How to protect your business from online payments fraud

by Mac Wang, Head of Growth Australia and New Zealand, Stripe

Consumers today are increasingly using online businesses for everything from ordering clothes to groceries. This shift is having a positive impact on our economy, creating new opportunities for businesses to reach a growing number of consumers not just locally, but globally. Unfortunately, this opportunity also has a cost ㄧ fraud.

Even as chip-enabled cards have made shopping in-store safer, fraudsters are increasingly looking to target online businesses, which are more susceptible to a wider range of fraud schemes. In fact, the Australian Payments Network recently reported that online payments fraud on Australian credit cards hit $476 million in 2017, rising from $418.1 million the year before.

But unlike their offline counterparts, internet businesses are not only responsible for detecting fraud, they are also responsible for paying the associated costs. That said, it’s important to remember that fraudulent transactions still represent a very small percentage of overall shopping volume. And with the right strategies and technology businesses can combat fraud to minimise loss, and maximise gain online.

Fraud: Trends and common myths
The first step to getting ahead of fraudsters is understanding patterns that frequently occur as fraudsters try to operate beneath the radar. Stripe identified some of these last year in a report that looked at a year’s worth of data to seek out fraudulent behavior patterns and factors. Here are some of the key findings:

  • Fraudulent transactions aren’t large amounts or big purchases, rather they are often small, which is surprising given that fraudsters are not paying for the products they buy. Stripe data shows that in Australia fraudulent transaction amounts are only slightly larger than regular transaction amounts. In fact, fraudsters exhibit a more revealing signature when it comes to where and how often they shop, especially in repeat purchases on the same stolen card.

  • Repeat fraud on a card is common, and more than 40 per cent of compromised cards are charged for more than one fraudulent transaction. However, this can often give the fraudster away by making rapid additional charges at the same businesses on the same credit card, initiating repeat purchases ten times more quickly than actual cardholders.

  • Fraud can happen year-round and at any time of day. It especially tends to happen during “quiet” times. For example, while fraud rates do increase during the holidays, they don’t typically rise on big shopping days, but rather on days like Christmas when many people are not shopping. Similarly, fraud rates tend to peak late at night and flatten out during the day.

These trends make it critical for online businesses to have robust fraud defences, particularly as the last thing you want to do is to shut out legitimate transactions along with the fraudulent ones.

Tackling fraud: Lessons in prevention

The next step is implementing the strategies and tools to help prevent fraudulent transactions. Here are three important lessons that all online businesses should consider when tackling fraud.

  • Lean on machine learning. Many businesses rely on employees to audit transactions and create complex, custom rules. However, relying on manual reviews alone isn’t just time consuming, it’s often ineffective. Instead, pair manual reviews with machine learning. With machine learning, businesses can analyse online transactions and buying patterns to flag outliers long before a human analyst would spot a problem. Plus, these models can update and retrain themselves every few weeks (or in the case of Stripe Radar, every day).

  • There’s strength in numbers. Machine learning is most effective when it’s trained on a sufficiently large amount of data. That’s why it’s important to work with infrastructure companies that can provide great machine learning at scale. You can save your business on training a team of engineers in house or building your own fraud prevention models by working with a third-party, especially when using machine learning. In processing transactions for hundreds of thousands of businesses around the world, Stripe is able to spot even subtle and sophisticated fraud techniques, and when Radar analyses a transaction to determine if it might be fraud, it draws from literally hundreds of billions of individual data points. That’s machine learning operating scale that very few individual businesses could ever hope to achieve on their own.

  • Consider the trade-offs. As with any strategic business decision, it’s crucial to consider the downsides that could come from fraud prevention methods. The main difficulty is that blocking too many transactions preemptively means foregoing legitimate purchases too. So even once you’ve implemented tools for preventing fraud, it’s good to remember that your ultimate goal isn’t blocking fraud – it’s maximising revenue.

Staying ahead of online fraud is important for businesses of all sizes ㄧ on average, each dollar of fraud ends up costing businesses about three dollars. On the modern internet, the best defense against sophisticated fraudsters is equally modern fraud detection and prevention tools, such as software that uses machine learning to monitor, adapt, and build new defenses against complex fraud patterns. This ensures businesses are both protected and maximising their revenue throughout the year.

Tags Credit card fraudonline payments

Show Comments