Screening of the payment should be last resort: Forrester

Although ecommerce fraud has stabilized in recent years, the battle waged by fraudsters has grown increasingly complicated and retailers are not keeping up, according to a report by Forrester Research.

Retailers must supplant the traditional cat-and-mouse view of fraud monitoring with a more reliable and responsive model. The "Ecommerce Fraud Management Solutions, 2014" report offers a variety of solutions to retailers struggling with the globally elusive, real-time and multi-device attacks that are emerging.

"Increasingly, fraudsters are expanding their strategy beyond payment-specific tactics," said Lily Varon, co-author and analyst of the report at Forrester Researcher, New York.

"Retailers have to watch out for account takeover, which now attributes for about 40 percent of ecommerce fraud," she said. "Yet for many online retailers, screening the payment for fraud is the only thing they do.

"Using predictive screening and real-time data analysis, fraud management solutions identify potentially fraudulent transactions well in advance of the payment itself. Screening of the payment itself should be the last resort."

The "Ecommerce Fraud Management Solutions, 2014" report draws upon interviews from nine vendor companies, including Accertify, CA Technologies, CyberSource, DataCash, Easy Solutions, iovation, Kount, ReD and ThreatMetrix.

Current state

Forrester begins by outlining the current state of ecommerce fraud that saps an annual $3.5 billion alone in North America.

As consumers switch their shopping, banking and networking preferences to mobile, adequate security measures have not been taken.

Twenty-eight percent of companies are tracking fraud coming in through mobile.

BMW partnered with CA Technologies to simplify its application

Account takeovers constitute another poorly addressed threat.

To protect their consumers, retailers are beginning to encrypt all ports into an account such as login credentials.

Cross-border fraud is still the primary mode of ecommerce theft, doubling that of domestic fraud, which confronts retailers with many more variables that are hard to tackle with blanket solutions.

Setting up defenses

Retailers depend on Big Data to parse through immense volumes of daily transactions to acquire meaningful patterns across devices.

"Context-based, adaptive and risk-based authentication" is one fraud solution discussed that allows ecommerce players to pinpoint criminal activity.

Establishing partnerships with credit reporting and information services can fortify places of vulnerability.

Bundled payment service provider solutions, global reach and real-time processing and analysis are some of the tactics that the report expounds upon.

The report also offers information on a range of vendors and programs that can be accessed.

Recent credit breaches of Neiman Marcus and Target have put retailers in all sectors on guard.

"Retailers need a defined set of best practices and efficient processes in place to manage these outcomes," Ms. Varon said. "A well formulated executive apology goes a long way. Ensure it includes clear, concise, and simple information about what happened, how the company responded to resolve the breach, and instructions on how customers can get in touch.

"Target, for example, shared short YouTube videos of the CEO detailing the data breach and what the company's plan was to resolve it and protect impacted customers," she said. "Retailers should make sure that affected or concerned consumers' calls get tagged as priority in the IVR queue, get routed to the right places and that the fraud team is well positioned to handle the situation.

"After these initial critical steps are accomplished, the best way a retailer can know what it needs to do to regain consumer trust is to listen to what consumers are asking for via market research, call center feedback or social media communications."

Final Take

Joe McCarthy, editorial assistant on Luxury Daily, New York