Global online retail sales are projected to exceed $2 trillion in 2017, and double to $4 trillion by 2020. Despite this rapid growth, selling online is not without its challenges, and eCommerce merchants are increasingly seeing their hard-earned revenue fall victim to CNP fraud and the associated chargebacks. A 2016 study confirmed this, with online merchants reporting that chargebacks accounted for much of their fraud-related revenue loss.
Common reasons for filing a chargeback include:
- an error on the merchant’s end (e.g. ignoring a cancellation)
- unauthorized usage (e.g. a child using their parents card)
- clear-cut fraud (stolen credit card information is used)
- chargeback abuse, often referred to as ‘friendly fraud’ (where the cardholder disputes the purchase despite having authorized and received it)
Regardless of the reason, chargebacks are a costly, resource-intensive business. But there are a range of measures merchants can take to reduce their impact. As pioneers of the chargeback guarantee, the Riskified team has extensive experience fighting and preventing chargebacks. In this post I share important tips to help reduce chargebacks to a minimum.
How to avoid chargebacks
1. Keep on top of fraud patterns and trends
The first, and most critical question online retailers should be asking themselves is how much clear-cut fraud they are failing to detect (the majority of these cases will inevitably result in chargebacks). Unlike friendly fraud, where a merchant can potentially dispute a chargeback claim, businesses must take full responsibility for approving fraudulent orders.
There are a range of factors that online retailers need to consider when reviewing orders, but the fundamental aim should be to connect the customer to their credit card. When there is no connection, the likelihood of the order being fraudulent increases exponentially.
Be cognisant of reshippers
There are various explanations for why a legitimate customer might use a reshipper (e.g. cross-border shopping), but fraudsters also take advantage of this service, which allows them to receive packages without revealing their physical location. So what should fraud teams be on the lookout in order to approve the good orders and avoid chargebacks from the bad ones?
- An international IP address that doesn’t match the credit card billing country. A match here (assuming there’s been no proxy usage) generally indicates legitimate reshipper use by cross-border shoppers. A mismatch is often a sign of sinister behavior.
- Reshippers’ addresses can often be identified by a number and letter sequence (the package identification code), which sometimes indicates the final destination of the package. If this destination doesn’t match the billing country, this is an indication of risk.
- A recently created or disposable email account. A reshipper order placed with an email account less than two years old is more than five times as likely to be fraudulent as one with an account older than two years.
Further information on overcoming fraud challenges can be found in our Shipping eBook.
Take note of digital orders
The fact that digital goods carry more risk of CNP fraud than physical goods shouldn’t come as a surprise. Not only can they be sold on the secondary market within moments of being obtained, but typical fraud detection techniques are less effective in the absence of a shipping address. Because the recipient email account is essentially the shipping address, fraudsters create email addresses that look as if they could belong to the actual credit card holder.
In order to reduce chargebacks down in this increasingly popular segment, fraud teams should check:
- the domain’s reputability – fraudsters often use disposable email accounts from domains that require minimal information to register
- how long the account has existed
- that the email account appears in an internet search (e.g. in a forum or social profile)
Link to previous purchases
Linking involves cross-referencing data from new transactions against previous ones. If there’s a match, the same person has likely returned to shop with you. Detecting returning customers based on their IP address, device fingerprint, email domain, and product, can help merchants identify returning customers. But it can also assist to prevent fraud by identifying when a new order is placed via the same device and IP address from which a fraudulent chargeback was previously incurred.
Every industry has its own set of indicators and trends, and these are only a broad overview of best practices for fraud detection. For further information on chargeback prevention in specific segments, the following reports can be downloaded for free: Travel , Sneakers, Gift Cards , Consumer Electronics , Fashion , Jewelry & Watches, Ticketing, mCommerce Sales.
2. Prepare for peak shopping periods
One of the biggest mistakes merchants make is not sufficiently preparing their fraud teams for the spike in sales over the holiday season. Unfortunately, the pressure of reviewing such a high volume of orders often leads to a rise in the number of fraudulent transactions slipping through.
It’s important to note that during the holidays, although there are more fraud attempts by number, the rate of fraud actually falls. Ensuring your fraud review process is automated and streamlined will therefore keep false declines down and reduce chargebacks. In order to achieve this, historical CNP trends should be mined, and used to update rules systems, as well as to train manual review teams. By considering common behavioral patterns and browsing history, fraudulent activity can be filtered out more easily. For example: How safe were orders from returning customers last Christmas? What percent of orders from traditionally ‘dangerous’ countries ended up being safe last Valentine’s Day? Does promo code use significantly alter the chances of an order being fraudulent? What does legitimate customers’ browsing activity look like at sale time – do they compare a lot of products, or go right to checkout?
3. Collect data that can be used as compelling evidence
Collecting customer data can help win chargeback disputes. The dispute process is the merchant’s opportunity to refute a chargeback claim by providing compelling evidence that the order was in fact authorized and received by the genuine cardholder. The more evidence a merchant can provide to support the legitimacy of a transaction, the better their chance of overturning the chargeback. There is a host of potential data that can be used as proof that a transaction was authorized by the genuine cardholder. Creating a checklist (like the example below) will help ensure the relevant data is collected throughout the purchasing process.
- Did the same customer ever make previous purchases with this card and online identity that didn’t result in a chargeback?
- Does the address linked to the email address match the billing or shipping address?
- Is the IP location (the customer’s geographical location) in close proximity to the billing address?
- Does the email address itself contain the same name provided in the billing or shipping details?
- Is the email address linked to social profiles that match the customer’s name?
It’s important to note that each payment provider or issuing bank has its own processes, so although chargeback reason codes may be similar, merchant’s should familiarize themselves with these codes and any relevant procedures.
Our solution to help reduce chargebacks
Riskified analyzes orders submitted by online retailers for fraud. By leveraging cutting edge technology (including machine learning, behavioral analysis, elastic linking, and device fingerprinting), we provide merchants with a fast, accurate ‘approve’ or ‘decline’ decision. The purpose of our solution is to identify a CNP fraud attempt before it turns into a fraudulent chargeback. However, if we do approve an order that incurs a fraud-related chargeback, it is backed by a chargeback guarantee. Moreover, we provide a representment service to help our customers dispute chargebacks and ensure fees are kept to a minimum.
Learn more about Riskified’s solution and chargeback protection here, or contact us directly: firstname.lastname@example.org