Why ecommerce fraud needs a multichannel response

Ecommerce fraud isn’t just an online problem anymore. With fraudulent activity spanning the online, mobile and offline channels, it’s time that e-commerce retailers treat fraud prevention as a multichannel issue.

people icons chasing shopping carts commerce
Thinkstock

Ecommerce fraud doesn't happen only online anymore. As more people worldwide gain internet access and shop online in new and different ways, fraudsters have a growing pool of potential victims and more options for committing theft. Organized criminals now target ecommerce shoppers and sellers with schemes that combine online purchases with in-store pickups, corruption of shipping processes, and duping unsuspecting people into acting as in-person conduits for their stolen goods. Because online and offline fraud are increasingly connected, retailers must treat fraud prevention as a multichannel problem.

More transactions involve digital channels

Global internet access, particularly mobile internet access, has expanded rapidly during the past decade. The number of people worldwide with internet access grew from 1.37 billion in 2007 to 3.58 billion in 2017. Mobile traffic accounted for more than half of global internet traffic in 2017, and Gartner has projected that by 2020,  85% of consumer interactions with companies will be handled by AI, a huge change from the days when the majority of interactions were in-person or by phone.

As consumers increasingly shop online and blend online and in-person shopping experiences, even stores that now operate primarily in the brick and mortar space need to sell in digital channels in order to stay viable. Multichannel retail is virtually imperative now—but it also comes with multiple types of fraud-prevention and customer-experience challenges.

More opportunities for multi-layer fraud schemes

Organized criminals have shown over and over that they will utilize any new channel or customer touchpoint to commit fraud, so it shouldn't be surprising that they've already found ways to exploit multichannel vulnerabilities to create sophisticated fraud schemes that operate across channels. Here are a few examples:

  • Buy online, pickup in store (BOPIS) fraud prevention can be challenging because it eliminates one of the most important data points for order screening – the delivery address. Even if retailers require a photo ID and email to pick up merchandise that was ordered online, fraudsters are also skilled at identity theft. Retailers that offer BOPIS must be sure their fraud prevention practices factor in these risks.
  • Social engineering is a broad term that refers to the many ways criminals acquire personal information not only from consumers but also from employees and other players in the flow of payments and shipping. Interpol's list of social engineering fraud methods ranges from wide-scale attacks like email phishing for customer passwords to be used in account takeovers, to impersonating company executives, to diverting couriers in order to steal packages.
  • Colluding with individuals who work for smaller logistic companies or freight-forwarders sounds extreme, but it does happen. This allows organized criminals to avoid fraud detection when using a hijacked customer account, because they can use the real shipping address associated with that account. Then their “inside man” intercepts the package and diverts it to the fraudsters.
  • Brazen schemes involving digital and offline tactics are also in some fraudsters' playbooks. Among the boldest I've seen in my career was a group that ordered products using a stolen credit card and had them delivered to the real cardholder's home so that all the checkout data looked legitimate. After the items were delivered, the fraudsters went to the victim's home wearing uniforms with the retailer's name and logo, said the package had been shipped by mistake, and took it back. By the time the cardholder and retailer realized it was a scam, the perpetrators and the merchandise were long gone.

More challenges to delivering great customer experience

Combating all these fraud schemes is a challenge for retailers. The other, perhaps even bigger, challenge, is to fight these types of fraud while delivering a satisfying multichannel shopping experience for legitimate customers. Too-stringent screening can result in order approval delays, offended or frustrated customers, and brand-damaging complaints on social media. (Consider that Snapchat's parent company briefly lost more than a billion dollars in market value after celebrity Kylie Jenner tweeted that she was no longer happy with the app.)

I've written before about how fraud prevention can impact customer experience. The takeaway from that discussion is that a good multichannel fraud screening program will factor in response time, false-positive reduction strategies, excellent customer service during manual reviews, and careful monitoring of evolving multichannel fraud schemes. Even if your company only sells online, combating ecommerce fraud requires something like a multichannel mindset, including lots of layers and offline safeguards as well as online tools.

It may be faster and easier to earn a customer's trust online than in person but losing trust can happen fast in any channel. As you review your company's fraud prevention program, remember that earning and keeping the trust of your customers is every bit as important as stopping fraud. A well-designed fraud prevention program should improve your customers' experience across channels rather than hinder it.

This article is published as part of the IDG Contributor Network. Want to Join?

NEW! Download the Winter 2018 issue of Security Smart