The Season of Taking - Page 2

By Evan Schuman  |  Posted 2004-11-26 Print this article Print

There are quite a few types of products intended to combat online fraud. The Merchant Risk Council suggests a comprehensive seven-product/tactic mix as its “minimum toolset.” That recommended toolset consists of address verification, customer follow-up, card verification codes, negative list, real-time authorization, customizable rules and some kind of post-process fraud management. Other popular approaches include fraud scoring and geolocation. Geolocation by IP address is a popular way of trying to determine a users geographic latitude, longitude and, by inference, city, region and nation by comparing the users public Internet IP address with known locations of other electronically neighboring servers and routers.
But not all retailers are created equal. Larger retailers can justify the high costs of much of this software, plus fraud detection employees to track the results and to perform manual follow-ups and intervention.
Smaller retailers often have difficulty justifying the cost, especially since some fraud is going to get through, no matter what the retailer does. If the retailer knows that current efforts will keep fraud to about 1 percent and more expensive approaches will bring it down somewhat further, it becomes a very difficult ROI argument when it comes to deciding the level of additional investment. Naturally, those smaller, less-protected retailers are becoming the most attractive fraud targets. Less experienced employees are a critical weak spot for fraud protection. To read about how an electronics chain is working around the challenges of seasonal workers, click here. Fraudsters “pick merchants who have very weak defenses in place,” said Julie Fergerson, co-chair of the Merchant Risk Council. How do crooks know the retailers with the weakest defenses? “They’ll run a couple of test frauds, maybe with a half-dozen orders.” The verification procedure (including manual review) will typically reject certain purchases because the transaction has too many fraud-like characteristics. Such suspicious characteristics include having a different billing and shipping address, seeking an unusually large quantity, using a free e-mail domain or a customer coming from one of many fraud-friendly countries (the Merchant Risk Council’s suspect list includes Nigeria, Ghana, the Ukraine, Macedonia, Romania, Turkey, Russia, Thailand, Brazil, Egypt, Venezuela, Vietnam, Indonesia, Israel and Turkey). Those verification procedures can be costly. Above and beyond the time and technology costs they require, they invariably force retailers to turn down revenue from legitimate customers. Gartner’s Litan estimates that about 2 to 3 percent of legitimate charges are being rejected. Epiphany is trying to boost CRM usefulness by making the data more immediate. Will that help? To read more, click here. A recent Cybersource report on online fraud came to the same conclusion. “It is virtually certain that some of these rejected orders are valid, but in the attempt to reduce direct fraud losses, merchants reject orders that appear suspicious,” the report said. “The fact that, on average, merchants ultimately accept two-thirds of orders they manually screen seems to indicate that the proportion of valid orders they reject is significant.” Cybersource reported that for every accepted fraudulent order, “merchants reject more than three additional orders. Merchants whose direct fraud-loss rate is above 1 percent are turning away twice as many orders on average (nearly 8 percent). For merchants accepting orders originating outside of the U.S. and Canada, the rejection rate is almost 8 percent as well.” But technology defenses against fraud are certainly not limited to online. Chris Dorsey is the CIO for the Chase-Pitkin chain of home/garden supplies, which is a division of $3.3 billion Wegmans Food Markets. Although his chain deploys a wide range of standard low-tech anti-theft devices (video cameras, undercover security guards, keeping high-theft items behind the counter, etc.), it was a software approach that he credits with cutting theft. Next Page: How Chase-Pitkin is using software to combat fraud.

Evan Schuman is the editor of's Retail industry center. He has covered retail technology issues since 1988 for Ziff-Davis, CMP Media, IDG, Penton, Lebhar-Friedman, VNU, BusinessWeek, Business 2.0 and United Press International, among others. He can be reached by e-mail at

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel