The sudden surge in e-commerce activities has brought with it a rapid rise of card-not-present (CNP) fraud, costing e-commerce merchants an estimated US$35.54 billion globally in 2020, a new report by Forrester says.
According to the “How to balance risk in an ever-changing retail landscape” report, this massive jump in CNP shows that merchants are overwhelmed with the massive increase in new customers and activities, and calls for greater use of fraud management efficiency metrics.
CNP is a category of fraud where the cardholder does not or cannot physically present the card for a merchant’s visual examination at the time that an order is given and payment is effected.
It typically occurs when a criminal obtains a cardholder’s name, billing address, account number, three-digit security code, as well as card expiration date, and is most commonly used for payments made over the internet, or over the phone.
CNP is the most prevalent and costly type of card fraud, representing a whooping 80% of the total value of card fraud in the European Union (EU) in 2019, new data from European Central Bank show.
In Asia-Pacific (APAC), CNP fraud accounted for more than 70% of all fraud losses last year, data from the Nilson Report show, a trend driven by the rapid growth in CNP sales.
In 2020, the value of the online retail market in APAC reached US$1.7 trillion, according to Forrester, with e-commerce growing by 16%.
More than 154 million people across the region shopped online for the first time last year, the highest number of new users yet in a single year.
By 2025, Forrester forecasts that online retail will reach US$2.8 billion in APAC with the region making up about one-third of total retail sales.
Leveraging data and fraud management efficiency metrics
With e-commerce activities on the rise, CNP fraud is ballooning leading to the soaring costs of fraud which poses challenges for online merchants.
Against this backdrop, the report outlines best practices and metrics for online merchants in order to improve both fraud management efficiency and customer experience.
According to the report, the first step in building a robust e-commerce and retail fraud management (ERFM) process involves moving as much data into the system.
These data should come from transactional systems, client relationship solutions and identify verification systems, but other sources as well, the report says.
Additionally, contextual data such as user navigational information, clickstream data, device ID/reputation, IP address history and proxy information, as well as data from social media and mobile network operators should also be considered.
Rules should be reviewed on a regular basis so that the ERFM solution is adapted to the evolving environment and is able to accurately identify high-risk transactions, the report says.
In terms of governance, the ERFM team should comprise the CFO’s office, or some direct reporting function in finance, the operations and product teams, and the e-commerce or lone of business teams.
For larger organisations with order volumes exceeding US$500 million a year, the report recommends forming a dedicated ERFM team.
It’s critical that businesses keep customer experiences metrics in mind to ensure that customers aren’t stopped by the ERFM solution unnecessarily.
Key metrics include the review rate, the approval rate, the false positive rate, the investigator loan, and the investigator decline rate.
These metrics are critical because they can tell whether or not the ERFM system is properly tuned, and whether or not customers are overburdened by the fraud prevention process.
Finally, businesses should look for key fraud management efficiency metrics, including the attack rate, the detection rate, the investigator false decision rate, the chargeback rate and the chargeback dispute rate.
Chargebacks occur when the merchant accepts a fraudulent payment and the merchant has to pay back the issuer bank for the fraudulent charges through the payment network.
A high chargeback rate can lead to hefty fines and penalties, including the merchant’s loss of ability to accept cards, the report warns.
Download the Forrester report on “How to balance risk in an ever-changing retail landscape” here.