Fighting Holiday Fraud
With the holiday season right around the corner, now is the time for online businesses to start preparing for the rush. Sure, we know it’s September and it may seem premature, but there are only three months left to get ready for the holiday craze. Even consumers have stopped waiting until November and December to begin their holiday shopping. According to the National Retail Federation, roughly 40% of shoppers have started buying holiday gifts by Halloween.
The last quarter is when businesses see a spike in the number of orders and the average order size. This is also when most businesses gain the largest amount of revenue (40% of their yearly revenue to be exact), as well as experience the highest levels of fraud. Last year, businesses were impacted by $2.2 billion in return fraud during the last quarter. Compared to 2014, this is an increase of $1.9 billion and totals 3.5% of entire holiday returns.
Almost half of holiday shopping (including browsing and buying) is now done online and 2016 will be the first US holiday season with the widespread EMV adoption. With this implementation, fraudsters have turned their attention to online sales. Experts estimate that fraudulent Card-Not-Present (CNP) transactions are going to double over the next few years.
The coming wave of online fraud means it is vital for businesses to tighten their security measures, especially before the holiday rush. To ensure fraudsters don’t disrupt customer’s holiday cheer and turn a prosperous holiday season into a nightmare:
- Use SSL (secure sockets layer) authentication: SSL lets customers know their personal information is encrypted between a web server and a browser. It ensures that all data passed between the web server and browsers remain private and integral. When customers enter sensitive information into a web page without SSL, they run the risk of it being intercepted by a prying hacker. This is how personal information can be stolen over the Internet.
- Encrypt Payment Information: A card verification system (CVC) and address verification system (AVS) help to ensure that the person using a card is in fact the owner of the card and is not fraudulent. Also, ensuring that the address and the CVV match the customer’s credit card will help flag fraudsters using stolen credit credits.
- Look out for Suspicious Sales: Be wary of large quantity orders, especially ones for expensive goods. Another red flag is when customers shipping address and billing address don’t match the information on file with the credit card company. This may not point directly to a stolen credit card or fraud, but it is still a good idea to investigate questionable orders. Simply contact the customer to verify the order and the legitimacy of the purchase.
As digital sales increase and EMV adoption accelerates, fraudsters are going to continue to shift their focus toward online businesses. Unfortunately, businesses that don’t prepare for the influx of fraudulent activities will likely see record-breaking fraud. In order to be successful and profitable this holiday season, businesses cannot wait until the last minute to prepare.
Here at BMT Micro we can also help better prepare your business for the upcoming holiday season. We strive to be an e-commerce company where customers can rest assured their information is and will always be protected. We also want our vendors confident in the knowledge that with the right level of fraud protection, it will decrease the likelihood that their product will be taken advantage of or fraudulently used. Our state-of-the-art fraud detection system automatically screens orders and puts questionable orders through a manual approval process. Plus, all BMT Micro servers are fully secured and host all shopping carts using the highest encryption standards available.
We continually make sure that online security measures remain a priority. If you have questions or concerns about your current fraud prevention or if you are interested in learning more about BMT Micro’s offerings please contact our vendor services at firstname.lastname@example.org.