Ecommerce sales skyrocketed during the pandemic, consolidating ten years’ worth of growth into just 90 days. Today, there are more than 2 billion digital buyers. By the end of 2026, it’s estimated that ecommerce sales will reach $8.1 trillion.

Merchants are eager to capitalize on the growing ecommerce opportunity, so it’s no wonder that 24 million ecommerce sites globally compete to capture their share of consumer spending. 

As ecommerce sales grow, more fraudsters pop up, and often, organize, to find and exploit ecommerce businesses. In many cases, fraud at checkout is regularly neglected or poorly managed to the chagrin of merchants who think they have fraud prevention and detection under control. 

Unfortunately, the cost to rectify the problem can quickly threaten a business’ survival. Ecommerce fraud is expected to cost merchants $362 billion collectively between 2023 and 2028 – and fraud damages were forecasted to reach $48 billion in 2023.

Reducing fraud with prevention measures specific to the ecommerce channel can put more “P” on your P&L. And too often, ecommerce fraud prevention solutions can worsen the problem.

This occurs if the fraud prevention solution you use creates more friction and barriers in the shopping and payment process resulting in significant conversion rate declines. More declines mean less business for your business. Fraud also: 

1. Breaks customer trust: If customers feel their personal and financial information is at risk, they will hesitate to make purchases and may abandon your business altogether. 
2. Harms your reputation: A reputation for security and reliability is crucial for ecommerce businesses. Instances of fraud can tarnish a company’s brand reputation and lead to negative publicity.
3. Hurts your position: Customers have numerous options when it comes to online shopping and have no problem finding an alternative – likely your key competitor – if they fear their online safety and security are at risk.

In this article, we’ll discuss how you can achieve a frictionless customer experience while heading off ecommerce fraud with dynamic and intelligent ecommerce fraud prevention strategies and solutions. But first, let’s review some signs that fraud is occurring in your ecommerce business.

Ecommerce fraud detection

Here are the most common warning signs to look out for:

Unusual buying patterns: Keep an eye on orders that diverge from typical customer behavior such as large purchases, multiple orders from the same IP address within a short span, or several small value orders. All of these could indicate a fraudster has taken over a customer account.

Mismatched billing and shipping information: Be cautious with orders where billing and shipping addresses don’t match, especially if the shipping address is a freight forwarding company or a PO box. 

Odd transaction timing: Take note of transactions during unconventional hours or peak fraud periods, such as holidays or weekends. Fraudsters could be at work trying to proceed undetected.

Multiple declined cards: Watch for repeated attempts with multiple credit cards that are declined before one is accepted. This could mean that a fraudster is attempting to find a working card number.

Rapid account creation: Be wary of accounts created with disposable email addresses or using automated scripts. True customers typically use traditional email addresses and manually create their accounts.

Suspicious account activity: Watch accounts closely for frequent changes in personal information, shipping addresses, or email addresses. These updates may signal a potential account takeover (ATO).

Irregularities in IP address or geolocation data: Be aware of inconsistencies between the customer’s IP address and their billing or shipping address, as well as mismatches in geolocation data. This could indicate a fraudster is gaming your system from a different place of origin than the legitimate customer.

Velocity checks: Monitor the speed of transactions from a single IP address or account. A high volume of transactions within a short time frame could indicate fraudulent activity.

Ecommerce fraud protection

Fraud isn’t something that you can handle once and be assured it will never happen again. It’s an ongoing concern and it pays to be vigilant. 

The return on investment of fraud prevention extends far beyond recouping stolen funds. A well-executed prevention strategy can spark a ripple effect of positive outcomes. Here’s how you can measure the ROI of a fraud prevention strategy across four pillars:

You’ll want to understand how an ecommerce fraud prevention provider approaches these pillars. Ask these critical questions when evaluating ecommerce fraud prevention solutions:

• What does an ideal solution look like for us? Are we looking for a solution that will require a team of fraud analysts to manually review transactions? Or a solution that allows the business to focus on other areas such as scaling /international growth while fraud is completely taken care of?
• Does this solution have many other merchants in my category?
• What do you expect to gain from the partnership? How much authority will you maintain? 
• How will the solution impact sales revenue? 
• Is there a performance guarantee? 
• Do you understand the pricing model?
• Who is liable for fraud? 
• How well-suited is the solution for emerging fraud challenges? 
• What is the solution provider’s track record? 

The answer to these questions will help you narrow in on a solution that best meets your business goals. In general, these four industry best practices to fight ecommerce fraud are worthy of your consideration because: 1) They’ll help keep fraudsters at bay and 2) Keep your frictionless customer experience a priority.

How can ecommerce fraud be prevented?

Machine learning 

The conundrum we work to solve for ecommerce merchants every day is how to balance a frictionless checkout experience that approves more transactions with ecommerce fraud prevention strategies that stop fraudsters. In large part, this is where machine learning comes in.

Machine learning fraud technology analyzes extensive data sets in milliseconds for instant decisioning to approve or decline transactions. It’s proactive, designed to self-optimize, and can quickly adapt to and pick up on complex patterns like fraud rings. When coupled with human engagement to identify subtle behavioral nuances, machine learning is the gold standard in fraud prevention today.

Scaling can be difficult when relying on manual processes alone to detect and prevent fraud. Businesses that want to scale use machine learning fraud technology.

The network effect 

Fraud rings frequently target multiple merchants in the same industry in rapid succession, sharing and selling security vulnerabilities and fraudulent tools across various platforms, including the Dark Web. This poses a global threat as fraudulent techniques from one industry or product can be adapted to target others.

Fraud prevention providers have an advantage in blocking these organized fraud groups that a single merchant doesn’t because of the network effect. Many ecommerce fraud prevention providers, including Riskified, work with thousands of merchants across diverse industries and regions. As a result, we have access to millions of datasets that we analyze for fraud. As a Riskified merchant, you get the passthrough benefit of collective fraud intelligence that no single business has on its own.

Authentication layers 

Think of authentication layers like locks that guard entry into personal accounts and sensitive information. You gain access only after you enter the correct code, key, or password at various steps. In ecommerce, authentication layers help verify the identity of users and transactions. These are the most common merchants and ecommerce fraud prevention providers use to ensure a user is who they say they are:

Password authentication: Users enter a password or PIN to access their accounts or authenticate transactions.

Multifactor authentication (MFA): MFA adds an extra layer of security by having users set up two forms of verification to gain account entry or authorize a transaction. 

Biometric authentication: Biometric authentication uses distinctive physical traits like fingerprints, facial recognition, or iris scans to verify a user’s identity.

Device authentication: Device authentication verifies the identity of a device accessing the system by examining its unique attributes, such as its IP address, MAC address, or device fingerprint.

Behavioral biometrics: Behavioral biometrics such as typing speed, mouse movements, and navigation habits analyze behavior patterns to establish a unique user behavioral profile and detect anomalies that may indicate fraud.

Transaction monitoring: With real-time transaction monitoring, organizations can detect suspicious behavior including unusually large transactions, transactions from high-risk locations, and unusual spending patterns. 

Ecommerce fraud management

You might be curious about when to rely on an in-house fraud management team and when to look for outside support from an ecommerce fraud prevention provider such as Riskified. Use the five criteria below to help you determine which best supports your business goals and requirements:

1. Availability and immediacy

Logistically, even a rudimentary in-house fraud system takes a tremendous amount of time to stand – and staff – up. Hiring skilled engineers and data scientists, training a team, testing and acquiring tools, building the technical infrastructure, and creating a strategy to fit a business’ specific needs can take several years. This can delay your ability to prevent fraud for several years, leaving you vulnerable to fraudsters who get more sophisticated by the day.

An external provider can give you everything you need – the expertise of a team, powerful technology, tools, and capabilities after just a few weeks of integration.

2. Scalability and agility  

The influx of new online shoppers during the pandemic is an example of how quickly a merchant may need to respond to new or seasonal shopping behaviors. Virtually overnight, consumers who had never shopped online before turned to ecommerce to buy what they needed. Even those who were accustomed to shopping online adjusted their habits, making different purchases or increasing their order sizes and frequencies. With so much attention going into meeting new customer needs, fraudsters swooped in to take advantage of strained systems.

This is one example of the need for scalability and agility to respond to increases in order volumes, but there are plenty of others like seasonal bumps and situational instances like when a TikTok product video goes viral or Taylor Swift influences a purchase of a certain item. 

Automated ecommerce fraud prevention solutions lessen the manual workload for the team. The fraud solution can automatically find, analyze, and combat fraudulent attempts so in-house teams can dedicate their attention to other fraud issues that require the expertise only a human can provide.

3. Overhead and oversight

Fraud systems require maintenance and product development to stay on top of new fraud tactics. An in-house team will have to take care of issues like fixing bugs and other maintenance issues and develop new products to keep up with fraud trends. Alternatively, you can count on an ecommerce fraud prevention provider to do this for you. Offloading tasks, responsibilities, and decisioning can relieve in-house teams to focus on higher-level priorities.

4. Visibility and control

One of the most common reasons merchants opt to keep fraud prevention in-house is for more visibility and greater control. In-house fraud teams may be concerned that they lose data transparency that can help make informed decisions and optimizations related to fraud patterns and the customer experience. They also worry about being able to establish specific workflows and frameworks tailored to their unique needs.

While this may be true with some ecommerce fraud prevention providers, it’s certainly not the rule. Many providers deeply understand merchants’ need for visibility and control and make these top and bottom-line insights only a click away. For example, Riskified provides context for every decision and empowers merchants’ support and fraud teams with dedicated tools. Users can visit the Control Center to track performance or dive into the data to analyze fraud and payment trends.

5. Eyes and ears on the ground

Your in-house fraud team is armed with the most intimate knowledge of your company and current markets. However, once you look to expand into new markets or develop new solutions, you’ll need to build your fraud knowledge base — and fast. In-depth research takes significant time and resources that you may not want to stomach. Not to mention, the global nature of ecommerce means that fraudsters from anywhere around the globe can attack in an instant. Having expert eyes and ears to the ground with an established and trusted provider can fortify your defenses and help lessen the fraud risk as you expand and introduce new solutions.

Which fraud prevention solution is best for ecommerce?

One more critical area to examine in a potential ecommerce fraud partner is how accountable they are to detecting and preventing fraud for your business.

An accountable fraud partner can limit your liability, and provide stability to weather new and emerging global fraud threats – so you can keep more money on your bottom line. It comes down to a fraud management model that keeps chargebacks low and approvals high. One that offers the CFO and other C-level executives crucial revenue predictability. It enables the CFO to know the minimum approval rate, and accurately determine the budget for fraud. The CFO can then forecast the exact revenue lift their organization will gain from the partnership.

Let’s examine the business model of an accountable ecommerce fraud prevention provider – chargeback guarantee – and a few others so you can determine what’s best for your business.

Ecommerce fraud prevention tools and their business models

Scoring

In this model, fraud prevention systems assign scores to transactions based on various risk factors such as transaction amount, location, customer behavior, and device information. The higher the score, the greater the perceived risk of fraud. Merchants can pair this scoring methodology with a rules-based system to set thresholds for accepting or rejecting transactions based on the scores. 

The upside: It gives merchants full control over approval decisions and automates transactions that fall under the threshold of the set of rules put in place. 

The downside: Manual review is needed for transactions that fall under the threshold. This has several unfavorable implications: 

• It can lead to an excessive amount of false declines, which negatively impacts the customer experience. It’s reported that ecommerce merchants unnecessarily decline about 16 percent of all sales trying to thwart fraud.
• It’s hard to scale and meet volume increases when your team needs to manually review transactions.
• It delays decision-making when speed matters. Customers have come to expect instant decisions. Adding manual review is another step in the review process that takes more time.
• Merchants retain the fraud liability for chargebacks.

Non-covered decisions

This ecommerce fraud prevention business model doesn’t come with a liability shift for chargebacks. The merchant assumes the consequences and accountability for chargebacks.

The upside: The costs are lower because you don’t shift any of the liability. You also get the benefit of automating transaction reviews, which reduces the manual workload for fraud analysts.  

The downside: Even though the merchant is responsible for 100 percent of chargebacks, they don’t control fraud decisioning. Rather, the provider deals with the decisioning so merchants may worry if providers are appropriately optimizing performance when they don’t have any real consequences for under-performance. 

Chargeback guarantee

As the name may suggest, the chargeback guarantee model shifts the liability of chargebacks to the ecommerce fraud prevention provider. The provider pays any chargebacks and associated fees for the merchant in this model. 

The upside: Chargeback guarantee shifts the liability of unavoidable chargeback costs from merchants to the provider, offering cost predictability and margin optimization. As a result, providers are incentivized to maximize approval rates to limit the financial burden of chargebacks on their books. Providers focus on creating strong partnerships to understand the merchant’s business and help with optimizing fraud decisioning, ultimately generating a revenue lift for merchants.

The downside: Some merchants may perceive chargeback guarantee providers as more risk-averse because of the liability shift; however, it’s to the benefit of the provider to minimize declines. To do so, providers must focus on creating a transparent partnership with loads of knowledge sharing to ensure the provider understands the business, opportunities, and risks. The chargeback guarantee model only makes sense when coupled with machine-learning-powered fraud prevention that trains its algorithms to analyze and infer decisions based on countless past transactions.

StockX secures global growth with Riskified

Listen to how StockX leveraged AI-powered fraud solutions to scale confidently and improve customer experience.

Hear StockX’s story

Find the right ecommerce fraud strategy

Fraud is a high price to pay to operate in ecommerce; nonetheless, every business has to deal with it. It’s better to be ahead of it than to be behind it. We hope this article gives you the information you need to start looking into ecommerce fraud prevention solutions to achieve your business goals, prioritize the customer experience, and minimize the threat of fraud.

Every business is different – with its own set of goals, challenges, and opportunities. The right ecommerce fraud prevention solution will be able to support your fraud challenges and help your business scale.

FAQs

Mcommerce: Why you need a different approach to fraud prevention