Over the past few years, e-commerce has made a giant leap forward as a result of digitisation and technological advances in online retail. However, simplifying digital sales for retailers also provides additional opportunities for criminals: fraudsters no longer have to plan each individual case of fraud. Instead, they can use large-scale assets to cause unthinkable damage within seconds.
Billions of sales are at stake worldwide
In our guide, we explain how to understand the mechanisms of online fraud, how to detect it and the countermeasures you can take to protect your business.
E-commerce fraud – understanding the legal situation and organised fraud
According to legal definition, fraud offences (regulated by Section 263 of the German Criminal Code) are asset-damaging measures in which the culprit maliciously attempts to attain financial or physical assets for their own benefit or the benefit of a third party. Along with theft, fraud is one of the most commonly reported offences of German criminal law.
While cases of e-commerce fraud have until now largely been limited to individual cases, most of which are carried out by petty criminals and people with a strong desire to shop, the situation for online retailers has now changed.
With an increasingly sophisticated infrastructure, organised gangs attempt to attack your business model using large-scale technology.
Examples include the use of sneaker bots (e.g. NikeShoeBot) and other technology, or they use professional cloud services and resources (e.g. AIO Bot). Most businesses have very little understanding of online fraud methods and, when they do introduce protective measures, fraudsters simply find new techniques. As a result of this arms race, retailers struggle to close these gaps and, by the time they manage to do so, fraudsters have already moved on to the next weak spot.
Even dedicated risk engines offer no universal remedy for protecting your business against online fraud since these also have weak spots.
Issues when using risk engines
Security vs. sales
Configuring a risk engine requires know-how and experience. Incorrectly implemented and configured risk engines can pose a real threat to your e-commerce.
For example, if the risk engine is too relaxed it provides a potential target for fraudsters. If, on the other hand, it is too stringent, many good customers will be deterred.
A risk solution that is too tightly configured can cause just as much harm in the form of sales losses through so-called false positives, which is a very critical issue when assessing potential risk.
Lack of know-how and resources
Analyses, information technology and data processing for correctly setting up risk policies require more effort and expertise than many online retailers are able to personally or financially manage apart from their core business. Providers of risk solutions, on the other hand, generally have the necessary expertise but insufficient resources to properly protect all customers.
Without the right know-how, understanding of suitable tactics and a balanced combination of risk and manual review, it is difficult for businesses to prevent online fraud. Even just changing to a new risk solution provider or the initial risk setup can result in serious damage. One of our potential clients lost earnings in the double-digit millions due to incorrectly introducing machine learning to risk management.
Incorrect configurations, poorly trained personnel – it doesn’t take any more than that to reduce customers instead of risk.
After all, each scenario in which digital mechanisms are not correctly configured can reject genuine customers (false positives), provide confirmation for clever fraudsters or lead to a manual review. For you, this means that you either need to dedicate more finances to manual reviews or suffer major losses due to fraud or a decline in customers.
Understanding risk management in relation to online fraud – anlyx is here to support you
In order to not only understand the risks of online fraud, but also correctly evaluate the drawbacks of risk management, you need expertise on a human and technical level where this precise balance is understood.
After all, your business should not be a target of fraudulent activity any more than your risk engine should prevent real conversions.
We focus on this exact interface with our analytics framework. Our framework analyses patterns of fraud while providing recommendations for improved risk management. We rely primarily on the expertise of online retailers in various sectors to find the best solution for your business.
You can continue to work with your trusted payment providers such as Adyen, Fraudstar, Ravelin, etc. No additional integrations are required for our analyses, allowing us to always find the best solution, regardless of your provider.