The content of this article is provided for informational purposes only. You should always obtain independent business, tax, financial, and legal advice before making any business decision.
The last few years has seen many digital retailers experience a boom in sales as customers continued to embrace online shopping and the ongoing expansion and variety offered by ecommerce. In fact, in 2021 sales exceeded $5 trillion worldwide, up 56% on 2019 figures and although predictions forecast that they will continue to grow strongly over the coming years to reach over $8 trillion by 20261 , there is also a strong threat of economic uncertainty looming. It’s these combined factors which will likely attract fraudsters in large numbers.
As a report conducted by the Ponemon Institute - sponsored by PayPal - recently highlighed2, preventing the scammers while allowing legitimate customers to buy online has become a priority for retailers fearful of the financial and reputational repercussions. Yet the right balance between securing payments and minimizing false declines isn’t always struck. It can be a potentially expensive challenge: those surveyed lose an average of $3.7m each annually due to fraudulent online transactions.
Global organizations have experienced an explosion in data breach threats in recent months.3 One of the biggest causes of corporate data theft is demand for monetizable information on the cybercrime underground, which can be used in follow-on fraud. That’s born out in Ponemon’s research, which is compiled from the responses of over 3,700 corporate payment experts. The top three data types ranked as at greatest risk in the organization are customer (62%), financial (58%) and payment (54%).
However, existing fraud solutions may be making the problem worse. Zeroing in on those payment risks, respondents cite both stolen customer data (56%) and false declines (53%) as their most significant challenges. The former, they say, is down to increasing fraudster sophistication. This is certainly a problem for many. Scammers are able to leverage tools and technologies to masquerade as legitimate users, emulate devices and automate attacks by testing stolen identities en masse. On average, 29% of responding organizations’ annual online transactions are compromised each year, amounting to around $2.5 million.
But let’s not underestimate the problem of legitimate transactions inaccurately being flagged as fraudulent—often the result of systems featuring multiple verification checks. Over half (56%) of organizations say customer are frequently seeing their transactions declined. In a world where customer loyalty is hard won and easily lost, these experiences could quickly lead to diminished brand value and customer churn, as well as immediate lost sales.
Most organizations acknowledge that digital transformation has made them more vulnerable to fraud. After all, online interactions offer criminals the perfect channel via which to anonymously make purchases and access accounts using stolen or synthetic identities. As a result, most (56%) respondents to the Ponemon study say it is very likely an online fraud attack will occur in the future due to insecure digital transformation.
Yet many are trying to respond with initiatives of their own. Most (64%) have a dedicated team to detect, respond and contain online fraud, with an average of seven sitting members, including four fully dedicated to chargebacks. That’s important, considering an average of 31 hours is spent each month to investigate and respond to chargeback fraud. However, only half claim to be effective at reducing (52%) and investigating (47%) online fraud.
One reason may be a lack of internal data sharing. Although most (60%) organizations say collaboration between fraud and security teams is very important, just a quarter (25%) confirm this has been achieved. Decision-making is still too siloed, despite the obvious synergies between protecting enterprise data and blocking attempts to use stolen data in fraud.
The good news is that plenty of organizations are already on the right track to mitigating many of the challenges highlighted in the report. It starts with committing more resources to the problem. Some effort should also be taken to enhance collaboration between security and fraud teams.
Customer turnover can be minimized by enhancing trust, via steps such as putting in place strict security safeguards for users, being transparent about how sensitive data is used in financial transactions, and regularly assessing online security risks to customers. Prioritizing the protection of customer data will also help to minimize revenue losses.
But how to tackle the challenge of false declines? A good starting point would be to better balance security requirements with business enablement. Currently less than half (46%) of organizations do so, while even fewer (44%) say security strategy is aligned with business initiatives. Efforts to reduce fraud and false decline losses must also include technology enhancements. AI and machine learning are seemingly now considered “essential” by a majority of organizations, especially in helping to find stealthy threats that manage to circumvent traditional defenses. And automation is being used by two-thirds (67%) to optimize fraud protection and authorization rates—reducing false positives for analysts to investigate, and accelerating the time taken to investigate an alert. The latter is particularly needed, given organizations spend 14 days on average to respond to an online fraud incident.
With a smarter, more seamless way to mitigate the risk of data threats, block fraud and reduce false declines, retailers have a great opportunity to carve out advantage in the world. In a business environment where consumers in many regions are reining in spending, no organization wants to see millions wiped off their balance sheet annually due to fraud.
Share your email to receive the latest enterprise updates, top stories, and industry reports.
We use cookies to improve your experience on our site. May we use marketing cookies to show you personalized ads? Manage all cookies