Tag: ecommerce fraud

E-commerce is booming. Global online sales continue to rise with forecasts predicting growth to $7.89 trillion by 2028. Unfortunately, with any lucrative market comes fraudulent activity. As e-commerce grows by leaps and bounds, so do fraud incidents. E-commerce fraud is defined as any illegal or deceptive activity conducted during an online transaction with the intent to steal money, goods or sensitive information. As digital shopping flourishes, the tactics criminals use to exploit vulnerabilities in payment systems, customer accounts and merchant operations is rapidly expanding. According to Experian’s tenth annual Identity & Fraud Report, nearly 60% of U.S. businesses reported higher fraud losses in 2025, driven by more sophisticated attacks and legacy security gaps. The same report highlighted the damage from e-commerce fraud goes beyond the loss of revenue, directly impacting consumer trust. The survey found that only 13% of consumers feel fully secure opening new accounts. Chief amongst their concerns, 68% of consumer worry about identity theft, while 61% are fearful of stolen credit card data. The constant threat of e-commerce fraud has placed tremendous pressure on merchants and retailers to take robust steps in mitigating these attacks. In addition to protecting the bottom line, such measures are essential to earning consumer trust. According to Experian’s merchant-focused edition of our Identity & Fraud Report, consumers consistently perceive physical and behavioral biometrics tools as the most secure authentication methods — yet merchants are slow to adopt them. This gap highlights a key opportunity for businesses to strengthen security practices and build trust without adding friction to the user experience. After all, 74% of consumers say security is the most important factor when deciding to engage with a business.3 E-commerce fraud comes in many shapes and sizes E-commerce fraud is an umbrella term for a variety of attacks that target merchants and retailers. Amongst these is chargeback fraud, which occurs when a customer makes a legitimate purchase and then falsely disputes the charge with their credit card issuer, claiming the item never arrived or the transaction was unauthorized. The merchant loses both the product and the payment. Another is account takeover fraud, which happens when cybercriminals gain access to a customer’s online account, often through stolen login credentials, and use it to make unauthorized purchases, change shipping details or withdraw loyalty points. In card-not-present (CNP) fraud, attackers use stolen credit card information to make purchases online or by phone, where the physical card isn’t required. Because identity verification is limited, merchants bear the financial losses. This type of fraud includes BIN attacks, targeting the Bank Identification Number (BIN) on a credit or debit card that identifies the issuing financial institution. The goal of a BIN attack is to discover valid card numbers that can be used for fraudulent transactions. There are also refund fraud attacks, which involve scammers exploiting return or refund policies — such as claiming an item didn’t arrive or sending back a different or counterfeit product for reimbursement. Together, different forms of e-commerce fraud cost businesses billions annually, demanding strong fraud detection, authentication and monitoring systems to combat them. E-commerce fraud prevention should be a priority for every merchant and retailer. E-commerce fraud prevention: Ways merchants can fight back Merchants report the highest rates of new account fraud, yet it ranks just 15th among their active investments for 2025. While fraudsters continue to find new and innovative ways to attack, merchants and retailers can better prepare by following industry best practices in e-commerce fraud prevention: Chargeback fraud: When it comes to preventing and managing chargeback fraud, merchants should ensure customers are fully aware of return and refund policies. Utilize Address Verification Services (AVS) and Card Verification Value (CVV2) verification for online and over-the-phone transactions to establish the validity of a purchase. Keeping meticulous records of all transactions can serve as compelling evidence to defend the transaction. Leverage advanced fraud detection tools, such as tokenization and machine learning and AI fraud detection solutions that flag potentially fraudulent transactions and detect suspicious spending patterns and anomalies. Account takeover fraud: Merchants can minimize the risk of account takeover fraud using holistic, risk-based identity and device authentication, as well as behavioral analytics or targeted, knowledge-based authentication. End-to-end fraud management solutions can help reduce manual processes and remove the risk of information silos. Card-not-present fraud: Mitigating the risk of CNP fraud can be accomplished by implementing additional security measures at the time of transaction. These can include requiring verification information, such as a CVV code or a billing zip code to further authenticate the card holder’s identity. Advanced e-commerce fraud prevention tools To stay ahead of the fraudsters, merchants and retailers should take a multilayered approach to e-commerce fraud prevention that takes advantage of the latest, most advanced tools.  At Experian®, we offer innovative fraud management solutions that provide the right level of security without causing customer friction. Three advanced e-commerce fraud prevention tools that every merchant should have in their arsenal include: Experian LinkTM: This tool enhances credit card authentication by linking the payment instrument with the digital identity presented for payment. Experian Link enables merchants to quickly and accurately identify legitimate customers to reduce friction and increase acceptance rates, reduce operation costs by preventing fraudulent credit card use, make better risk decisions to protect legitimate customers, limit false declines and identify potential fraudsters. Behavioral analytics: With the growth of AI, fraudsters can now replicate static data, but mimicking human behavior remains challenging. Behavioral analytics detects subtle interaction patterns that are extremely difficult for GenAI-driven fraudsters, including fraud rings and next-generation fraud bots, to replicate. Powered by NeuroID, our behavioral analytics capabilities help organizations proactively mitigate fraud, reduce false positives and streamline risk detection, ultimately creating a secure and frictionless experience for trustworthy users — while locking out fraudsters earlier. Precise ID®: This advanced tool enables businesses to pursue growth confidently by providing robust, real-time identity verification, as well as the ability to accurately identify a wide range of fraud risks including identity theft, synthetic identity and first-party fraud, along with tools that facilitate confirmation when risks are detected. The threat of fraud never stops   Merchants and retailers are under a constant and unrelenting threat of attacks by fraudsters. Vigilance is required to protect the customer experience and the bottom line. Fortunately, innovative tools are leveling the playing field, offering much needed e-commerce fraud protection. To learn how Experian can help you combat fraud and meet consumers’ demands for trust and privacy, explore our best-in-class fraud management solutions and download our latest report on closing the trust gap in e-commerce. Explore our solutions Download report

Fraud never sleeps, and neither do the experts working to stop it. That’s why we’re back with episode two of Meet the Maker, our video series spotlighting the brilliant minds behind Experian’s cutting-edge fraud solutions. In this episode, Nash Ali, Head of Operational Strategy, and Dave Tiezzi, Senior Vice President of Payments and New Markets, share how the power of NeuroID’s behavioral analytics and device and network intelligence, combined with Experian Link’s credit card owner verification, helps e-commerce merchants combat key fraud threats, while providing a seamless checkout experience. With decades of experience in payments and fraud, these fraud-fighting experts know exactly what it takes to stop fraud, minimize friction, and reduce chargebacks so e-commerce merchants can protect the most crucial stage of the buying process. Watch now for an exclusive look at the minds shaping the future of fraud prevention.  Interested in learning more about our fraud management solutions? Watch previous episode Learn more

Online fraud has increased exponentially over the past few years, with the Federal Trade Commission (FTC) data showing that consumers reported losing more than $10 billion to fraud in 2023. This marks the first time that fraud losses have reached that benchmark, and it’s a 14% increase over reported losses in 2022. As a result, e-commerce merchants and retailers have reacted by adding friction to e-commerce interactions.   The risk is that a legitimate user may be denied a purchase because they have incorrectly been labeled a fraudster — a “false decline.” Now, as the holiday shopping season approaches, e-commerce merchants expect a surge in online spending and transactions, which in turn creates concern for an uptick in false declines.   In a recent webinar, Experian experts Senior Vice President of Business Development and eCommerce Dave Tiezzi and Senior Director of Product Management Jose Pallares explored strategies for how e-commerce merchants can determine the risk level of a transaction and ensure that they do not miss out on genuine purchases and good customers. Below are a few key perspectives from our speakers:  What are the biggest challenges posed by online card transactions?  DT: One of the biggest issues merchants face is false declines. In the report, The E-Commerce Fraud Enigma: The Quest to Maximize Revenue While Minimizing Fraud Experian and Aite-Novarica Group (now Datos Insights) found that 1.16% of all sales are unnecessarily rejected by merchants. While this percentage may seem small, it represents significant revenue loss during the high-volume holiday shopping season. The report also highlights that 16% of all attempted online transactions encounter some form of friction due to suspected fraud. Alarmingly, 70% of that friction is unnecessary, meaning it’s not preventing fraud but instead disrupting the purchasing process for legitimate customers. This friction translates into a poor online shopping experience, often resulting in cart abandonment, lost sales and a decline in customer loyalty.  What are the key consumer trends and expectations for the upcoming holiday season?  DT: Experian's 2024 Holiday Spending Trends and Insights Report reveals that while 35% of holiday shopping in 2023 occurred in December, peaking at 9% the week before Christmas, Cyber Week in November also represented 8% of total holiday sales. This highlights the importance for merchants to be prepared well before the holiday rush begins in November and extends through December. As they gear up for this high-volume season, merchants must also prioritize meeting consumer expectations for speed, ease and security—which are top-of-mind for consumers. According to our 2024 U.S. Identity & Fraud Report, 63% of consumers consider it extremely or very important for businesses to recognize them online, while 81% say they’re more trusting of businesses that can accomplish easy and accurate identification. They’re also wary of fraud, ranking identity theft (84%) and stolen credit card information (80%) as their top online security concerns. Considering these trends, it’s important for merchants to ensure seamless and secure transactions this holiday season.   False declines are a persistent problem for e-commerce merchants, especially during the holidays. How can merchants minimize these declines while protecting consumers from fraud? What best practices can merchants adopt to address these risks?  JP: False declines often result from overly cautious fraud detection systems that flag legitimate transactions as suspicious. While it’s essential to prevent fraud, turning away legitimate customers can severely impact both revenue and customer satisfaction. To minimize false declines, merchants should leverage advanced fraud prevention tools that combine multiple data points and behavioral insights. This approach goes beyond basic fraud detection by using attributes such as customer behavior, transaction patterns and real-time data analysis. Solutions incorporating NeuroID’s behavioral analytics and signals can also better assess whether a transaction is genuine based on the user’s interaction patterns, helping merchants filter out bad actors and make more informed decisions without disrupting the customer experience. What actionable strategies should e-commerce brands or merchants implement now to reduce cart abandonment and ensure a successful holiday season?  JP: One of the most effective tools we offer is Experian Link™, a credit card owner verification solution designed to reduce false declines while protecting against fraud. Experian Link helps e-commerce merchants and additional retailers accurately assess transaction risk by answering a key question: Does this consumer own the credit card they presented for payment? This ensures that legitimate customers aren’t mistakenly turned away while suspicious transactions are properly flagged for further review. By adopting a multilayered identity and fraud prevention strategy, merchants can significantly reduce false declines, offer a frictionless checkout experience and maintain robust fraud defenses—all of which are essential for a successful holiday shopping season.   Are there any examples of a retailer successfully leveraging credit card owner verification solutions? What were the results?  JP: Yes. We recently partnered with a leading U.S. retailer with a significant online presence. Their primary goals were to reduce customer friction, increase conversion and identify their customers accurately. By leveraging Experian Link and its positive signals, the retailer could refine, test and optimize their auto-approval strategies. As a result, the retailer saw an additional $8 million in monthly revenue from transactions that would have otherwise been declined. They also achieved a 10% increase in auto-approvals, reducing operating expenses and customer friction. By streamlining backend processes, they delivered a more seamless shopping experience for their customers.   Stay ahead this holiday season  For more expert insights on boosting conversions and enhancing customer loyalty, watch our on-demand webinar, Friction-Free Festivities: Strategies to Maximize Conversion and Reduce False Declines, hosted by the Merchant Risk Council (MRC). Additionally, visit us online to learn more about how Experian Link can transform your business strategy. Watch on-demand webinar Visit us The webinar is available to MRC members. If you’re already a member, you can access this resource here. Not a member? Our team would be happy to schedule a demo on Experian Link and discuss strategies to help your business grow. Get in touch today. 

E-commerce digital transactions are rapidly increasing with global ecommerce sales forecast to grow to $7.89 trillion by 2028. While in-store shopping still earns more sales dollars than online shopping, consumers spent more than 18% of total average retail spend from e-commerce during the first half of 2025. Additionally, mobile technology and AI are major drivers of ecommerce growth, with mobile phones accounting for 77% of ecommerce website visits, and nearly 60% of U.S. shoppers turning to AI engines for help, even when online stores embed generative AI tools ton their websites. As a result, opportunities for fraudsters to exploit businesses and consumers for monetary gain are reaching high levels. Businesses must be aware of the risks associated with card not present (CNP) fraud and take steps to protect themselves and their customers. What is card not present fraud? CNP fraud occurs when a criminal uses a stolen or compromised credit card to make a purchase online, over the phone, or through some other means where the card is not physically present at the time of the transaction. This type of fraud can be particularly difficult to detect and prevent, as it relies on the use of stolen card information rather than the physical card itself. CNP fraud can yield significant losses for businesses — these attacks are estimated to reach a staggering $28 billion in losses by 2026. Many have adopted various fraud prevention and identity resolution and verification tools to better manage risk and prevent fraud losses. Since much of the success or failure of e-commerce depends on how easy merchants make it for consumers to complete a transaction, incorporating CNP fraud prevention and identity verification tools in the checkout process should not come at the expense of completing transactions for legitimate customers. What do we mean by that? Let’s look at false declines. What is a false decline? False declines occur when legitimate transactions are mistakenly declined due to the business's fraud detection system incorrectly flagging the transaction as potentially fraudulent. This can not only be frustrating for cardholders, but also for merchants. Businesses may lose the sale and also be on the hook for any charges that result from the fraudulent activity. They can also result in damage to the business's reputation with customers. In either case, it is important for businesses to have measures in place to mitigate the risks of both. How can online businesses increase sales without compromising their fraud defense? One way to mitigate the risk of CNP fraud is to implement additional security measures at the time of transaction. This can include requiring additional verification information, such as a CVV code or a billing zip code to further authenticate the card holder’s identity. These measures can help to reduce the risk of CNP fraud by making it more difficult for fraudsters to complete a transaction. Machine learning algorithms can help analyze transaction data and identify patterns indicating fraudulent activity. These algorithms can be trained on historical data to learn what types of transactions are more likely to be fraudulent and then be used to flag potentially fraudulent transactions before it occurs. Businesses require data and technology that raise confidence in a shopper’s identity. Currently, the data merchants receive to approve transactions is not enough. A credit card owner verification solution like Experian Link fills this gap by enabling online businesses to augment their real-time decisions with data that links customer identity to the credit card being presented for payment to help verify the legitimacy of a transaction. Using Experian Link, businesses can link names, addresses and other identity markers to the customer’s credit card. The additional data enables better decisions, increased sales, decreased costs, a better buyer experience and better fraud detection. Get started with Experian Link™ - our frictionless credit card owner verification solution. Learn more

Pre COVID-19, operations functions for retailers and financial institutions had not typically consisted of a remote (stay at home) workforce. Some organizations were better prepared than others, but there is a firm belief that retail and banking have changed for good as a result of the pandemic and resulting economic and workforce shifts. Market trends and implications When stay at home orders were issued, non-essential brick and mortar businesses closed unexpectedly. What were retailers to do with no traffic coming through the doors at their physical locations? The impact on big-box retailers like Best Buy, Dick’s Sporting goods, Sears, JCPenney, Nike, Starbucks, Macy’s, Neiman Marcus, Nordstrom, Kohl’s to name a few, has been unprecedented; some have had to shut their doors for good. Over the past several months global retail has seen e-commerce sales grow over 81% compared to the same period last year, according to Card Not Present. Some sectors have seen triple-digit growth year over year. Most online retailers have been ill-prepared to handle this increase in transactional volume in such a short amount of time, which has resulted in rapid fraud loss increases. A recent white paper from Aite Group reported that prior to COVID-19, a large financial institution forecasted an 8% decrease in fraud for 2020, but has since revised the projection to increase 10-15%. What does this all mean?  Bad actors are taking advantage of the pandemic to exploit the online retail channel. The increased remote channel usage—online, mobile, and contact centers in particular—continues to be an area where retailers are exposed. Account takeover, through phishing and relaxed call center controls, is rising as well. Increases in phishing attacks are leading to compromised and stolen identities and synthetic identity fraud. Account takeover (ATO) fraud has increased 347% since 2019 according to PYMNTS.com. A recent survey found more than a quarter of merchants (27%) admit that they don’t have measures to prevent ATO. 24% of merchants can’t identify an ATO during a purchase. 14% of merchants say they are not even aware that an ATO has occurred unless a customer contacts them. When criminals use these compromised accounts to make fraudulent purchases, the merchant loses revenue and the value of the goods. They can also suffer from damage to brand reputation and a loss of customer confidence. A lack of account security can have lasting effects as 65% of customers surveyed say they would likely stop buying from a merchant if their account was compromised, according to that same Card Not Present study. So how can retailers start to identify bad actors with malicious intent? This will be a constant struggle for retailers. Rather than a one size fits all solution, retailers must move toward a strategy that is nimble and dynamic and can address multiple areas of exposure. A fraudster could easily slip by one verification method—for instance with a stolen credential—only to be foiled by a secondary authentication tactic like device identity. A layered fraud strategy continues to be the industry best practice, where both passive and active authentication methods are leveraged to frustrate fraudsters without applying undue friction to “good” consumers. The layered solution should also utilize device risk, identity verification and fraud analytics, with tailoring to each businesses’ needs, risk tolerance, and customer profiles. Learn more about how to build a layered fraud strategy today. Learn more

Knowing where e-commerce fraud takes place matters We recently hosted a Webinar with Mike Gross, Risk Strategy Director at Experian and  Julie Conroy, Research Director  at Aite Research Group, looking at the current state of card-not-present fraud, and what to prepare for in the coming year. Our biannual analysis of fraud attacks, served as a backdrop for the trends we’ve been seeing. I wanted to share some observations from the Webinar. Of course, if you prefer to hear it firsthand, you can download the archive recording here. I’ll start with the current landscape of card-not-present fraud. Julie shared 5 key trends her firm has identified regarding e-commerce fraud: Rising account take-over fraud Loyalty points targeted Increasingly global transactions Frustrating false declines Increasingly mobile consumers One particularly interesting note that Julie made was regarding consumer frustration levels towards forgotten passwords. While consumers are more frustrated when they’re locked out of access to their banking accounts (makes sense, it’s their money), forgotten passwords are more detrimental to e-commerce retailers since consumers are likely to go to another site. This equates to a frustrated consumer, and lost revenue for the business. Next, Mike went through the findings from our 2016 e-commerce fraud attack analysis. Fraud attack rates show the attempted fraudulent e-commerce transactions against the population of overall e-commerce orders. Overall, e-commerce attack rates spiked 33% in 2016. The biggest trends we saw included: Increased EMV adoption is driving a shift from counterfeit to card-not-present fraud 2B breached records disclosed in 2016, more than 3x any previous year Consumers reporting credit card fraud jumped from 15% in 2015 to over 32% in 2016 Attackers shifting locations slightly and international orders rely on freight forwarders 10 states saw an increase of over 100% in fraudulent orders Over 70 of the top 100 riskiest postal codes were not in last year’s list So, what will 2017 bring? Be prepared for more attacks, more global rings, more losses for businesses, and the emergence of IoT fraud. Businesses need to anticipate an increase of fraud over time and to be prepared. The value of employing a multi-layered approach to fraud prevention especially when it comes to authenticating consumers to validate transactions cannot be understated. By looking at all the points of the customer journey, businesses can better protect themselves from fraud, while maintaining a good consumer experience. Most importantly, having the right fraud solution in place can help businesses prevent losses both in dollars and reputation.

Has the EMV liability shift caused e-commerce fraud to increase 33% in 2016? According to Experian data, CNP fraud increased with Florida, Delaware, Oregon and New York ranked as the riskiest states. Miami accounted for the most fraudulent ZIP™ Codes in the US for shipping and billing fraud.