Online scam, make sure it doesn't happen! Here are the best tips on preventing e-commerce fraud and protecting your online store.
First, start with the official guidelines for fraud prevention in electronic commerce: the Payment Card Industry Security Standards Council (PCI SSC). Basically, the biggest credit card brands around the world came together and compiled a list of best practices for avoiding scams. Think of them as the bare minimum for e-commerce fraud prevention and a good place to start.
Fortunately, many payment gateways can handle PCI compliance for you, so you can resolve the problem right away by choosing the more secure ones. You can go directly to the source by reading the PCI SSC blog.
AVS and CVV
The most accessible services to fight fraud: Address Verification Services (AVS) and Card Verification Value (CVV). These standard security measures are more of a rule than a recommendation.
AVS ensures that the billing address entered corresponds to the billing address in the archive, while CVV requires customers to enter the three-number code on the back of the card (in case the identity thief has stolen only the numbers of the card, not the actual card).
Both of these protections are typically included in the payment processor, so make sure they are present before choosing yours.
Signature Request on Delivery
With so many e-commerce scams involving fake identities, a physical signature can carry a lot of weight. While this option may cost more depending on shipping, it is an excellent defense against identity theft, fraudulent chargebacks and triangulation schemes.
If the scammers try to convince you that they are someone else, or that a delivery has never arrived, the required signature puts them in a trap.
Personal Follow Up
Fraudsters love lazy victims, who never take a second look.
A successful scam involves things getting out of control, so one of the most effective preventative measures is to investigate suspects. If you have time to waste, a little extra attention and elbow grease can reveal exactly what the scammer doesn't want you to see. Consider these options:
- Personally send an email to the customer to see if his email address is authentic. Innocent customers won't mind if you politely explain your suspicions, but the scammers won't know what to do. Pay attention to aspects such as the grammar and the spelling of their answers to understand if Italian is perhaps their second language.
- Check out the person on social media. Look for their name and / or their username to see if they are real or not and if their profiles match the other information.
- Call the customer's phone. This is the quickest way to verify that someone is who they say they are.
- Delay the shipment. As we have said, scammers want their operations to be completed as quickly as possible to reduce the chance of detection. If you delay a shipment on purpose, and tell it on purpose, you may frighten them. This is an inconvenience for honest buyers, so use it only if necessary.
Of course, you don't always have time to do these checks for each order, so a good start is to follow and train your instincts. Learn to identify suspicious orders promptly and if something seems strange to you, even a little, don't ignore it.
Always use HTTPS
What is the difference between HTTP and HTTPS? In a word, the cryptography. HTTPS works with another protocol, Secure Sockets Layer (SSL), to protect data as it "moves" over the Internet. HTTP (without S) doesn't, so HTTPS is always better for avoiding hackers. Think about it S stand for Security.
HTTPS also has other advantages, such as improved SEO rankings and more accurate reference data.
More secure passwords
Last but not least, you can share the security burden with your customers by asking them to have more secure and elaborate passwords. Of course, nobody likes those annoying password requirements, especially having an account on a lot of sites. But in reality, being a victim of a credit card scam is much more inconvenient than remembering a new password.
Currently, the industry standard is eight characters, a capital letter and a special character. Failure to comply with these requirements is a risk, and for added security you can add other requirements such as a number, or even randomly generated passwords.
The 10 Best Tools for Fraud Prevention in E-commerce
You are not alone in your fight against fraud, you have tons of allies around you if you know where to look. Here are the top 10 e-commerce fraud prevention software.
With plans that adapt to accommodate both large and small businesses, Signifyd is one of the first places to look for fraud prevention software. It works in the backend of your shop and assigns a "score" to each purchase based on the likelihood of it being a fraud.
Users have the option of handling the case on their own or requesting help from the Signifyd team. They also offer insurance on selected orders, for added peace of mind in case there is something suspicious you can't get your hands on.
Previously called Sift Science, the Sift fraud prevention tool is aimed at high-end stores: more features for more money. Although individual packages can be purchased, the full suite offers:
Prevention of fake accounts
Prevention against abuse of promotions
Spam prevention for content
API for fingerprint detection of the device
Sift advertises its machine learning tool as one of the best in the industry, which perhaps, together with the other features, justifies its price.
Simility specializes in "detecting device fingerprints", identifying a device and assessing its threat level. By monitoring the data of a device (location, operating system, language, web browser, username, and even the battery level!) Simility crosses the device with any blacklist and determines its threat level.
Easy to use, quick to install and requires no API integration, DupZapper is a low maintenance and high performance software. Designed to regulate online gaming, their algorithm detects, among other things, duplicate accounts, geographic consistency, blocking of cookies and the use of proxies. If you are looking for painless and effortless fraud prevention tools, this is our advice.
A favorite of global companies like Chase Bank and GNC, Kount is another high-cost but high-quality option. If you have the necessary budget, Kount provides some of the most advanced technologies to access the risk of a transaction, using over 200 data variables. Their system is also one of the fastest with a response time of less than a second (300 milliseconds, to be precise). For large companies with large budgets, this speed can be useful when it comes to processing daily orders.
Subuno offers a lot for its low price: more than 20 fraud detection tools that analyze over 100 risk factors. It is a privileged choice for those who do not have a large budget but still give priority to site security, especially if we consider that it works with ecommerce sites such as Shopify and WooCommerce.
Riskified stands out from other e-commerce fraud prevention software thanks to some features. To begin with, they use real-time reports. A good choice if you prioritize the speed of high-end software like Kount, but without paying company-wide prices.
Putting aside the "fraud score" model, Riskified includes a clear "approval / rejection" analysis for each order. It also works on a progressive scale system where you pay only for approved orders that generate sales, creating a smart alternative for smaller online stores.
8. FraudLabs Pro
FraudLabs Pro has some strong advantages over the other fraud prevention tools on this list. Use unique detection methods, including authenticity checks for email (such as age of email domain), social media, ISP and usernames.
But the other advantage is even more interesting: a valid free plan that accepts up to 500 requests per month. For small shops or newly launched brands, this is a fortunate discovery for online security.
Optimized for mobile transactions, Forter offers comprehensive and comprehensive coverage on almost all transactions, regardless of geographic location or payment method. One of its main features is the possibility of customization, which allows users to thoroughly analyze specific risk profiles or payment gateways. It also includes quick, real-time reports, with a simple "yes / no" answer instead of a scam score.
Technically speaking, Bolt is more of a checkout solution than a fraud prevention solution. However, because fraud prevention is integrated into your system, it qualifies as both. Bolt is an optimized checkout system for both fraud detection and user experience, aimed at increasing sales and decreasing abandonment through usability.
Bolt scans over 200 behavioral data points during checkout to assess risks. This, coupled with its usability advantages, makes it a great choice for online stores that need help in more areas than simple online security.
The security measures you will take to prevent fraud will improve the success of your ecommerce brand or, more precisely: the failure to prevent fraud will directly impede your success. And with the rise in e-commerce fraud, security is a priority for online stores today more than ever.