If you are a merchant accepting online payments, fraud is an ever-present danger. Naturally, every business wants to have the best fraud protection there can be. But how can you choose the best one, with the risk management market brimming with various anti-fraud solutions big and small?
One of the best ways to select the most appropriate anti-fraud program is to ensure it has all the functionality you need to protect your business. But what is this functionality? Read on to learn of the 12 must-have features for E-commerce fraud prevention tools.
In no particular order, these features should include as much as possible from the following list:
- Real-time transaction monitoring
- User behavior analysis
- Device fingerprinting
- KYC/AML automation
- Address verification service (AVS)
- Static and dynamic transaction limits
- Chargeback alerting
- In-depth analytics with charts
- Risk scoring
- Risk logic rule engine with configurable scenarios
- AI-based fraud scoring
- Identifier reputation records
Let’s now take a closer look at each of them and briefly describe the value they bring to your business.
Real-time transaction monitoring
This is the most crucial functionality, though it involves the results from a variety of other features listed below. Your risk mitigation platform should have triggers and alerts in place to timely inform you of suspicious transactions. Fraudsters try to act quickly before the cardholder realizes what is happening and blocks the card — and your fraud detection solution must keep up the pace.
Device fingerprinting
Once the customer visits your website or online store for the first time, a special JavaScript tool starts collecting all the data their device is freely and publically transmitting. This includes hardware and software versions, screen resolution, language preferences, IP address, and a variety of other data needed for debugging.
The combination of these parameters forms a device fingerprint, which allows identifying the device in the future. Yes, the visitors can update their OS and browser version, change some plugins and addons, use VPN tools — but a well-trained device fingerprinting algorithm will still be able to identify the device.
User behavior analysis
Once the device fingerprinting identifies the device (and the user profile associated with it), user behavior analysis can start tracking and logging all user actions on your website. This helps identify normal behavioral patterns, like a user logging in every evening around 7 p.m. from Philadelphia to order pizza or other food delivery, for instance.
This way, if the same device logs in the middle of the night from Austin and orders 20 packs of beer — a warning will be issued to you, and the user will have to prove the transaction is valid indeed. Of course, there can be a thousand legitimate reasons for a change in patterns — a trip to a friend, for example — but it’s better to be safe than sorry.
KYC/AML automation
In order to remain AML compliant, you must perform Know Your Customer (KYC) checks at their registration and during each login. Automating this procedure and checking against known PEP/RCA/sanctions lists in milliseconds allows approving legitimate transactions while halting for additional verification or rejecting suspicious transactions.
Covery provides KYC automation due to being a Dow Jones-certified service provider with direct access to the latest versions of AML watchlists, enabling the platform to perform real-time Customer Due Diligence (CDD) procedures.
Address verification service (AVS)
One of the most efficient ways to prevent chargebacks and fraudulent orders is to check whether the stated delivery address is the same as the one on file with the card-issuing entity. If the addresses mismatch, this might be an indicator of fraudulent activity. AVS is performed by default by many payment processors, but it is good to have it within your risk management platform as well.
Static and dynamic transaction limits
Based on the normal user behavior patterns, you can set up static and dynamic transaction limits, like the maximum order size or the maximum number of orders from a single user daily. This way, you can limit potential chargeback claim size quite significantly.
Chargeback alerting
The key problem of chargebacks is not actually the money you lose on them. It is the chargeback ratio — the proportion of chargebacks to the overall number of your transactions. If this ratio exceeds 1%, you have to deal with Visa and MasterCard redemption programs — you pay higher fees for processing your transactions and must prove that you invest some effort into resolving the situation. If the ratio exceeds 3%, your merchant account can be blocked, effectively meaning bankruptcy for your business (even if you have multiple accounts, it still hurts).
Thus said, it’s easier to refund the customer’s purchase before a chargeback claim becomes a dispute, so you avoid paying the dispute processing fee and your chargeback ratio remains unaffected. Chargeback alerting helps to do exactly that, so you minimize the losses from legitimate chargebacks, and other features help prevent fraudulent chargebacks.
In-depth analytics with charts
Your anti-fraud program might provide a wealth of valuable data, but if it is not presented in an easily digestible format, it will be of little use to you. This is why it’s important to have in-depth analytics providing detailed reports and charts, which will empower your decision-making and turn a flow of numbers into a goldmine of business insights.
Identifier reputation records
Every customer profile has various identifiers like IBAN, email address, email domain, BIC, geolocation data, etc. While these identifiers cannot be combined into holistic profiles due to GDPR and PCI DSS requirements, they still work as excellent indicators, and the reputation for each of them can be stored separately.
With Covery, this global reputational knowledge base is called Trustchain. All the merchants using Covery automatically add compromised identifiers to the database and check new user profiles against it. This helps identify fraudsters with high precision and block them before they can damage your business.
Risk scoring
One of the best ways to mitigate risks and prevent fraud is to perform risk scoring for every transaction. If it comes from a customer profile with a good reputation, well-known device fingerprint, within a normal behavioral pattern — you can almost surely assume it is a low-risk transaction and even reduce some usual checks to provide a better customer experience.
However, should a transaction come from a profile with compromised identifiers, outside of the normal behavioral pattern or have any other alerting signs — the system will score it as a high-risk action and you can configure the next steps for it — from additional checks / one-time passwords or voice confirmation request to approve the transaction to rejecting it entirely and banning the profile.
Risk logic rule engine with configurable scenarios
The example in the previous paragraph involves using risk logic business rules. Should a customer have a low-risk score — a simplified transaction approval scenario is applied. SHould a risk score be high — additional checks like 3D Secure are issued.
Covery comes with 15 pre-configured risk logic scenarios covering the basic needs of 23 industries and provides a convenient constructor for adding custom rules that your business needs. This allows for precise and on-point automated transaction monitoring and management.
AI-based fraud scoring
Given the wealth of data we already described, a specially trained AI algorithm can identify a variety of patterns automatically and do most of the heavy lifting. This way, you need to only set the risk engine logic rules once, and the AI algorithm will check every transaction against them (as well as performing KYC checks and behavioral analysis).
This helps identify and prevent fraudulent schemes of any complexity, reducing the number of chargebacks by up to 70%. preventing up to 80% of losses and doubling your turnover due to helping your business become a low-risk one.
Conclusions
We have briefly explained what features to look for in a fraud detection solution. As you can see, most if not all of them are readily available with Covery. Of course, there are other E-commerce fraud prevention tools, and you can select the one that fits your business demands best. Should you decide to give Covery a try — contact us, we will be glad to assist and show all the ways Covery can provide value for your business.