Last year’s Black Friday online sales smashed sales records, generating $3 billion with more than $1 billion of sales coming from mobile. This year, over two billion users are likely to purchase at least once using mobile devices. The shift to mobile is driven by younger consumers. The growing trend validates companies’ efforts and investments in building mobile-ready online stores. However, dangers loom as merchants are scrambling to meet the demands of the threat posed by mobile fraud.
The blind spot
Plenty of attention has been given to improving customer experience for mobile. Ecommerce development has been largely focused on design and performance for the past years. The often-cited Google study on mobile speed warns about the consequences of slow-loading websites. Experts have also compiled mobile user experience (UX) best practices that promise to deliver better conversions.
However, this preoccupation with performance and UX improvements may be putting other aspects of ecommerce like security and fraud prevention on the backseat. A new mobile ecommerce fraud report by fraud prevention platform Riskified reveals that merchants should start to pay attention to fraud prevention as mobile sales increase.
Behaviors that are used as flags to aid fraud prevention for desktops may not fully be applicable for the mobile experience. Ninety percent of merchants are reported to use the same fraud prevention tools across channels. This may be creating a major blind spot that could allow mobile ecommerce fraud to thrive if left unchecked.
Spotting shady behavior
In the report, Riskified identified certain behaviors unique to mobile fraud.
Mobile ecommerce is generally found to carry less risk compared to desktops since the majority of big ticket item transactions, such as buying pricier consumer electronics and booking travel, are still done on desktops. Merchants can safely approve 95 percent of purchases versus 90 percent for desktop transactions.
The risk comes in with mobile orders for digital goods. The numbers reveal that fraud attempts in mobile are four times higher for digital goods compared to physical goods. The fraud rate for mobile purchases of gift cards is almost double compared to orders made on desktops.
Time also appears to be a factor in determining fraud attempts. Fraudulent transactions also happen mostly after midnight towards the early hours of the morning, since fraudsters believe that they can one-up merchants who rely on manual reviews.
The number of items in the cart is often an indicator of fraud. On desktops, single items are usually a flag for risk. However, with mobile, 95 percent of orders with five items or less can be safely approved since most mobile users often go for basic purchases.
Other fraudster quirks include not being concerned with promo codes, using proxy servers and not using OS-preferred browsers for their mobile device.
Why fraud can be a business killer
Needless to say, fraud is a real threat to businesses. Most of ecommerce fraud is card not present (CNP) fraud where stolen credit card details are used to make purchases.
Credit card owners have a level of security to protect them from such charges since they can file a chargeback claim. Merchants, however, are the ones left with all the exposure. Chargebacks mean that merchants have to send the money back while also absorbing transaction fees. Worse, they have little to no chance of recovering the goods once shipped to fraudsters. Card companies often decide in favor of the customer and merchants even have to pay another fee to contest.
The payment processing fees, shipping fees, lost sales and lost products could all add up to a sizable sum. For small businesses, such losses could determine the sustainability of the venture.
The threat of fraud may even intensify, since online privacy protection laws were recently repealed. Internet service providers are now free to sell users’ web histories without permission. While such data is valuable to marketers for use in targeted ads, such information can be used by fraudsters to piece together profiles and steal identities if the data gets leaked.
Safeguarding against mobile fraud
So what should merchants do to safeguard themselves from fraud and dreaded chargebacks? Here are some ideas on how to prevent mobile ecommerce fraud:
Be vigilant in processing orders. It is prudent to pay attention to the details of each order when fulfilling them. Merchants should put in place their own fraud prevention measures. The telltale signs of fraudulent behavior could be used to create an evaluation checklist when processing orders.
Use tools. Methods such as address verification and card security verification can also be used to further validate transactions. An internal record could also be created that logs known fraudulent accounts and activities to further guide reviews in the future.
Avail of automated fraud prevention services. There are challenges to doing fraud prevention in-house and manually. Verifying customers and orders can be laborious and is a task that can take key people or even business owners away from other possibly more productive tasks. In addition, customers who get falsely flagged or denied are less likely to repeat a purchase since most would count the incident as bad customer experience. Availing of a fraud prevention service could help merchants achieve a more accurate safe approval rate since these services have more comprehensive methods of determining safe transactions.
As the percentage of mobile purchases grows, so is the possibility of fraud. Now that mobile-readiness is all but standard, merchants should shift their focus more on security and improving their capability to protect both their customers and themselves from risks.