The Green Sheet Online Edition
June 22, 2015 • Issue 15:06:02
Survey finds online fraud down, more chargebacks challenged
E-commerce may be prone to fraud, but merchants are getting a handle on the problem. They also are becoming more adept at challenging chargebacks. These are two key takeaways from a new survey of e-commerce merchants by the Merchant Risk Council.
According to results of the MRC's 2015 Global Fraud Survey, the average fraud rate for online merchants was 0.53 percent of 2014 global sales, down slightly from 2013. At 0.10 percent, the fraud rate for transactions initiated via e-wallets was lower than any other type of fraud, the survey showed. The average fraud rate for credit cards was 0.46 percent; for debit cards it was 0.45 percent.
One reason for the lower rate of fraud associated with e-wallets may be that they are not widely used. Also, vehicles like Apple Pay include numerous new security features. "Mainstream mobile payments options are pretty secure," said Markus Bergthaler, Global Director of Programs and Marketing at the MRC.
More merchants taking on chargebacks
Results of the MRC survey, conducted in partnership with the international consultancy Edgar, Dunn and Co., also show online merchants are getting serious about tackling chargebacks. Notably, e-commerce firms dispute more than 50 percent of chargeback notices received and are "victorious in nearly 2/3 of cases," according to the MRC's survey. Operating from offices in Seattle, the MRC is a not-for-profit global forum for e-commerce fraud and payment professionals.
"Merchants are getting better at picking and choosing which chargebacks to fight," Bergthaler said. For example, many e-commerce stores are winning challenges to "friendly fraud" – cases involving seemingly legitimate transactions that are challenged by cardholders. (These transactions may be contested because customers simply don't recognize them, or because customers are trying to skip out on purchases, among other reasons.)
According to LexisNexis, more than a quarter of all card fraud experienced by large e-commerce merchants last year was friendly fraud; among all merchants friendly fraud accounted for18 percent of payment fraud incidents. "There's an art to challenging chargebacks, and a lot of merchants have gotten really good at it," Bergthaler said.
The MRC survey further revealed that "clean fraud" is the most common type of fraud reported by e-commerce providers. Clean fraud refers to card-not-present transactions that contain legitimate account information, such as valid account, billing address and card-verification numbers. The other four most prominent types of fraud are: phishing, money laundering, account takeover and identity theft, the MRC found.
Few implementing new fraud tools
The MRC survey, which queried 400 leading online merchants from around the globe, also provides insights on what steps online merchants are taking to fend off fraudulent transactions. Eighty-five percent identified card verification number as the top tool used to detect online fraud; 82 percent said they use negative lists.
Looking ahead, more than 10 percent of online merchants surveyed are planning to implement one or more of the following four tools within the next year: device fingerprinting, email address verification, customer website visit behavior analysis, and 3D Secure. "3D Secure is very popular across Europe," Bergthaler said. "I honestly don't see it catching on in the United States." Consumers and merchants, alike, complain that it's cumbersome, he noted.
EMV no big deal
Bergthaler also downplayed suggestions that online fraud will skyrocket with implementation of Europay, MasterCard and Visa (EMV), the international standard for chip cards and chip-reading terminals. Beginning in October 2015, all cards issued and most card-reading devices installed in the United States are expected to be EMV compliant. The migration to EMV security for card-present transactions has led to dire warnings of impending spikes in card-not-present fraud.
Bergthaler said the "EMV scare" is predicated on what happened when the United Kingdom and other European countries moved to EMV, beginning in 2005. "Back in 2005 the online landscape looked a lot different," he said. It was easier for fraudsters to ply their trade, he noted. Plenty has changed in the past decade, both in terms of available tools and merchant resources. "EMV is not going to have the impact here that it had in Europe in 2005," Bergthaler predicted.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.