Omnichannel Payment Fraud Prevention
Omnichannel retail lets brick-and-mortar retailers expand their reach and meet customers where they prefer to shop—an approach that often leads to increased satisfaction and sales. However, new channels may also introduce new vulnerabilities, underscoring the importance of payment fraud prevention for omnichannel merchants.
According to TransUnion, an 80% increase in digital transactions from 2019 to 2022 resulted in 80% growth in suspected digital fraud attempts globally. Thankfully, there are steps you can take to leverage the upside of omnichannel retail while also mitigating risk.
Common types of e-commerce fraud
According to the US government's Cybersecurity & Infrastructure Security Agency, 47% of American adults have had personal data exposed by cybercriminals. Paired with increasingly sophisticated technology, this has led to a rise in online credit card fraud. As a result, Juniper Research predicts that merchant losses will exceed $362 billion globally between 2023 and 2028.
As with any type of payment fraud, e-commerce fraud is constantly evolving—underscoring the importance of preventing omnichannel fraud. This makes understanding the most common scams and how they work an essential first step.
Card testing attacks
Today, consumer credit card information is increasingly stolen through data breaches and sold to criminals on the dark web, often in the form of long lists. To determine which credit cards are still active, criminals will make a small purchase using each credit card number, typically with the help of bots. During these attacks, a merchant may get hit with hundreds if not thousands of fraudulent transactions, and the associated transaction fees can add up fast.
Card-not-present fraud
Sometimes referred to as CNP fraud, card-not-present fraud accounts for almost 75% of fraudulent transactions. As the name suggests, criminals use stolen credit card information to perpetrate payment fraud, and purchases are typically made online or over the phone.
CNP fraud can be very costly for merchants. In a 2022 report, LexisNexis Risk Solutions estimated that every $1 in CNP fraud costs a merchant $3.75. While requiring shoppers to verify their billing address and CVV number may stop a portion of CNP fraud, criminals who have obtained consumer credit card information through a data breach may already have access to this information.
In-store pickup scams
Sometimes known as buy online, pick up in-store, or BOPIS fraud, this scam targets retailers that offer in-store or curbside pickup. One common tactic involves cancelling an online order after it's fulfilled. The criminal will proceed to pick up the order, banking on the hope that the cancellation goes unnoticed.
In other cases, criminals will look for retailers that don't require customers to provide a billing address when inputting credit card information for in-store pickup. This makes it easier for criminals who have a credit card number but lack other information typically required to make a purchase.
Loyalty program fraud
Loyalty program fraud takes several forms. In some cases, criminals may hack into customers' accounts and use their rewards points to make purchases. In other cases, scammers may create bogus accounts and make numerous purchases using stolen credit card information to rack up loyalty points.
Return fraud
Also known as buy online, return in-store, or BORIS fraud, this involves a scammer using stolen card information to make a purchase online. Once they receive the item in the mail, they initiate a return in a store and ask to be refunded in cash or store credit.
Some brazen scammers will take it further. Instead of bringing in the item they received, they'll enter the store empty-handed, grab the same item off the shelf and use their receipt to ask for a return—effectively defrauding the merchant twice.
Payment fraud prevention
When it comes to payment fraud detection, the right technology can serve as your first line of defense. Be sure to take advantage of any identity verification technology available through your merchant services provider, as well as any additional safeguards like multifactor authentication.
Instead of using a payment app or money transfer platform to process online payments, consider an integrated point-of-sale, or POS, solution. This ensures that your online payment system includes the same level of protection and encryption as your standard POS terminal, while also providing customers with a unified experience across all touchpoints.
Also be sure to implement best practices and policies to reduce the risk of payment fraud. The following list is a helpful starting point.
- Require customers to verify their CVV code and credit card billing address when making purchases online.
- Implement strict policies for returns and refunds. This may include requiring customers to show an ID and only processing refunds to the original payment method.
- If you offer in-store pickup, require customers to present the original payment method in person to help deter would-be fraudsters.
- Keep a close eye on your e-commerce channels. Look for signs of online credit card fraud, such as higher-than-usual order volumes, small-value orders, unusual IP locations or repeated declined transactions.
- Enable CAPTCHA tests or require customers to have an online account to complete a purchase to deter coordinated card testing attacks.
- If you offer an online loyalty program, partner with a merchant services provider that uses multifactor authentication like texts or email codes to help protect customers.
- Stay extra alert during peak shopping seasons.
The bottom line
Today's consumers increasingly expect retailers to provide them with an omnichannel retail experience. By taking steps to prevent online credit card fraud and partnering with an experienced merchant services provider, you can reduce the risk associated with omnichannel retail while leveraging its upside.