In 1994, one friend sold another a CD online. That transaction not only heralded the beginning of online shopping, but was groundbreaking because it used data encryption software to capture credit card information. And modern ecommerce was born.
Ecommerce (electronic commerce) describes the buying and selling of goods or services through the internet or other online channels. However, that simple definition belies the complexity of the global infrastructure – a complicated interrelationship of technology, banks, card networks and payments processors – that supports everything from consumer data input through the payment transaction.
This infrastructure must also provide a frictionless experience for the customer and deliver conversions to the merchant while preventing fraud. All the more complicated given the surge in ecommerce.
The widespread use of mobile phones, increasing availability of the internet and the pandemic, which drove more people than ever to shop online, are fueling the ecommerce explosion. As a result, merchants have had to fast-forward their digital transformation journey.
It’s a big, big, big world out there
But cross-border is not only limited to consumers in their home countries buying from sites hosted abroad. It also encompasses foreigners living in a host country, international students, and foreign tourists making onsite payments in brick-and-mortar stores in the country they are visiting.
Accepting the popular payment methods in each country can help merchants appeal to those consumers and expand their cross-border business. For example, merchants outside China can target Chinese consumers visiting or living in their country by adding local Chinese preferred payment methods such as WeChat Pay, Alipay and Chinese-issued credit cards.
Accepting payment methods popular in a particular country can provide merchants with new cross-border opportunities to grow their business, but it also introduces greater complexity and greater risk throughout the payments process.
New fraud risks
A successful ecommerce transaction must balance the needs of consumers and merchants alike; delivering a frictionless journey for consumers and dependable conversions for merchants.
Along with the endless opportunities that being able to buy or sell almost anything to anyone in the world offers, there is also more risk. Merchants face the constant balancing act of detecting and blocking fraud in real time without impacting the online experience of good customers. On the other hand, consumers can fall prey to fake online shops stealing their credentials and payment details.
Fraud today impacts every single player within the payments ecosystem – from retailers and consumers to payment service providers (PSPs), account servicers, and payment initiators.
Fraud continues to evolve, with increasing levels of complexity, sophistication and persistence; individual bad actors have given way to global organized crime rings with decentralized networks.
At the same time, the type of fraud has evolved to reflect the “opportunities” offered by a broader, interconnected ecosystem of payments. The most common types of fraud impacting ecommerce include:
- Payment fraud – using stolen card or alternative payment device information to pay for products and services
- Account takeover – accessing a genuine consumer’s account without their knowledge to obtain products or steal loyalty points that can be exchanged for products
- Refund fraud – returning used goods for a refund after they have served their purpose. For example, clothing used for an event then returned as faulty
- Goods lost in transit fraud – claiming parcels never arrived, or arrived with incorrect/missing/damaged products
- First party fraud – a genuine consumer claiming they never purchased/received the goods and requesting a refund
Traditional fraud platforms that are based on static rules and focus on individual payment transactions are effective at identifying some fraud typologies. They are less effective, however, at detecting some of the more advanced fraud attack methods that are increasingly impacting the ecommerce industry as criminals make use of better technology.
Fraudsters deploy automated bots to perform mass identity testing sessions, for example, training their systems to a “low-and-slow” attack profile to evade traditional rate control measures and appear more like legitimate human traffic. Account takeovers and payment attacks can often be the downstream result of successful credential tests.
The key is to be able to risk assess every interaction across the customer journey, using intelligence from every touchpoint to make more informed risk decisions. This also relies on identifying changes to human or trusted user behavior on a “per user” basis rather than relying on static risk thresholds.
The latest white paper from LexisNexis® Risk Solutions, Real-Time Risk-Based Assessment: A Catalyst for Successful Ecommerce Conversion, delves into the challenges, opportunities and risks inherent in global ecommerce with particular focus on the consumer and payments process. It explores how invisible authentication throughout a customer’s digital journey coupled with optimized payment authorization can help merchants strengthen their ecommerce conversion rates, maximize revenues, and build long-term customer relationships.