Fraud Protection Partnership: Five Critical Questions Payment Facilitators Should Be Asking
Scott Nelson, vice president, Marketing, ProPay
Fraud is something you never think about until it happens. Unfortunately, millions of people are finding out firsthand just how frustrating the whole experience can be. Equifax, one of the nation’s largest credit reporting bureaus, revealed Thursday, Sept. 7, that they suffered a massive data breach, compromising the private information of 143 million people — roughly half of the U.S. adult population.
And to make matters worse, 144 million attacks on businesses were detected by ThreatMetrix® from January to April 2017. With fraud attacks of this magnitude, payment facilitators need to start asking themselves the hard questions and consider looking outside their organization for help.
“Cybercriminals are attacking every industry and platform looking for the quick hit,” said Mike Cottrell, VP of sales at ProPay®. “Most companies aren’t taking the necessary security measures to protect themselves from hackers and fraudsters. Generally, payment facilitators ask for help only after the damage has been done.”
Securing the right fraud prevention partner can save thousands in chargebacks, fraud losses and card brand fines.
As a payment facilitator, here are five questions to ask before picking a fraud prevention partner:
1. Will my fraud prevention company create a custom solution that fits my business?
Mobile fraud is increasing in popularity, and if you’re not prepared you may be leaving your organization open to a potential attack. In the beginning of 2017, 47 percent of all attacks were committed via mobile device. Without a custom protection plan, keeping up with the increasing mobile commerce fraud threat could cause enormous problems in the future for your organization.
2. Are they able to identify sub-merchant fraud?
It can be difficult to accurately identify sub-merchant fraud. Hackers are getting better at stealing personal information, and using it to create phony sub-merchant accounts, which can lead to an increase in chargebacks and heavy fraud losses. The best way for payment facilitators to counter these attacks is by adjusting their risk-threshold. But it’s not as easy as it sounds.
If fraud controls in the system are overly sensitive, it could lead to a poor customer experience, rising bounce rates, falling conversion ratios, delayed shipping and loss of mindshare. And if the risk threshold is too passive, you’ve just rung the dinner bell for hackers and fraudsters to feast on your organization. To be better prepared, it’s important to consider partnering with a company that uses many different real-time data points to accurately ID each sub-merchant before joining your network. This will ensure your organization can pinpoint any inconsistency between the sub-merchant’s information and their web behavior.
3. Do they create secure custom web IDs?
Whomever you choose, your partner must be able to create custom web-persona IDs for each user. A web-persona ID is a digital fingerprint that follows you as you surf the web — tracking your purchasing and web behavior from site-to-site. Fraudsters will wipe away their digital fingerprints and impersonate legitimate customers — leaving the system exposed for an attack.
Choose a system that will cross-reference user information with an ample amount of data to ensure detection of hackers and fraudsters. And after a risk is detected, the system must have the capability to alert your fraud analysts immediately — giving them enough time to make a decision on the potential risk.
4. How do they mitigate the risk of chargebacks?
Partner with a company who can share high-level data with your fraud analysts so they can be better prepared to thwart potential attacks. By keeping a keen eye on your monthly number of chargebacks, you will have a better idea of just how frequently you’re being attacked by fraudsters.
5. Can they detect if a hacker is cloaking their IP?
Global e-commerce has made it necessary for businesses to group countries together based on their threat level. Depending on the level of risk, some companies will go as far as declining purchases from these nations altogether. According to ThreatMetrix, businesses saw 70 percent more attacks from Europe than North America in Q2 of 2017. To counterattack your organization’s risk parameters, fraudsters bounce and cloak their IP addresses to less risky countries. This gives them access to your network so they can start defrauding you and your sub-merchants.
Cybercriminals aren’t going away anytime soon. Partner with an organization that understands payment facilitation and has the tools to protect your business from hackers. Don’t wait until fraud impacts your bottom line; do something about it now.