Ecommerce merchants selling digital goods run the risk of losing millions of dollars to fraud annually. Proactively shoring up key areas of security, including identity and verification, can help prevent and lessen fraud and related chargebacks, according to Riskified Australia and New Zealand country manager, Nick Kirtley.
“Taking a multi-faceted approach to mitigating fraud of digital goods before the shopping season hits will allow retailers to stay steps ahead of fraudsters, drive higher sales, reduce losses, and offer customers a seamless shopping journey without taking on new risk,” he told Retailbiz in a recent interview.
There are several key strategies merchants can implement to cut down on fraud in digital goods:
- Take a full-spectrum approach to chargebacks. Most merchants accept that chargebacks are inevitable after a busy shopping season. However, to mitigate against excessive chargebacks — including those related to gift card fraud specifically — have a robust fraud prevention strategy in place to prevent fraudulent activities from happening in the first place, anticipating chargeback maturation rate based on data, and planning for how different card networks will incorporate chargebacks into their calculations.
- Educate customers. No merchant wants to place a burden on their customers, yet at the same time, awareness of risk is also important. Merchants can educate customers about fraud in digital goods and the importance of keeping gift card and credit card details safe and secure. Helping customers understand the risks involved and how to mitigate against digital goods data breach will prevent poor outcomes.
- Leverage data to safeguard logins. One way for fraudsters to easily purchase digital goods such as gift cards is by conducting purchases through loyal customers accounts, making the purchase appear less conspicuous. To increase accuracy and speed when making high-stakes decisions about whether to allow, challenge or block a login attempt, merchants need access to additional data points such as linked identities, behavioural analytics, and spoofing detections, so account takeover prevention is crucial to prevent access to accounts. Merchants should invest in tools that are designed to fortify logins.
Sekuro customer chief information security officer, Lee Roebig said there has been huge growth in merchant fraud since the pandemic. This is where a customer’s bank card or entire identity can be stolen as a result of targeted attacks.
“Research shows that scammers leveraging credential phishing are increasingly going after corporate targets. This is because cybercriminals can use one corporate account to open the door to an entire organisation and its supply chain,” Roebig told Retailbiz.
While the retail industry will remain a lucrative target for cyber fraud, there are preventative measures a retailer can take to make sure their online platforms have the right defence in place. Any retailers conducting business online should be adopting a Zero Trust approach, which requires very little investment.
“Zero Trust is the idea that nothing requesting access to an organisation’s assets should be trusted until it has been proven safe through granular, contextual analysis. This concept needs to be applied across a business’ entire technology, process and people landscape,” he said.
“Sekuro’s Zero Trust strategy breaks this down into eight key pillars: People, Identities, Endpoints, Networks, Infrastructure, Applications, Data, and Analytics. A Zero Trust framework can help a business of any size become more resilient. By applying Zero Trust to all areas of a business, retailers can significantly enhance their capabilities to detect and/or prevent anyone trying to gain access to their network to conduct cyber fraud.”
The advice from GBG regional general manager for Australia and New Zealand, Carol Chris is for retailers to take proactive measures as the fraud landscape gets increasingly complex.
“The first is to recognise that fraudsters will create fake websites, social media accounts and other platforms to impersonate your brand and you cannot always assume that customers will be able to easily tell the difference,” Chris told Retailbiz.
“The second is to take a proactive approach to preventing fraud within your own customer base – manual efforts alone will not be enough and leveraging the latest technologies, including artificial intelligence and machine learning, will be critical.”