Holiday Shopping Season Looks to Be Huge E-Commerce Success – for Cybercrime. ThreatMetrix Warns Merchants of Payment Fraud and Account Takeover.
The summer sun hasn’t faded and merchants are forced to prepare for a holiday shopping season that seemingly comes earlier every year. And, this year especially, e-merchants better pay heed to the first line of “Santa Claus Is Comin’ to Town”: “You better watch out.”
That’s because data from the ThreatMetrix Global Trust Intelligence Network™ (The Network), the most comprehensive repository of information available for screening prior transactions and site visitors, reveals payment fraud and account takeover attempts have about doubled and only show signs of increasing during the holiday shopping season.
According to comScore, last year’s holiday e-commerce sales grew 14 percent to $42.3 billion in total revenue. This number is only going to increase along with attempts by cybercriminals to get a piece of the action.
“Ahead of the holiday rush, retailers must have preventative cybercrime measures in place to protect against account takeover, payment fraud and other risks,” said Dr. Stephen Topliss, vice president of services and support, ThreatMetrix. “By preparing now, retailers can focus more on helping authentic customers have a frictionless shopping experience during the holidays, while stopping cybercriminals in their tracks.”
What should retails take special precautions against?
• Account takeover – Account takeover has traditionally targeted banking websites. But recently it shifted to e-commerce. Retailers should look out for users accessing their accounts from devices other than their usual ones or changing account details such as shipping addresses or cell numbers.
• Payment fraud – Because of the high volume of orders during the holidays, e-commerce merchants have less time to screen individual transactions for fraud. One option is to implement additional verification technologies such as Verified by Visa. It’s important to implement this in a dynamic way, based on the risk associated with each transaction, so genuine customers aren’t inconvenienced.
• IP Address Risks – Not only do consumers spend more during the holidays, but many travel to see family and friends. Therefore transactions can initiate from different locations, i.e., IP addresses. E-commerce merchants have to build a history of customers with positive scores based on prior transactions. That way, e-retailers can assess the authenticity of a device along with the account and associated address to assure genuine customers are not flagged for fraudulent transactions even if they are in a different location.
Leveraging collective data from a global intelligence network, e-commerce merchants are better able to protect their users. Specifically, retailers can link customer accounts to their devices, addresses and previous transactions to build a history of legitimate customers and suspicious accounts. Doing so can prevent e-commerce merchants from losing up to five percent of total orders due to incorrectly labeling transactions as fraudulent.
“A collective approach to cybersecurity enables e-commerce merchants and customers to have an all-around jolly holiday shopping experience,” said Topliss. “Differentiating between authentic and fraudulent transactions helps determine which customers deserve a visit from Santa this holiday season and which cybercriminals receive coal in their stocking – meaning in this sense additional fraud screening.”
To learn more about e-commerce cybercrime, visit the ThreatMetrix website for an infographic titled “Don’t Let Cybercriminals Steal Your E-Commerce Sales” – http://www.threatmetrix.com/resource-center/infographics/dont-let-cybercriminals-steal-your-e-commerce-sales/
ThreatMetrix is the fastest-growing provider of integrated web fraud and cybersecurity solutions. The TrustDefender™ Cybercrime Protection Platform helps companies prevent unauthorized access to web and mobile applications, protect sensitive data, and secure transactions against account takeover, payment fraud, identity spoofing, malware, and data breaches. ThreatMetrix protects more than 1,900 customers and 9,000 websites across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government, and insurance. For more information, visit www.threatmetrix.com or call 1-408-200-5755.
To join in the cybersecurity conversation, follow us on Twitter @ThreatMetrix.