Just in time for the start of the holiday shopping season, two vendors released research this week detailing a rise in e-commerce fraud. CyberSource Corp. published the results of its sixth annual e-commerce fraud survey, while VeriSign Inc. came out with its fourth Internet Security Intelligence Briefing, which details Internet usage trends as well as threat, vulnerability and fraud patterns.
According to CyberSource’s tally, businesses will lose US$2.6 billion to online fraud in 2004 — a 37 per cent increase over 2003, when fraud losses totaled $1.9 billion.
Retailers have had some success limiting fraud loss, but they’re spending more time and money doing so, says CyberSource, which specializes in electronic payment and risk management services for retailers.
This year fraudulent orders account for 1.8 per cent of online sales, which is statistically level with last year’s 1.7 per cent, CyberSource says. The $700 million swing in fraud losses is offset, in part, by corresponding growth in e-commerce revenue: The 348 merchants surveyed expect their e-commerce revenue to increase by 39 per cent in 2005.
VeriSign, too, logged a healthy climb in e-commerce sales. According to its report, which covers July through September of this year, e-commerce dollar volume has increased more than 25 per cent since the third quarter of 2003.
Fraud schemes increasing
However, fraud schemes are growing even faster, and the level of sophistication and potential damage from Internet attacks continues to climb, VeriSign says. In particular, new hybrid attacks, such as those that exploit a system vulnerability to launch an identity theft, are being initiated by more sophisticated hackers looking for financial gain.
One e-commerce executive finds the diversity of attacks to be one of the biggest challenges in the fight against fraud. “Every time we feel like we have our bases covered, the fraudsters find a new way to get through,” says the manager of Internet operations at a $2 billion specialty retailer who asked not be named.
Online commerce is a relatively immature business, and it’s still going through growing pains, she says. Determining best practices for fighting fraud is a work in progress. “Key to this industry is to set those good practices and standards, and get everyone to adhere to them.”
To try to stay ahead of the criminals, online business and merchants are using more tools than ever. CyberSource found the median number of automated tools in use today is five, and 40 per cent of merchants use six or more. According to its survey, 82 per cent of merchants use address verification services, 56 per cent use card verification number checking, and 53 per cent use internally built fraud screens.
Meanwhile, international e-commerce orders continue to spell more trouble for retailers than domestic orders. Merchants that accept orders from outside North America reject more than 13 per cent on suspicion of fraud, CyberSource says. Among those accepted, 3.8 per cent turn out to be fraudulent — which is nearly three times higher than the overall rate.
VeriSign’s report identifies countries with the highest rates of originating fraudulent transactions. When fraud is measured as a per centage of legitimate sales, the Former Yugoslav Republic of Macedonia tops the ranking, with 100 per cent of transactions originating within its borders deemed risky transactions, followed by Nigeria (87 per cent) and Ghana (86 per cent).