The shift to eCommerce has brought with it a corresponding rise in fraud and a change in the methods fraudsters are using.
Meanwhile strong customer authentication (SCA), a new European regulatory requirement to make online and contactless offline payments more secure, arrives in the UK in March, which will require additional authentication in the checkout process.
Although this can help retailers fight fraud, it presents challenges of its own: adopting a technology solution will be necessary for successfully riding these waves of change towards better customer retention and optimised revenues.
Which types of fraud are on the rise?
Because eCommerce fraud can be conducted from anywhere in the world, it can also operate at a scale which wasn’t previously possible with traditional methods such as in-store and return fraud.
As a result, the overall volume of fraud has risen for many retailers: over one third say instances of fraud or chargebacks have increased for their business over the last year.
The types of fraud have changed too, with promotional abuse and ‘Item Not Received’ claims the most commonly seen methods.
SCA – the double-edged sword
With retailers feeling the pressure from fraudsters, regulators in Europe are providing them with this new weapon to fight online fraud.
Despite numerous delays, SCA is now slated to come into force in March. It will require merchants to implement two-factor authentication on eCommerce transactions and for consumers to authenticate transactions using two of the following three: something the user knows (like a password), something the user has (like a mobile device), and something the user is (like a fingerprint).
Although SCA will be a welcome sight to many retailers, it certainly isn’t a fraud panacea. Many transactions won’t be subject to SCA and, most importantly, maintaining a low fraud rate is still essential so that SCA doesn’t negatively impact the customer experience and conversion rates. Cart abandonment rates are at around a quarter in countries where SCA is already being enforced – that’s a lot of lost revenue.
This presents somewhat of a dilemma for retailers. If they adopt SCA and generally aim to improve the security of their online payments channels, this can add friction to the payments process and result in losing customers. Being overly-cautious in an attempt to reduce fraudulent transactions can also backfire, with two-thirds saying they would not shop with an online retailer again if they suffered a false decline and more than half giving a retailer no more than one chance after a bad online experience before abandoning it.
However, if retailers are too slack, they could face fines from regulators and lost revenues through increased fraud.
A way forward with technology
The key to unlocking this challenge is technology. Using an innovative fraud-prevention tool provides a second line of defence which allows retailers to not cast the SCA net so wide – and to strike a good balance between fraud prevention and positive customer experience.
For instance, transactions of €30 or less are exempt from SCA. With a good anti-fraud tool, retailers can let customers skip SCA for these transactions, thereby reducing friction in the payments process while keeping fraud rates low.
The same applies for other SCA exemptions, such as subscription payments and trusted beneficiary payments.
A low fraud rate – which can be achieved with a quality anti-fraud tool – can also provide other advantages under SCA. The Transaction Risk Analysis (TRA) exemption allows merchants with low fraud rates (who use acquiring banks that also have low fraud rates) to bypass SCA for order values proportional to the fraud rate. For example, retailers with exceptionally low fraud rates of 0.01% can turn off SCA for orders under €500; a rate under 0.13% allows the same for orders under €100.
With SCA arriving in March, retailers should be looking now to secure a technology-powered solution for fraud prevention. Doing so will be a boon for your customers and for optimising your revenues in the years ahead.