Analysis: Protecting your business from consumers
- 15 May, 2002 09:35
When the specter of fraud on the Internet is raised, it usually is done so from the consumer perspective; that is, with an eye towards unscrupulous operators who sell shoddy goods, steal credit card numbers, and generally do a disservice to everyone they become involved with. However, an even bigger problem than fraudulent Internet commerce sites exists -- fraudulent consumers.
When I finally found my way out of the Haight-Ashbury, my hair was about a foot and a half longer than it is now and most of my face was covered with hair. When I went into a store and tried to pay for something with a credit card, I would get a serious look-over by the clerk before the manager would be called over, who would then make several phone calls before motioning for the security guard. They would rigorously go over several pieces of identification, make photocopies of them, make me sign my name in front of them, and then compare the signature to the back of the Visa card, run a criminal check, try to remember whether they had seen my face on "Ten Most Wanted" the other night, and would finally allow me to use my credit card.
Merchants tend to be quite vigilant about verifying our identity when you walk into a store and use a credit card, but is the same due diligence carried out when a consumer places an order online? It should be at least the same, if not more. Defrauding a merchant over the Internet is much easier than it is in person, and, in fact, it is done a lot more than you would think. Expedia.com reported $4-6 million for losses in the third quarter alone as a result of fraudulent credit card purchases made on its web site.
In the world of Internet commerce, merchants are responsible for 100% of the risk in a fraudulent transaction. In addition, there is a more sophisticated class of Internet criminals out there who are bilking merchants out of millions of dollars. According to Gartner Group, fraud is 19 times higher for online transactions than in-person transactions.
Your e-commerce enterprise can avoid being a victim by implementing some basic best practices and a little technology. This may involve something as simple as verifying that the address provided by the buyer matches the address on record with the issuing bank, avoiding fraud where a consumer buys something with a stolen card, then has it shipped to a mail drop. Some merchants will not accept orders from Hotmail and other free Web-mail accounts because they are too anonymous. iShopSecure (http://www.ishop.com) has Transact-Secure, a tool that prevents fraud by allowing the merchant to authenticate a purchaser's identity as part of the checkout process. It does this by matching the information provided on the order with information contained in the user's credit report and other government databases.
CyberSource's (http://www.cybersource.com) Internet Fraud Screen calculates the risk associated with a transaction, then returns a score back to you within a few seconds. You can then decide whether or not to fill the order, based on the results.