The EMV transition and the rise of E-commerce shopping have combined to increase the payment transaction risk to online merchants. Regularly occurring data breaches yield stolen cardholder records that fraudsters use to perpetrate card-not-present fraud. As the following article discusses, merchants are facing additional challenges to counter the rising attempts of payment fraud against them.
Despite the increased merchant focus on security, in almost all companies there’s one aspect of a business which represents a potential vulnerability that goes unnoticed from the security perspective. It’s a part of the fraud management team.
One reason that this weakness is usually undiscussed is precisely that it is a part of the fraud team’s structure and method, and in general the fraud department is not a usual subject of infosecurity concern. Since their purpose is to protect the company and prevent loss, their goals seem to fit in naturally with the wider security concerns of the company.
The potential vulnerability is a function of a method typically used by fraud departments rather than anything integral to the nature of the fraud prevention effort itself. The weakness is not necessary, but contingent. The reason it has gone unnoticed for so long is that for a number of years it did appear to be necessary. It’s only recently that new technology has made alternative arrangements possible – and many companies are still not aware that that’s the case.
So what’s the hidden source of risk? They’re called manual reviews. You may not have heard of them – most people in the company won’t have done. But 83% of US online businesses perform manual reviews, and they impact a number of the orders received by a website, influencing the customer experience on a site – and not for the better.
It’s the job of the fraud department to make sure that, as far as possible, fraudulent orders don’t get through and good orders are identified as such and do get through to fulfilment as smoothly and quickly as possible.
Fortunately, all is not lost, as merchants have more tools to fight back against the fraudsters. An army of fraud fighting software developers have assembled sophisticated rules based and neural network solutions to thwart e-commerce fraud attempts. When using a fraud solutions vendor, merchants report a high success rate in blocking the shady transactions while still allowing in legitimate purchases. No fraud-fighting system is fool proof but savvy merchants will take a hard look at their fraudulent transaction losses and start talking with security experts that best fit their specific industry and e-commerce volume.
Overview by Raymond Pucci, Associate Director, Research Services at Mercator Advisory Group
Read the full story here