, so goods and services are provided to the customer. But, after some time passes, the consumer transforms, issuing a chargeback or demanding a refund with fraudulent claims, threatening your revenue—the heart of your business.
Though this sudden change from good to bad is nearly impossible to identify at the time of transaction, there are things that can be done to make it more difficult for a customer to win an illegitimate chargeback (not quite silver bullets, but helpful nonetheless). Placing specific verbiage on your Website making policies clear to customers and providing these in response to a chargeback can ensure you recover the disputed funds and discourage this behavior again. For those who continue to take advantage of the system or who have done the most damage, some retailers have instituted collection processes on funds that have been illegitimately charged back or institute “gray lists,” choosing not to do business with these “werewolves” again.
4. Skeletons in the closet can’t be hidden forever. People with “skeletons in their closet” have a secret that could wreak havoc if exposed. In CNP commerce, fraudulent transactions that were missed can only remain hidden for so long. Eventually, those skeletons in the closet are exposed, with a direct negative impact on the company’s bank account. Each of these hopefully rare instances provide merchants the opportunity to learn how fraud slipped past the measures they put in place to detect it. Some merchants prefer to keep the skeletons in the closet. By not analyzing chargebacks to determine exactly what happened, merchants are opening themselves up to fraudsters repeatedly exploiting a vulnerability they found in the process. Creating? More skeletons. The best way to prevent a multitude of skeletons in the closet is to keep the door open and the light on, reviewing chargeback data to determine how they got there in the first place. Only then can you make informed decisions and take action (responding to disputes in an attempt to recover funds or addressing the vulnerability and preventing more bodies from piling up).
Whether your company’s biggest nightmare is determining a trick-or-treater’s intentions, performing exorcisms on accounts that have been “possessed,” preventing “werewolves” or dealing with the skeletons in your closet, we hope you have a safe and happy Halloween.