GS Logo
The Green Sheet, Inc

Please Login

Banner Ad
View Archives

View flipbook of this issue

Care to Share?


Table of Contents

Lead Story

Closing the door to backdoor breaches

News

Industry Update

Verizon study calls for improved PCI security

Marketplace Fairness Act to even score online, offline

Congressional payments caucus a positive for industry

CFPB takes on consumer lenders, card market

Transact 15 highlights global trends in payments

Features

Countering affiliate, aggregation fraud

Selling Prepaid

Innovation in gift card exchanges

Views

NACHA seeks seat at mobile payments tabl

Patti Murphy
ProScribes Inc

Mobilizing the sales force

What Sweden can teach us about the future of payments

Kirsty Tull
BillPro

Education

Street SmartsSM:
Let's share stories, grow our businesses together

Jeffrey I. Shavitz
Charge Card Systems

Exiting your business

Vicki M. Daughdrill
Small Business Resources LLC

Apple Pay & Samsung Pay Contrast

Differentiate and build trust to stand out

Jeff Fortney
Clearent LLC

Oral promises and ISO contracts

Adam Atlas
Attorney at Law

Company Profile

Field Guide Enterprises

New Products

All-in-One Mobile POS app

PayStand
PayStand

Remote device management for IoT era

SUSIAccess 3.0
AdvanPOS Technology Co., Ltd.

Inspiration

Let go or get dragged

Departments

Readers Speak

Resource Guide

Datebook

Skyscraper Ad

The Green Sheet Online Edition

April 13, 2015  •  Issue 15:04:01

previous next

Countering affiliate, aggregation fraud

In the world of electronic payments, fraudsters constantly lurk on the fringes of every transaction. They work silently and diligently to obtain consumer card data and outsmart the transaction process in order to siphon millions of dollars every year from unsuspecting merchants and the payments industry.

Adoption of stronger security measures, such as Europay, MasterCard, Visa (EMV) chip cards, is helping the industry combat the rising incidences of fraud. However, numerous data security experts have observed that measures like EMV only divert perpetrators from one transaction sphere to other, more vulnerable arenas.

One such area where fraud continues to climb is e-commerce. Despite technologies like tokenization, which can make it virtually impossible to scrape card data from online transactions, other types of online fraud are gaining momentum. "Most criminals will take the path of least resistance," said Monica Eaton-Cardone, Chief Operating Officer and co-founder of Chargebacks911, "There is an argument to be made that criminal minds are forcing us to develop a tight infrastructure."

Rise in affiliate fraud

Eaton-Cardone said affiliate fraud is one of the fastest growing forms of online fraud today. And it can cost a merchant many thousands of dollars before it is detected. The process involves third-party partners, or affiliates, who agree to promote and resell merchandise on behalf of an e-commerce enterprise. Affiliate marketing has gained popularity over the past decade as online buying has increasingly become preferred among consumers. Affiliate relationships enable a single merchant to cast a wide net across the Internet to gain more customers.

Referencing one high-profile example of affiliate fraud, Eaton-Cardone recounted how crooks collected more than $1 million in commissions from fake orders through Nordstrom.com. The big retailer was also out $23 million in merchandise due to claims the orders were never received. The fraudsters were shut down, but Nordstrom sustained unrecoverable losses in merchandise, bogus commissions, shipping costs and chargeback fees.

"Everyone in the value chain is affected," Eaton-Cardone said. "The merchant, the processor, and even the consumer ends up with less quick checkout luxuries, more onerous terms and conditions, and higher prices."

Rise in aggregation fraud

Another online fraud culprit gaining steam is aggregation fraud, which is a form of fraud in which a legitimate merchant account is used as a front for an illegal operation. David Abouchar, Senior Director at ControlScan Inc., explained how aggregation fraud is governed. "When aggregation fraud is detected, the card brands will hold the acquirers and banks accountable," Abouchar said. "They will fine whoever is contractually downstream in the liability chain."

In both types of fraud, the true key to detection is monitoring transactions and chargeback activity. However, avoiding a potential threat is always the best action to take. Eaton-Cardone encourages e-commerce merchants who are considering affiliate marketing to do the homework to validate affiliate partners. She also urges merchants to, "establish acceptable standards for metrics such as chargeback rates, customer service inquiries, web traffic, conversions, etc." She believes this enables a merchant to see a red flag and address it early by digging a little deeper.

Being proactive against aggregation fraud isn't quite as straight forward. Abouchar says merchants will sometimes function as legitimate businesses for some time before they shift into using their approved merchant accounts to handle undisclosed illegal activities. Nor, is the tracking of these merchants as simple as looking up a company's website. Often an iFrame order form is covertly embedded into a site and takes buyers outside the original portal to order the illegal items; effectively leaving no trace of cyber linkage.

"Detection is about knowing a potential customer intimately and doing the initial due diligence," stated Abouchar, "When on boarding, the whole ecosystem of the merchant entity must be looked at, not just the obvious website."

Once a merchant contract is functional, Abouchar also urges ISOs to be vigilant in monitoring chargebacks and watching for indicators, as well as transaction activity looking for anomalies which would indicate the transaction data is inconsistent with the merchant.

"You can't apply just one technique, and unfortunately, there's no silver bullet when it comes to monitoring online fraud," Abouchar said.

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

previous next

Spotlight Innovators:

North American Bancard | Harbortouch | USAePay | IRISCRM.COM | Humboldt Merchant Services