We can be certain that when Sir William Blackstone penned those words over 200 years ago he wasn’t thinking about its application to theft deterrence and fraud detection in the twenty-first century. But his words are eerily prophetic to the current situation.
We are naturally afraid of theft and fraud. When it happens to us, we are traumatized. But for businesses, it is just another cost of doing business. The likelihood that a business will be the victim of fraud or theft is almost 100 percent. But business owners shouldn’t take it personally.
While most online businesses are getting better at detecting fraud and flagging potentially shady transactions, the bigger issue is becoming the false positives – that is, transactions that are legitimate, but which get flagged as potentially fraudulent. As it turns out, the cost of these false positives is far higher than the direct cost of fraud itself. These costs not only come directly from the loss of the sale, but compound as legitimate customers avoid going back to merchants that accuse them of fraudulent activity and further damage the brand through word of mouth.
According to a study released by Javelin Strategy & Research, the direct losses due to fraud are about 7% of the total cost of fraud and fraud management in e-commerce business. The dollars lost to false positives are almost three times higher at 19%. The overhead for fraud-fighting tools and personnel make up the remaining 74%. So, why does it look like so many online merchants going overboard on their fraud detection? There may be two potential explanations.
First, the recent rollout of chip cards in the U.S. is making in-store fraud much more challenging. In response, these fraudsters are increasingly turning to online targets. As fraud detection filters adjust to the changing patterns, they trigger even more false positives.
“Merchants are much more sensitive. They’re tightening their rules, which makes false positives spike,” says Tom Byrnes, chief marketing officer at Vesta Corp. “With digital goods, it’s even worse. We saw [with these merchants] that if there’s any question, just deny the transaction. That was a very prevailing attitude.”
The second cause is that many merchants are still using outdated fraud-fighting tools. The previous generation of tools does not use more modern techniques that are available to legitimize customers, such as two-factor authentication, geolocation, or device reputation.
It can be hard to convince merchants who have been spending thousands or millions of dollars on fraud detection that they need to upgrade yet again, but you can be sure that the fraudsters are using the most advanced tools at their disposal. And the priority of any business should be the vast majority of legitimate customers who are just looking for a more convenient way to get their shopping done without being flagged.
Any online merchant who can identify and welcome legitimate customers to their store is sure to make up any losses that happen when its detection software inevitably fails.
by Artem Tymoshenko, CEO Maxpay