Online consumers — particularly those purchasing digital goods — expect immediate gratification in their purchases. The often high risk of online purchases has put merchants in something of a pickle as they attempt to balance their antifraud measures with meeting the needs of legitimate customers, many of whom will abandon the merchant for good if they’re met with a false-positive decline.
Riskified has commissioned the research firm Javelin to produce a whitepaper — “Overcoming False Positives: Saving the Sale and the Customer Relationship” — which analyzes the prevalence of false-positive declines in the U.S. and the key consumer segments that are disproportionately affected by them, ultimately producing valuable solutions for merchants in the online realm.
KEY DATA POINTS
False-positive declines occur three times more often than card fraud.
Roughly one in six (15 percent) of all cardholders had at least one transaction declined because of suspected fraud in the past year, compared to just 4.42 percent of defrauded consumers. In 2014, $118 billion was incorrectly declined compared to just $9 billion lost to fraud. Antifraud efforts are valuable, but if they’re not implemented properly — or if they’re made overzealously — they can actually cost merchants money.
False-positive declines cost merchants more than card fraud.
Surprisingly, two-thirds of repeat eCommerce or mCommerce customers are lost to false-positive declines, versus 54 percent lost to card fraud. As card-not-present (CNP) transactions tend to make merchants jumpy regarding liability, the unintended consequences of that is alienating more good customers than they lose to straight-up card fraud.
Gen Y consumers are at high risk for false positives.
More likely than their older counterparts to shop at high-risk merchants, 24 percent of younger consumers experienced at least one false transaction decline in the past year. However, Gen Y-ers are also more likely than older consumer groups to switch merchants after a decline, which they did last year at a rate of 42 percent.
High-income consumers report more false-positive declines (51 percent versus 40 percent of all cardholders) on transactions over $250.
Twenty-two percent of high-income cardholders — those with an annual income of $100,000 or more — experienced a false-positive decline over the past year, which led more than half of them (58 percent) to either reduce or altogether cease doing business with the merchant in question.
Javelin estimates that 33 million cardholders — comprising 15 percent of the total — had a transaction denied because of suspected fraud in 2014, resulting in the aforementioned loss of nearly $118 billion.
In total, an estimated 127 million legitimate transactions are denied each year because of a false suspicion of fraud. The rate of false-positive declines is more than three times that of existing-card fraud. In 2014, 4.42 percent of customers were affected by existing-card fraud, representing a loss of $9 billion.
Today, the bulk (57 percent) of false positives occur at physical stores, followed by digital channels: eCommerce, which represents 31 percent of all false-positive declines, and mobile, which represents 5 percent, or $1.69 billion.
Online purchases grew from $28 billion (1.1 percent of total retail sales) in 2000 to $352 billion (8 percent of total retail sales) in 2013. ECommerce sales are expected to maintain a 6.7 percent compound annual growth rate (CAGR) through the next five years, reaching $486.3 billion in 2018.
It’s a big opportunity for merchants — but also one for cybercriminals. In 2013, U.S. eCommerce fraud reached $9 billion and is expected to grow to $18.4 billion by 2018. In contrast, POS fraud was only $6 billion in 2013 and is projected to fall to $4.5 billion by 2018. As eCommerce continues to grow, so too will online fraud.
As Javelin notes, “Increasing eCommerce and mCommerce shopping volume, changing consumer behaviors and evolving fraud schemes all increase the difficulty in separating legitimate purchasers from thieves.” The rise of instantly deliverable digital goods (e.g., music, games or other intangible items) has rendered traditional anti-fraud methods ineffective.
Merchants that operate a digital storefront bear the brunt of CNP fraud losses. Therefore, accurate assessment of purchases has never been more important. Failing to identify thieves may result in fraud loss, while applying overly restrictive fraud controls may result in additional loss by pushing declined shoppers to competitors.
RECOMMENDATIONS FOR MERCHANTS
Don’t base a customer validation scheme on personally identifiable information (PII).
Rather than relying on static data, such as name, address or Social Security Number — which cybercriminals can easily falsify — merchants should base their authorization strategies on dynamic information.
Understand customer behavior.
Merchants should invest in antifraud solutions that offer multidimensional intelligence, as well as analyze behavior patterns of both legitimate and fraudulent transactions in order to better flag future purchases.
Never issue a decline based on a single data point.
Merchants should adopt a holistic, customized approach — using multiple data points — to better understand the complete picture of the purchaser in context of the specific order.
Accurate tagging is crucial for machine learning or rules-based fraud systems.
Tags need to indicate what element of the transaction was problematic and the degree of certainty about fraud. Specific tagging will help merchants gather a better idea of their decline patterns and adjust their authorization rules.