Merchants Fighting Fraud Online -- But Not Effectively, Reveals Study By SignatureLink And CardNotPresent.comMerchants Fighting Fraud Online -- But Not Effectively, Reveals Study By SignatureLink And CardNotPresent.com
Study respondents are not only aware of fraud, a full 65% are attempting to address it through active verification systems
October 16, 2012
RIDGELAND, Miss. and NEWBURYPORT, Mass., Oct. 15, 2012 /PRNewswire/ -- Although most merchants have made a concerted effort to fight e-commerce fraud, their methods are largely ineffective against fraudsters and off-putting to consumers, according to a new survey conducted jointly by leading card-not-present (CNP) industry news source CardNotPresent.com and eCommerce stabilizer SignatureLink, Inc.
The SignatureLink SecureBuy(TM) 2012 CNP Fraud Study, conducted in August and September 2012, polled 379 online and offline merchants of all sizes about their anti-fraud efforts.
CardNotPresent.com and SignatureLink expected to find that many merchants were ignoring the threat of payment fraud and simply accepting chargebacks as a cost of doing business online. As it turns out, study respondents are not only aware of fraud, a full 65% are attempting to address it through active verification systems like Verified by Visa and MasterCard SecureCode. That's an admirable effort, said SignatureLink CEO Greg Wooten, but it's often a case of the cure being worse than the disease.
"We applaud the many merchants using active authentication techniques," Wooten stated, "but the user experience could be improved among legitimate customers by deploying risk-based passive authentication to invoke active authentication."
The study also showed that 52% of merchants are performing pre-fraud screening, typically geolocation of the customer's IP address. Unfortunately, fraudsters can easily manipulate those screening solutions.
"Very few merchants are using second-generation geolocation solutions,"
explained Wooten. "The problem is that a fraudster with any skill whatsoever simply spoofs his IP address and easily bypasses a first-generation geolocation filter. The merchant ends up with a false sense of security while remaining vulnerable to fraud."
Perhaps the greatest opportunity for merchants to shore up their e-commerce fraud fighting efforts lies in chargeback prevention and management. The SignatureLink SecureBuy(TM) 2012 CNP Fraud Study revealed that only 10% of merchants collect the buyer's consent to their terms and conditions (T&Cs) and refund policies through voice or signed consent. Of the remaining 90% of merchants, 50% simply require the customer to check a box during the online checkout process, and 40% never require the buyer to consent to anything at all.
That means 90% of merchants engaging in e-commerce are leaving themselves wide open to Cybershoplifting(TM), where the customer makes a purchase, receives the merchandise, and then disputes the transaction with his or her credit card company, triggering chargebacks for merchants.
"That in itself is a problem," noted Steven Casco, founder and publisher of CardNotPresent.com, "because our study also found that over 60% of merchants never have the buyer's signature on file for any transaction, and over half of merchants lose the chargeback representment process almost every time."
Moreover, a link or pop-up to a merchant's T&C does not solve the problem. "This approach is not in line with current regulatory standards and is actually considered deceptive," stated Wooten. "There's no way for either side to prove their case or to determine what the T&Cs were for a given transaction. Had they captured a signature within the sales draft that carried a true chain of custody, it would be a different story -- because in the e-commerce fraud space, the signature ultimately rules."
The full results of the SignatureLink SecureBuy(TM) 2012 CNP Fraud Study are available at: http://www.signaturelink.com/2012-cnp-fraud-study.html
As one of the only sources of content focused solely on the growing card-not-present (CNP) segment of the payments industry, CardNotPresent.com is an independent voice generating original news, information, education and inspiration for and about the companies and people operating in the CNP space.
The company's media platforms include the CardNotPresent.com portal, CNP Report, CNP Expo, and CNP Awards. Sign up for free to receive the twice-weekly CNP Report featuring comprehensive coverage of the CNP payments space at www.cardnotpresent.com/signup/
About SignatureLink, Inc.
Founded in 2002, SignatureLink, Inc. is the eCommerce stabilizer. The company debuted its patented, electronic handwritten signature technology -- the online signature pad -- in 2005. Since then, SignatureLink has diligently developed products that help online retailers successfully fight Cybershoplifting(TM) and other forms of eCommerce fraud to lower the cost of payment acceptance and increase profits. Visit http://www.signaturelink.com for more information.
You May Also Like
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
What's In Your Cloud?Nov 30, 2023
Everything You Need to Know About DNS AttacksNov 30, 2023
9 Traits You Need to Succeed as a Cybersecurity Leader
The Ultimate Guide to the CISSP
Quantifying the Gap Between Perceived Security and Comprehensive MITRE ATT&CK Coverage
Get the Gartner Report: SOC Model Guide
Building Immunity: The 2021 Healthcare and Pharmaceutical Industry Cyber Threat Landscape Report