Tag: e-commerce

Online fraud has increased exponentially over the past few years, with the Federal Trade Commission (FTC) data showing that consumers reported losing more than $10 billion to fraud in 2023. This marks the first time that fraud losses have reached that benchmark, and it’s a 14% increase over reported losses in 2022. As a result, e-commerce merchants and retailers have reacted by adding friction to e-commerce interactions.   The risk is that a legitimate user may be denied a purchase because they have incorrectly been labeled a fraudster — a “false decline.” Now, as the holiday shopping season approaches, e-commerce merchants expect a surge in online spending and transactions, which in turn creates concern for an uptick in false declines.   In a recent webinar, Experian experts Senior Vice President of Business Development and eCommerce Dave Tiezzi and Senior Director of Product Management Jose Pallares explored strategies for how e-commerce merchants can determine the risk level of a transaction and ensure that they do not miss out on genuine purchases and good customers. Below are a few key perspectives from our speakers:  What are the biggest challenges posed by online card transactions?  DT: One of the biggest issues merchants face is false declines. In the report, The E-Commerce Fraud Enigma: The Quest to Maximize Revenue While Minimizing Fraud Experian and Aite-Novarica Group (now Datos Insights) found that 1.16% of all sales are unnecessarily rejected by merchants. While this percentage may seem small, it represents significant revenue loss during the high-volume holiday shopping season. The report also highlights that 16% of all attempted online transactions encounter some form of friction due to suspected fraud. Alarmingly, 70% of that friction is unnecessary, meaning it’s not preventing fraud but instead disrupting the purchasing process for legitimate customers. This friction translates into a poor online shopping experience, often resulting in cart abandonment, lost sales and a decline in customer loyalty.  What are the key consumer trends and expectations for the upcoming holiday season?  DT: Experian's 2024 Holiday Spending Trends and Insights Report reveals that while 35% of holiday shopping in 2023 occurred in December, peaking at 9% the week before Christmas, Cyber Week in November also represented 8% of total holiday sales. This highlights the importance for merchants to be prepared well before the holiday rush begins in November and extends through December. As they gear up for this high-volume season, merchants must also prioritize meeting consumer expectations for speed, ease and security—which are top-of-mind for consumers. According to our 2024 U.S. Identity & Fraud Report, 63% of consumers consider it extremely or very important for businesses to recognize them online, while 81% say they’re more trusting of businesses that can accomplish easy and accurate identification. They’re also wary of fraud, ranking identity theft (84%) and stolen credit card information (80%) as their top online security concerns. Considering these trends, it’s important for merchants to ensure seamless and secure transactions this holiday season.   False declines are a persistent problem for e-commerce merchants, especially during the holidays. How can merchants minimize these declines while protecting consumers from fraud? What best practices can merchants adopt to address these risks?  JP: False declines often result from overly cautious fraud detection systems that flag legitimate transactions as suspicious. While it’s essential to prevent fraud, turning away legitimate customers can severely impact both revenue and customer satisfaction. To minimize false declines, merchants should leverage advanced fraud prevention tools that combine multiple data points and behavioral insights. This approach goes beyond basic fraud detection by using attributes such as customer behavior, transaction patterns and real-time data analysis. Solutions incorporating NeuroID’s behavioral analytics and signals can also better assess whether a transaction is genuine based on the user’s interaction patterns, helping merchants filter out bad actors and make more informed decisions without disrupting the customer experience. What actionable strategies should e-commerce brands or merchants implement now to reduce cart abandonment and ensure a successful holiday season?  JP: One of the most effective tools we offer is Experian Link™, a credit card owner verification solution designed to reduce false declines while protecting against fraud. Experian Link helps e-commerce merchants and additional retailers accurately assess transaction risk by answering a key question: Does this consumer own the credit card they presented for payment? This ensures that legitimate customers aren’t mistakenly turned away while suspicious transactions are properly flagged for further review. By adopting a multilayered identity and fraud prevention strategy, merchants can significantly reduce false declines, offer a frictionless checkout experience and maintain robust fraud defenses—all of which are essential for a successful holiday shopping season.   Are there any examples of a retailer successfully leveraging credit card owner verification solutions? What were the results?  JP: Yes. We recently partnered with a leading U.S. retailer with a significant online presence. Their primary goals were to reduce customer friction, increase conversion and identify their customers accurately. By leveraging Experian Link and its positive signals, the retailer could refine, test and optimize their auto-approval strategies. As a result, the retailer saw an additional $8 million in monthly revenue from transactions that would have otherwise been declined. They also achieved a 10% increase in auto-approvals, reducing operating expenses and customer friction. By streamlining backend processes, they delivered a more seamless shopping experience for their customers.   Stay ahead this holiday season  For more expert insights on boosting conversions and enhancing customer loyalty, watch our on-demand webinar, Friction-Free Festivities: Strategies to Maximize Conversion and Reduce False Declines, hosted by the Merchant Risk Council (MRC). Additionally, visit us online to learn more about how Experian Link can transform your business strategy. Watch on-demand webinar Visit us The webinar is available to MRC members. If you’re already a member, you can access this resource here. Not a member? Our team would be happy to schedule a demo on Experian Link and discuss strategies to help your business grow. Get in touch today. 

Experian’s own Chris Ryan and Bobbie Paul recently joined David Mattei from Aite to discuss the latest research and insights into emerging fraud schemes and how businesses can combat them in light of COVID-19 and the resulting economic changes. Between them, Chris, Bobbie, and David have more than 60 years of experience in the world of fraud prevention. Listen in as they discuss how businesses can shape their fraud prevention plan in the short term, including: The impacts of the health crisis and physical distancing The rise of e-commerce and consumer digital engagement Changes in criminal activity Fraud attack vectors 2020 fraud loss projections Critical next steps for the 30-60 day time frame Experian · Make Your Fraud Plan Recession-Ready: 2020 Fraud Trends

With 16.7 million reported victims of identity fraud in 2017 (that’s 6.64 percent of the U.S. population), it was another record year for the number of fraud victims. And as online and mobile transaction growth continued to significantly outpace brick-and-mortar growth, criminal attacks also grew rapidly. This past year, we saw an increase of more than 30 percent in e-commerce fraud attacks compared with 2016. As we’ve done over the past three years, Experian® analyzed millions of online transactions to identify fraud attack rates for both shipping and billing locations across the United States. We looked at several data points, including geography and IP address, to help businesses better understand how and where fraud is being perpetrated so they can better protect against it. The 2017 e-commerce fraud attack rate analysis shows: Delaware and Oregon continue to be the riskiest states for both billing and shipping fraud. Delaware; Oregon; Washington, D.C.; Florida; and Georgia are the top five riskiest states for billing fraud. Delaware, Oregon, Florida, New York and California are the top five riskiest states for shipping fraud, accounting for 50 percent of total fraud attacks. South El Monte, Calif., is the riskiest city overall, with an increase in shipping fraud of approximately 230 percent. Shipping fraud most often occurs near major airports and seaports due to reshippers and freight forwarders that receive domestic goods and often send them overseas. When a transaction originates from an international IP address, shipping fraud is 6.7 times likelier than the average, while billing fraud becomes 7.1 times likelier. Where is e-commerce fraud happening? Typically, the highest-risk areas for fraud are in ZIP™ codes and cities near large ports of entry or airports. These are ideal locations to reship fraudulent merchandise, enabling criminals to move stolen goods more effectively. Top 10 riskiest billing ZIP™ codes   Top 10 riskiest shipping ZIP™ codes 97252 Portland, OR 97079 Beaverton, OR 33198 Miami, FL 33122 Miami, FL 33166 Miami, FL 91733 South El Monte, CA 33122 Miami, FL 97251 Portland, OR 77060 Houston, TX 97250 Portland, OR 33195 Miami, FL 33166 Miami, FL 97250 Portland, OR 97252 Portland, OR 97251 Portland, OR 33198 Miami, FL 33191 Miami, FL 33195 Miami, FL 97253 Portland, OR 33192 Miami, FL Source: Experian.com Source: Experian.com     What’s more, many of the riskiest ZIP™ codes and cities experience a high volume of transactions originating from international IP addresses. In fact, the top 10 riskiest ZIP codes overall tend to experience fraudulent activity from numerous countries overseas, including China, Venezuela, Taiwan and Hong Kong, and Argentina. These fraudsters tend to implement complex fraud schemes that can cost businesses millions of dollars in fraud losses. Additionally, the analysis shows that traffic coming from a proxy server — which could originate from domestic and international IP addresses — is 74 times riskier than the average transaction. The problem The increase in e-commerce fraud attacks shouldn’t come as a huge surprise. The uptick in data breaches, merchants’ continued adoption of EMV-enabled terminals to protect against counterfeit card fraud and the abundance of consumer data on the dark web means that information is even more accessible to criminals. This enables them to open fraudulent accounts, take over legitimate accounts and submit fraudulent transactions. Another reason for the increase is automation. In the past, criminals needed a strong understanding of fraud methods and technology, but they can now bring down an entire organization by simply downloading a file and automating the submission of thousands of applications or transactions simultaneously. Since fraudsters need to make these transactions appear as normal as possible, they often leverage the cardholder’s actual billing details with slight differences, such as e-mail address or shipping location. Unfortunately, the mass availability of compromised data and the abundance of fraudsters makes it increasingly challenging to identify and separate legitimate customers from attackers across the country. Because of the widespread prevalence of fraud and data compromises, we don’t see billing fraud concentrated in just one region of the country. In fact, the top five states for billing fraud make up only about 18 percent of overall fraud attacks.   Top 5 riskiest billing fraud states   Top 5 riskiest shipping fraud states State Fraud attack rate State Fraud attack rate Delaware 93.4 Delaware 195.9 Oregon 86.1 Oregon 170.1 Washington, D.C. 46.5 Florida 45.1 Florida 39.2 New York 37.3 Georgia 31.5 California 32.6 Source: Experian.com Source: Experian.com   Prevention and protection need to be the priority As businesses get a better understanding of how and where fraud is perpetrated, they can implement proactive strategies to detect and prevent attacks, as well as protect payment information. While no one single strategy can address the entire scope of fraud, there are advanced data sets and technology — such as device intelligence, behavioral and physical biometrics, document verification and entity resolution — that can help businesses make better fraud decisions.   Fortunately, consumers can also play a major role in safeguarding their information. In addition to regularly checking their credit reports and bank/credit card statements for fraudulent activity, consumers can limit the data they share on social networking sites, where attackers often begin when perpetrating identity fraud.   While we continue to help both organizations and consumers limit their exposure to e-commerce fraud, we anticipate that criminals will attempt more sophisticated fraud schemes. But businesses can stay ahead of the curve. This comes down to having a keen understanding of how fraud is being perpetrated, as well as leveraging data, technology and multiple layered strategies to better recognize legitimate customers and make more precise fraud decisions. View our e-commerce fraud heat map and download the top 100 riskiest ZIP codes in the United States. Experian is a nonexclusive full-service provider licensee of the United States Postal Service®. The following trademark is owned by the United States Postal Service®: ZIP. The price for Experian’s services is not established, controlled or approved by the United States Postal Service.

Since the advent of the internet, our lives have changed drastically for the better. We can perform many of life’s daily activities from the comfort of our own home. According to Aite, in 2016 alone 36 million Americans made some form of mobile payment — paying a bill, purchasing something online, paying for fast food or making a mobile wallet purchase at a retailer. Simply put, the internet has made our lives easier. But with the good also comes the bad. While most consumers have moved to the digital world, so have fraudsters. With minimal risk and high reward at stake, e-commerce fraud attacks have increased dramatically over the last few years, with no signs of slowing down. We recently analyzed millions of transactions from the first half of 2017 to identify fraud attack rates based on billing and shipping addresses and broke down the findings into various geographic trends. Fraud attack rates represent the attempted fraudulent e-commerce transactions against the population of overall e-commerce orders. Consumers living out West and in the South have experienced more than their fair share of fraud. During the first half of 2017, the West and the South were the top two regions for both billing and shipping attacks. While both regions were at the top during the same time last year, the attacks themselves have increased substantially. Given the proximity to seaports and major international airports, this is somewhat unsurprising — particularly for shipping fraud — as many fraudsters will leverage reshippers to transport goods soon after delivery. .dataTb{margin:20px auto;width:100%}.dataTb:after{clear:both}.dataTb table{}.dataTb td,.dataTb th{border:1px solid #ddd;padding:.8em}.dataTb th{background:#F4F4F4}.tbL{float:left;width:49%}.tbR{float:right;width:49%;margin:0 0 0 2%} Shipping: Riskiest Regions Region Attack rate West 38.1 South 32.1 Northeast 27.0 North Central 20.7 Billing: Riskiest Regions Region Attack rate West 37.2 South 32.9 Northeast 27.3 North Central 24.0   At the state level, the top three shipping fraud states remained the same as 2016 — Delaware, Oregon and Florida — but the order changed. Oregon was the most targeted, with a fraud rate of 135.2 basis points, more than triple its rate at in the end of 2016. Though no longer in the top spot, Delaware saw alarming spikes as well, with shipping attack rates nearly triple last year’s rate at 128.6 basis points and billing attacks at 79.6 basis points. .dataTb{margin:20px auto;width:100%}.dataTb:after{clear:both}.dataTb table{}.dataTb td,.dataTb th{border:1px solid #ddd;padding:.8em}.dataTb th{background:#F4F4F4}.tbL{float:left;width:49%}.tbR{float:right;width:49%;margin:0 0 0 2%} Shipping: Riskiest States State Attack rate Oregon 135.2 Delaware 128.2 Florida 57.4 New York 45.0 Nevada 36.9 California 36.9 Georgia 33.5 Washington, D.C 30.8 Texas 29.6 Illinois 29.4 Billing: Riskiest States Region Attack rate Oregon 87.5 Delaware 79.6 Washington, D.C. 63.0 Florida 47.4 Nevada 38.8 California 36.9 Arkansas 36.6 New York 35.5 Vermont 34.2 Georgia 33.4     Diving a bit deeper, ZIPTM codes in Miami, Fla., make up a significant portion of the top 10 ZIP CodeTM lists for shipping and billing attacks — in fact, many of the same ZIP codes appear on both lists. The other ZIP Code that appears on both lists is South El Monte, Calif., which has a high percentage of industrial properties — common targets for fraudsters to ship packages, then reship overseas. You can download the top 100 riskiest Zip Codes in the U.S. for H1 2017. .dataTb{margin:20px auto;width:100%}.dataTb:after{clear:both}.dataTb table{}.dataTb td,.dataTb th{border:1px solid #ddd;padding:.8em}.dataTb th{background:#F4F4F4}.tbL{float:left;width:49%}.tbR{float:right;width:49%;margin:0 0 0 2%} Shipping: Top 10 riskiest ZIP™ Codes ZIP Code Attack rate 33122 [Miami, Fla.] 2409.4 91733 [South El Monte, Calif.] 1655.5 33198 [Miami, Fla.] 1295.2 33166 [Miami, Fla.] 1266.0 33195 [Miami, Fla.] 1037.3 33192 [Miami, Fla.] 893.9 97251 [Portland, Ore.] 890.6 07064 [Port Reading, NJ] 808.9 89423 [Minden, Nev.] 685.5 77072 [Houston, Tex.] 629.3 Billing: Top 10 riskiest ZIP™ Codes ZIP Code Attack rate 77060 [Houston, Tex.] 1337.6 33198 [Miami, Fla.] 1215.6 33122 [Miami, Fla.] 1106.2 33166 [Miami, Fla.] 1037.4 91733 [South El Monte, Calif.] 780.1 33195 [Miami, Fla.] 713.7 97252 [Portland, Ore.] 670.8 33191 [Miami, Fla.] 598.8 33708 [St. Petersburg, Fla.] 563.6 33792 [Miami, Fla.] 493.0   As e-commerce fraud continues to grow, businesses need to be proactive to keep themselves and their customers safe. That means incorporating multiple, layered fraud prevention strategies that work together seamlessly — for example, understanding details about users and their devices, knowing how users interact with the business and evaluating previous transaction history. This level of insight can help businesses distinguish real customers from nefarious ones without impacting the customer experience. While businesses are ultimately responsible for the safety of customers and their data, the onus doesn’t rest solely with them. Consumers should also be vigilant when it comes to protecting their digital identities and payment information. That means creating strong, unique passwords; actively monitoring online accounts; and using two-factor authentication to secure account access. At the end of the day, e-commerce fraud is a challenge that businesses and consumers will experience for the foreseeable future. But rising attack rates don’t have to spell doom and gloom for the industry. E-commerce growth is still extremely strong, as consumers interact through multiple channels (in-store, mobile and web) and expect a personalized experience. Establishing trust and verifying digital identities are key to meeting these latest expectations, which provide new opportunities for businesses and consumers to interact seamlessly and transact securely. With multiple safeguards in place, businesses have a variety of options to protect their customers and their brand reputation.   Experian is a nonexclusive full-service provider licensee of the United States Postal Service®. The following trademarks are owned by the United States Postal Service®: ZIP and ZIP Code. The price for Experian’s services is not established, controlled or approved by the United States Postal Service.

Newest technology doesn’t mean best when it comes to stopping fraud I recently attended the Merchant Risk Conference in Las Vegas, which brings together online merchants and industry vendors including payment service providers and fraud detection solution providers. The conference continues to grow year to year – similar to the fraud and risk challenges within the industry. In fact, we just released analysis, that we’ve seen fraud rates spike to 33% in the past year. This year, the exhibit hall was full of new names on the scene – evidence that there is a growing market for controlling risk and fraud in the e-commerce space. I heard from a few merchants at the conference that there were some “cool” new technologies out to help combat fraud. Things like machine learning, selfies and other two-factor authentication tools were all discussed as the latest in the fight against fraud. The problem is, many of these “cool” new technologies aren’t yet efficient enough at identifying and stopping fraud. Cool, yes.  Effective, no.  Sure, you can ask your customer to take a selfie and send it to you for facial recognition scanning. But, can you imagine your mother-in-law trying to manage this process? Machine Learning, while very promising, still has some room to grow in truly identifying fraud while minimizing the false positives. Many of these “anomaly detection” systems look for just that – anomalies. The problem is, we’re fighting motivated and creative fraudsters who are experts at avoiding detection and can beat anomaly detection. I do not doubt that you can stop fraud if you introduce some of these new technologies. The problem is, at what cost? The trick is stopping fraud with efficiency – to stop the fraud and not disrupt the customer experience. Companies, now more than ever, are competing based on customer experience. Adding any amount of friction to the buying process puts your revenue at risk. Consider these tips when evaluating and deploying fraud detection solutions for your online business. Evaluate solutions based on all metrics What is the fraud detection rate? What impact will it have on approvals? What is the false positive rate and impact on investigations? Does the attack rate decline after implementing the solution? Is the process detectable by fraudsters? What friction is introduced to the process? Use all available data at your disposal to make a decision Does the consumer exist? Can we validate the person’s identity? Is the web-session and user-entered data consistent with this consumer? Step up authentication but limit customer friction Is the technology appropriate for your audience (i.e. a selfie, text-messaging, document verification, etc...)? Are you using jargon in your process? In the end, any solution can stop 100% of the fraud – but at what cost. It’s a balance - a balance between detection and friction. Think about customer friction and the impact on customer satisfaction and revenue.

Has the EMV liability shift caused e-commerce fraud to increase 33% in 2016? According to Experian data, CNP fraud increased with Florida, Delaware, Oregon and New York ranked as the riskiest states. Miami accounted for the most fraudulent ZIP™ Codes in the US for shipping and billing fraud.

Experian analyzed millions of e-commerce transactions from the first six months of 2016 to identify the latest fraud attack rates across the United States for both shipping and billing locations. As we approach the one-year anniversary of the EMV liability shift, the 2016 e-commerce fraud attack rates look to be at least 15 percent higher than last year’s total. Experian analyzed millions of e-commerce transactions from the first six months of 2016 to identify the latest fraud attack rates across the United States for both shipping and billing locations. Billing fraud rates are associated with the address of the purchaser. Shipping fraud rates are associated with the address where purchased goods are sent. As we approach the one-year anniversary of the EMV liability shift, the 2016 e-commerce fraud attack rates look to be at least 15 percent higher than last year’s total. E-commerce fraud is often an indicator that other fraud activities have already happened, whether a credit card has been stolen, identity fraud has occurred, or personal credentials have been compromised.

Top states for billing and shipping e-commerce fraud With more than 13 million fraud victims in 2015, assessing where fraud occurs is an important layer of verification for e-commerce. Experian® analyzed millions of e-commerce transactions from 2015 to identify fraud attack rates across the United States. With the switch to chip-enabled credit card transactions and possible growth of card-not-present fraud, online businesses should utilize advanced fraud solutions to monitor their riskiest locations and prevent losses. >> View the Experian map to see 2015 e-commerce attack rates for all states  

2015 data shows where billing and shipping e-commerce fraud attacks occur in the United States Experian e-commerce fraud attacks and rankings now available Does knowing where fraud takes place matter? With more than 13 million fraud victims in 2015,[1] assessing where fraud occurs is an important layer of verification when performing real-time risk assessments for e-commerce. Experian® analyzed millions of e-commerce transactions from 2015 data to identify fraud-attack rates across the United States for both shipping and billing locations. View the Experian map to see 2015 e-commerce attack rates for all states and download the top 100 ZIP CodeTMrankings. “Fraud follows the path of least resistance. With more shipping and billing options available to create a better customer experience, criminals attempt to exploit any added convenience,” said Adam Fingersh, Experian general manager and senior vice president of Fraud & Identity Solutions. “E-commerce fraud is not confined to larger cities since fraudsters can ship items anywhere. With the switch to chip enabled credit card transactions, and possible growth of card-not-present fraud, our fraud solutions help online businesses monitor their riskiest locations to prevent losses both in dollars and reputation in the near term.” For ease of interpretation, billing states are associated with fraud victims (the address of the purchaser) and shipping states are associated with fraudsters (the address where purchased goods are sent). According to the 2015 e-commerce attack rate data: Florida is the overall riskiest state for billing fraud, followed by Delaware; Washington, D.C.; Oregon and California. Delaware is the overall riskiest state for shipping fraud, followed by Oregon, Florida, California and Nevada. Eudora, Kan., has the overall riskiest billing ZIP Code (66025). The next two riskiest ZIPTM codes are located in Miami, Fla. (33178) and Boston, Mass. (02210). South El Monte, Calif., has the overall riskiest shipping ZIP Code (91733). The next four riskiest shipping ZIP codes are all located in Miami. Overall, five of the top 10 riskiest shipping ZIP codes are located in Miami. Defiance, Ohio, has the least risky shipping ZIP Code (43512). The majority of U.S. states are at or below the average attack rate threshold for both shipping and billing fraud, with only seven states — Florida, Oregon, Delaware, California, New York, Georgia and Nevada — and Puerto Rico ranking higher than average. This indicates that attackers are targeting consumers equally in the higher-risk states while leveraging addresses from both higher- and lower-risk states to ship and receive fraudulent merchandise. Many of the higher-risk states are located near a large port-of-entry city, including Miami; Portland, Ore.; and Washington, D.C., perhaps allowing criminals to move stolen goods more effectively. All three cities are ranked among the riskiest cities for both measures of fraud attacks. Neighboring proximity to higher-risk states does not appear to correlate to any additional risk — Pennsylvania and Rhode Island are ranked as two of the lower-risk states for both shipping and billing fraud. Other lower-risk states include Wyoming, South Dakota and West Virginia. Experian analyzed millions of e-commerce transactions to calculate the e-commerce attack rates using “bad transactions” in relation to the total number of transactions for the 2015 calendar year.   View the Experian map to see 2015 e-commerce attack rates for all states and download the top 100 ZIP Code rankings.       [1]According to the February 2016 Javelin study 2016 Identity Fraud: Fraud Hits an Inflection Point.