Over the next three weeks we will explore on this blog some of the reasons why National Transaction Corporation is the preferred choice for travel agents.
The Travel industry is one of the world’s largest industries with a global economic contribution of over 7.6 trillion U.S. dollars in 2016. (Statista)
At NTC we recognize that travel agency payment processing has some unique hurdles to overcome, but we are leveraging our innovation because we want our travel agency partners to explore how our solutions transcend the challenges that travel agents face.
Secure processing is one of the reasons why National Transaction is the preferred choice for travel agents
National Transaction Corporation has Secure Merchant Payment Processing – Because when your customers know their data is safe, they keep coming back!
You’ve heard of the many data breaches within major corporations that have occurred in just the last few years, when customers’ confidential credit card information is stolen and businesses lose a small fortune in repairing the problem. The cost of such a security breach goes far beyond that, however; once a business has lost the trust of its customers, 60% of those cardholders will go elsewhere for their purchases and services, according to studies on the problem.
Imagine if this happened to your travel agency merchant account? It could be disastrous, especially because agencies tend to deal with high-dollar sales from a moderately-sized pool of customers – so every client counts.
NTC knows that you, like us, care about your customers, and we want your travel agency to be seen as a trustworthy place to book a dream vacation. The first step is for your business to be PCI-DSS compliant.
PCI-DSS (Payment Card Industry-Digital Security Standards) requirements were put in place by the credit card associations to deal with the increasing problem of identity theft and data loss. The requirements vary according to the types and the number of payment transactions your agency goes through, but you can be sure that NTC will help you stay compliant with the latest security standards.
In the event of a data breach, we are here to eliminate the negative impact it can have on your company. NTC may be able to help you with the fines, assessments, and other costs from the networks, and we will consult with you on how to proceed to protect your agency and your reputation.
As you know, data security is as much a concern for the business owner as it is for the cardholder – your customer. When your clients know that their data is safe with you, they will keep coming back to your agency to book their next great trip!
If you cannot wait to read blog number two out of this three part series, feel free to call NTC now at 888-996-2273 to find out the best options for your travel agency!
Tokenization is a powerful security feature that allows a merchant to support all of their existing business processes that require card data without the risk of holding card data and without any security implications, because tokens are useless to criminals, they can be saved by the merchant as they do not represent any threat.
The liability and costs associated with PCI compliance is substantially reduced and the risk of storing sensitive data is eliminated.
Tokenization applies to credit card and gift card transactions.
Imagine a world where you could accept credit card payments without actually storing any sensitive cardholder data. No more worrying about data breaches, PCI compliance headaches, or the crippling costs of a security breach. That’s the power of tokenization.
Here’s how it works:
Instead of storing sensitive credit card information on your systems, each card number is replaced with a unique, randomly generated “token.” This token is useless to hackers, but it can be used to process payments securely on the merchant account that created the token.
Think of it like a valet ticket:
You hand over your car (the sensitive data) to the valet (the tokenization provider), who gives you a unique ticket (the token). The valet keeps your car safe, and you can use the ticket to retrieve it when needed.
The benefits are immense:
Ironclad Security: Reduce your PCI DSS scope and minimize the risk of costly data breaches. With tokenization, even if your system is compromised, the actual card data remains safe.
Effortless Compliance: Simplify PCI compliance and avoid hefty fines. Tokenization helps you meet the stringent security requirements for handling sensitive cardholder data.
Recurring Billing Made Easy: Securely store tokens for recurring billing or future transactions. This allows you to charge customers later without having to store their sensitive information.
Improved Customer Trust: Demonstrate your commitment to data security and build customer trust. Knowing their information is protected encourages repeat business and loyalty.
Streamlined Checkout: Offer a frictionless checkout experience with saved payment information. Tokenization enables faster and more convenient payments for your customers.
Tokenization is not just a security measure, it’s a strategic advantage:
Reduce costs: Minimize the expenses associated with data breaches and PCI compliance audits.
Boost efficiency: Streamline your payment processes and reduce administrative overhead.
Enhance your reputation: Position your business as a leader in data security and customer trust.
In conclusion:
Tokenization is a game-changer for businesses that accept credit cards. It offers unparalleled security, simplifies compliance, and unlocks new opportunities for growth. Embrace the future of secure payments with tokenization and watch your business thrive.
For Electronic Payments with Tokenization call now 888-996-2273 or click here NationalTransaction.Com
Visa 3-D Secure (3DS) is a security protocol designed to add an extra layer of protection to online credit card transactions.It aims to reduce fraud by verifying the cardholder’s identity before the transaction is authorized.Visa’s implementation of 3DS is called “Visa Secure.”
Here’s how it works:
Transaction Initiation: When a customer makes an online purchase with their Visa card, the merchant’s website communicates with the Visa network to initiate the 3DS process.
Risk Assessment: The issuer (the cardholder’s bank) performs a risk assessment based on various factors, such as the cardholder’s history, the transaction amount, and the merchant’s risk profile.
Authentication: If deemed necessary, the issuer challenges the cardholder to authenticate their identity. This usually involves a step-up authentication method, such as:
One-time password (OTP): Sent to the cardholder’s registered mobile phone or email.
Biometric authentication: Fingerprint scan or facial recognition.
Knowledge-based authentication: Security questions or personal information.
Verification: Once the cardholder successfully authenticates, the issuer confirms their identity to the merchant.
Transaction Completion: The merchant can then proceed to process the transaction with increased confidence that the cardholder is legitimate.
Integration and Implementation:
Merchants need to integrate 3DS into their online payment systems.This typically involves working with their payment gateway provider or acquiring bank to implement the necessary APIs and protocols.Visa provides detailed documentation and support for merchants to integrate Visa Secure.
Benefits and Features of 3DS:
Reduced Fraud: By verifying the cardholder’s identity, 3DS significantly reduces the risk of unauthorized transactions and chargebacks.
Improved Security: Adds an extra layer of security to online payments, protecting both merchants and customers from fraud.
Shift in Liability: In many cases, if a fraudulent transaction occurs after successful 3DS authentication, the liability shifts from the merchant to the issuer.This can save merchants significant costs associated with chargebacks and fraud disputes.
Increased Customer Confidence: Demonstrates a commitment to security and builds trust with customers, encouraging them to complete their purchases.
Enhanced User Experience: The latest version of 3DS (EMV 3DS 2.0) offers a smoother and more user-friendly authentication experience, minimizing friction during checkout.
Support for Mobile and Digital Wallets: 3DS is compatible with various payment channels, including mobile devices and digital wallets, providing a consistent and secure experience across all platforms.
In conclusion: Visa 3-D Secure is a powerful tool for merchants to enhance the security of their online transactions, reduce fraud, and improve customer confidence.
By implementing Visa Secure, merchants can protect themselves from financial losses and provide a safer and more trustworthy shopping experience for their customers.
For e-Commerce Electronic Payments set up with 3D Secure
With smartphone users on the rise Nielson says that in 2012 47% of smartphone owners use mobile shopping apps in the Shopping / Commerce category. Although these do not account for actual mobile payment transactions they show that smartphone users are frequently turning to their mobile devices to find deals and purchase information.
But what exactly is m-commerce? M-commerce is a hybrid technology that takes web technologies that scale screens to mobile devices like Apple iPads and Android tablets. The commerce end of it comes from shoppers and merchants actually executing payment transactions over mobile devices of some form. Read more of this article »
Travel Agents prefer NTC ePay because they get paid faster with their very own “Buy Now” button or simply by requesting payments by email!
In our last installment, we shared how the security of NTC Payment Processing works for you. In this second part of our three-part series, we discuss the ways that the technology behind NTCePay helps your travel agency.
NTCePay offers travel agents the most innovative technology because it is fast, mobile friendly and easy to use.
Whether you use Quickbooks, Peachtree or any other accounting application, you can enter the invoice number into the ePay application for reconciliation, and you can customize your pricing to any amount you choose. Your agency can create invoice and payment links that can be posted to your website or any social media website for payment.
Things flow better when everything seems to work together, making your day a lot easier? Technology is something that can get your daily workflow to go smoothly, and NTC ePay works for you. If you need a customized solution to go with your workflow, NTC can make most anything a reality for your business workflow.
National Transaction Corporation is one of the few travel payment processing companies that can directly integrate with both TRAMS and SABRE. You can perform your bookings like you always have but have the payment flow the way you need it to. We also integrate with many booking engines and shopping carts allowing you many options that are not available by host agencies.
NTC ePay is simple, secure and sets up in just minutes. It’s a web application, so you can use it on any device you already own: your desktop, laptop, tablet or phone. It lets you add inventory items or use the quick send feature for simplified invoicing.
Our ePay product was designed from the ground up with your security in mind. Even though we encrypt data back and forth to the payment gateway, we also use the gateway to handle the cardholder’s input. NTC’s cutting-edge technology doesn’t store credit card data, nor does it transmit that data. What that means to you is that the liability is 100% on the bank and not your business, as is typically the case. The application is written and hosted on our own servers, so you can set up and be in the e-commerce business within minutes.
By the way, there are also many customizations available to you with NTC ePay which can be set up very easily by your users. Inquire with your specific process and we will meet your specific needs in the travel payment scope.
Now, when you run a social media campaign you can leverage our NTCePay technology to help you increase sales. Use our ePay links to post vacation travel packages or special sales and have customers pay in two clicks.
Next week we will share the third reason in this series why National Transaction Corporation is the preferred choice for travel agents like you.
Remember, when you need a safe and technologically advanced gateway to manage all your travel agency payments, look no further than NTC.
Feel free to call us now at 888-996-2273, if you are ready to start using NTC ePay today.
Helpful tips to help you combat fraudulent auth testing on your payment gateway.
The pandemic accelerated both merchants’ and their customers’ transition to a digital marketplace. More than one year later, with more and more transactions occurring online, merchants are at an increasingly higher risk for fraudulent attacks.
As eCommerce continues to cement its foothold in the marketplace, fraudulent authorization testing remains a prevalent risk to business owners. Auth testing or Account Enumeration, as it is more commonly known, occurs when fraudsters use stolen credit card numbers to test small purchases on a merchant’s payment system to see if a transaction gets authorized. If it does, then they start racking up bigger charges on the validated stolen card numbers.
Making matters worse, fraudsters can test hundreds to tens of thousands of stolen payment card numbers on a single digital checkout in the blink of an eye with the help of software applications called bots. Those transactions, no matter how small, quickly add up as every attempted transaction comes with an authorization cost.
Small and medium businesses are often preyed on by these fraudsters, sometimes from a lack of preparedness. Prior to the pandemic, a study by Emailage of more than 1,000 North American SMBs revealed that 48 percent didn’t believe they were large enough to be a target, while 38 percent didn’t see fraud as a top business concern.1 Remember, customers – both small and large – are best prepared through a multilayered approach. We encourage you to visit these tips offered by Elavon’s Loss Prevention Team below. As a reminder, if your customers are Converge users, many of the preventive tools below are available through the Converge solution. Please refer to the downloadable guide in The Learning Center (TLC) for more information.
1. Use these fraud deterrence tools. Consumers’ expectations continue to grow for a more seamless, safe way to shop online. While these tools are part of an evolving process, some of the more common tools currently used are:
• Firewalls – Network security systems that monitor and control incoming and outgoing network traffic based on predetermined security rules and transaction parameters.
• CAPTCHA or reCAPTCHA – A program or system aimed at distinguishing human input from bots with images.
• Honeypots – Decoy systems that operate alongside production systems that lure in fraudsters. • Device fingerprinting – Technology that detects the originating device to help identify bots. • Key stroke recognition – Another biometric tool that uses the unique manner in which an individual types to recognize as human and not a bot.
2. Ensure HTML source code is hidden. Using an outside vendor to develop eCommerce websites could expose customers to fraudsters. Coders may leave HTML source code exposed or accessible, leaving the door wide open for fraudulent auth testing, so it is important to ensure that source code is well hidden. While tools like CAPTCHA can help, it may require the help of a developer to disguise these codes from fraudsters. Our Developer Portal can help.
3. Require more information when setting up pay fields. Many pay fields only require the credit card information, but adding email addresses, phone numbers and cardholder addresses makes auth testing less likely as fraudsters need to build a much longer script with all that additional information to obtain an authorization. Our Software Technical Support (STS) team can install tools such as Address Verification Service (AVS) to help confirm the required additional information in the fields is a match.
4. Continually monitor transactions. Since authorization testing often happens in large groups of transactions within a small period of time, customers should set hourly or daily velocity limits within their payment acceptance platform. The goal is to specify an upper limit of expected transactions to occur within the selected timeframe to a specific IP address. Business owners should continually review high-ticket transactions or unusually low-ticket transactions. They can set a transaction threshold that, if the transaction seems oddly low or much higher than their average transactions, can automatically decline the transaction or pend for later manual review prior to attempting the authorization.
5. Scan systems. Check for malware or spyware regularly.
1 SMB Merchants Are Too Complacent When It Comes to Payment Fraud, My Total Retail
John Stewart January 17, 2022 https://www.digitaltransactions.net/trends-like-open-banking-and-bnpl-will-sustain-e-commerces-hot-streak-a-report-says/
Open banking, single-click checkout wallets, and the hot buy now, pay later trend will all help drive e-commerce volume worldwide in the coming five years, predicts Juniper Research in a report released Monday. This momentum is likely to push online sales long after the short-term impetus from the pandemic subsides, Juniper says.
E-commerce volume totaled $4.9 trillion globally in 2021, a figure the United Kingdom-based research firm forecasts will reach $7.5 trillion in 2026, when China will control a 37% share. Wider availability of multiple e-commerce channels, including mobile devices, will propel the overall growth worldwide, Juniper says. But along with the boom in e-commerce will come a corresponding growth in fraud via identity theft, account takeovers, and fraudulent chargebacks, the report warns. China, for example, will account for more than 40% of fraud losses worldwide in 2025, at more than $12 billion, Juniper forecasts.
Open banking is a trend by which fintechs can verify balances in consumers’ accounts and transfer funds to pay for online purchases. As standards bodies work to promulgate standards for this business, e-commerce payment providers “should … partner with specialists in … specific emerging payment areas to keep pace with changing merchant expectations around acceptance types,” the research firm says in its release, referring to digital wallets and crypto as well as open banking.
Open banking has taken on a higher profile in the global payments market with efforts by both of the global card networks to acquire firms that specialize in this area. Visa Inc. has acquired Tink AB, while Mastercard Inc. bought Aiia and Finicity Corp.
Physical goods will continue to dominate e-commerce spending, the report says, accounting for 82% of payment value by 2026. To tap into the trend, Juniper advises, payments providers should support buy now, pay later plans, which allow consumers to split purchases into four equal installments paid over a six-week period at no interest. BNPL is becoming more controversial, however, as the Consumer Financial Protection Bureau has launched an investigation of the option and as reports emerge that consumers with multiple accounts are more likely to miss a payment.
While still a big trend, e-commerce sales in the U.S. market cooled significantly last year as the pandemic effect lost some of its force. Third-quarter sales in 2021 reached $214.6 billion, up 6.6% year-over-year, according to the Census Bureau, which tracks retail sales. That follows an 8.9% rise in the second quarter and three straight quarters with increases of 32% or more. Fourth-quarter 2021 results are not yet available.
When you are first setting up a retail or an eCommerce endeavor, few decisions will be of as much importance as the payment provider that you choose. Your payment provider will handle each and every card transaction your online company makes, and if it doesn’t function properly, or if it has a lot of hidden fees, such as old legacy systems with long term contracts, you can be setting your business up to fail before you ever get started.
So, we are going to explain to you what you should be looking for when you reach this crucial decision in the setup phase of your business, and we will help you find a payment provider that meets your needs perfectly and sets you up to succeed in the business world.
As a general rule of thumb, there are three main factors that you really need to consider when you go to choose who you will be working with: The people involved in the transaction, the fees associated with each transaction, and how the transaction is handled behind the scenes. There are some smaller tidbits that can make a specific provider a better or worse choice, but those three factors will allow you to narrow your search down to a select few of top competitors that will truly help your company succeed.
The Parties Involved
Besides your bank and the customer’s bank, there are three different factors that go into every single one of your transactions, and a payment provider works with all three of them. There’s you, your customer, and the technology acting as a bridge between the two of you. We’ll go into more detail about all that, now.
The Customer
With this part of the transaction, we are really talking about the “issuing bank”. That’s your customer’s bank, and they handle lending the customer the money to make a purchase on your site, and they issue the card that the customer uses to make that purchase. This is your customer’s main form of interaction with the transaction process, and it’s one of the most important factors since it’s what starts the transaction in the first place. However, you have no control over this factor, and you can simply ensure that the technology, which we’ll talk about soon, makes their part of the transaction as smooth as possible.
The Merchant
This is you and your part in the transaction. You function as the merchant that the customer is engaging with, and in order to do that, you need a merchant bank to partner with and work as your company’s bank. A merchant bank functions differently than the bank you use in your day to day life. Instead of issuing you funds in advance for credit purchases and managing your checking and savings accounts, a merchant bank takes in your customers’ payments for you, and then puts those payments into a special merchant account that is a lot like a business’s checking account. Without a merchant bank, you won’t be able to succeed in the long-term with eCommerce.
The Technology Solution
Your technology, and the company handling it, is what makes a transaction possible in the first place, and there are two parts to this imperative factor: The payment processor and the payment gateway.
Processor
The payment processor is what actually handles the transaction. It moves the money between the different parties and delivers it to the banks and accounts involved. If your processor is subpar, your customer’s transaction experience will be, too. You need an up-to-date payment processor that functions smoothly and without any hassle placed on you or your customer to ensure that each customer enjoys a seamless transaction.
Gateway
The payment gateway is essentially what sends the transaction information to the payment processor. It links to your site’s shopping cart feature, and when a customer buys something, it connects to the payment processor and begins the transaction. In order to ensure that your transactions are smooth and effortless, this technological asset needs to be competent and able to easily satisfy your customers without being apparent.
How the Transaction Process Happens
The transaction process is fairly complicated, but it all takes place in a matter of seconds. In fact, it’s usually seemingly instantaneous.
Once a purchase is made, the payment gateway encrypts the transaction data to protect your customer and your business, and then it asks the customer’s bank if it will advance the funds for the customer’s purchase. If yes, the payment will be sent to your merchant account, and if not, the transaction will be denied and ended until a resolution can be found.
Once that step is completed, the funds typically end up being accessible by you the second your merchant bank acquires them and places them in your account, but you may be forced to keep a certain amount in the account to make sure you can cover any returns that pop up.
This part is not instantaneous. It can take a couple days to complete this part of the process.
Transaction Fees
This is easily the factor that you’ll want to pay attention to the most, because a lot of merchant service providers are downright misleading when they quote your rates, and you need to get a firm understanding of how a company sets up its fees to know what to actually expect from your bill.
Most often, companies will quote something like 1.8% rates to interest you and appeal to your more frugal side, but then they’ll apply all sorts of hidden fees that raise that rate as high as 11% without notifying you properly. As you can imagine, that can make your bill a bit more than what you thought it would be.
There are three rate models that are most often used:
Flat-Rate
You’re given a specific amount to pay, and whether that covers your total fees or not, that’s what you pay. You could be overpaying tremendously if you accept a quite a few low cost cards vs. the higher cost cards. The processor is banking on your acceptance of these lower cards to ensure all costs are covered.
Interchange Plus Pricing
This takes the interchange fee you pay and adds a small fixed rate on top of it. It’s not as consistent as a flat-rate fee because of the sheer amount of interchange fees out there and the number of different credit cards with all of the various reward and incentive programs.
Tiered Pricing
This is when the provider creates a few tiers of fees and charges you based on the tier your fees are in rather than each individual fee. The only bad thing about this is that the provider decides which fees go into which tier.
Other Important Things to Consider
Does your processor provide Data Security/PCI protection? What about financial breach protection, in the event you are breached?
Any business or other entity that stores, processes or transmits cardholder data must ensure that their processes meet the Payment Card Industry / Data Security Standard (PCI/DSS). Failure to do so can result in heavy fines being levied.
Understanding PCI/DSS
The PCI/DSS is a global standard defining acceptable practice for any entity involved in the storage, transmission or processing of cardholder data.
In recognition of the sensitive, confidential and valuable nature of this data the standard imposes strict regulations which must be met in full. The full requirements are detailed but are covered by 12 broad requirements. These are grouped into 6 broad control objectives as follows:
1. Build and Maintain a Secure Network and Systems – Install and maintain a firewall configuration to protect data – Do not use vendor-supplied defaults for system passwords and other security parameters
2. Protect Cardholder Data – Protect stored data (use encryption) – Encrypt transmission of cardholder data and sensitive information across public networks
3. Maintain a Vulnerability Management Program – Use and regularly update anti-virus software – Develop and maintain secure systems and applications
4. Implement Strong Access Control Measures -Restrict access to data by business need-to-know -Assign a unique ID to each person with computer access -Restrict physical access to cardholder data
5. Regularly Monitor and Test Networks -Track and monitor all access to network resources and cardholder data -Regularly test security systems and processes
6. Maintain an Information Security Policy -Maintain a policy that addresses Information Security
Any entity handling card transactions must meet the standard and be able to demonstrate (certify) that it does so. The level of certification is flexible and depends on how transactions are processed and in what volume.
A Summary of Benefits
Achieving full compliance with PCI/DSS standards is more than an obligation. It delivers genuine benefits to businesses:
– Lessen the risk of fraudulent transactions
– Prevent security breaches
-Lessen the impact should a breach occur
– Reduce your business’ exposure to risk and liability
– Provide peace of mind for your customers
– Avoid the negative PR associated with data loss
Why are These Requirements in Place?
Card transactions have grown enormously in recent years as cards become the number 1 preferred form of payment. Since no physical money is handled or exchanged as part of these transactions they are dependent on the transfer of data.
That data therefore becomes sensitive and valuable and must be protected. Failure to protect this data can lead to fraud and theft. These crimes often impact both the card holder and the merchant directly. They can also damage or even destroy the reputation of businesses or organizations involved in hacks or data breaches.
More widely card fraud has the long-term detrimental effect of eroding consumer confidence and trust – both in the individual companies affected and in the card payment industry more widely.
Millions of consumers and organizations worldwide are choosing to pay by card. And millions of businesses, professionals, traders and organizations are accepting and handling these payments. Instead of allowing an ad-hoc approach where each business sets its own level of security the PCI / DSS was imposed. This ensures a uniformly high level of data security throughout the worldwide card payment industry.
Keep your Data Secure – Don’t get caught without PCI Data Breach Protection
With more retailers than ever before embracing e-commerce, the fraud journey is becoming a focus for many. It is clear, though, why retailers have paid more attention to the customer journey. After all, in addition to shaping a customer’s overall experience, a customer’s journey determines whether or not they will make a repeat purchase. Too often, however, when focusing solely on the customer journey, the fraudster’s journey remains overlooked. To bring the fraud journey into focus, we need to understand what it really is and where retailers should be placing their efforts.
Like the customer journey, the fraud journey is the path fraudsters take when interacting with a brand. In the case of the fraud journey, we consider the actions a fraudster takes to commit fraud. Understanding the fraud journey and focusing on the fraudster’s actions will enable online retailers to dramatically reduce fraud conversion rates and ultimately prevent fraud.
It’s not by chance that the customer’s journey and the fraudster’s journey are often mentioned together. In their attempt to satisfy customers while also detecting and preventing fraud, many retailers are faced with an impossible juggling act: Do I prevent fraud or give my customers the experience they want? True, balancing between the two, enabling the paths to co-exist, is challenging, yet it can be achieved. Taking the time to understand the intricacies of the fraud journey can help reduce false positives and cut down on chargebacks.
The True Cost of Chargebacks
Chargebacks. The very word sends shivers down the spine of even the most experienced online retail fraud fighters—with good reason. Chargebacks end up costing retailers in additional fees as well as in customer dissatisfaction and it’s nearly impossible to truly evaluate the cost of chargebacks.
It’s estimated that for every $100 in chargebacks, retailers end up paying $240! But the problem with chargebacks goes far beyond any fees or penalties incurred. The issue with chargebacks is that if a customer gets to the point where they have to request a chargeback, the damage has already been done.
Why Does the Fraud Journey Matter?
Let’s consider the forecast that e-commerce is expected to make up 22 percent of all global retail sales by 2023. Or that it’s predicted that U.S. e-commerce sales will jump 18 percent due to Covid-19. E-commerce sales are at an all-time high, and there are no signs this trend is going to slow down anytime soon. This emphasizes even more the need to focus on the fraud journey. The fraud journey has an impact when building an effective chargeback management strategy and it is directly linked to customer retention and acquisition.
The fraud journey gives one an in-depth understanding of users who could be fraudsters, based on suspicious behavior. Retailers looking to up their fraud prevention and chargeback management game, need to have a clear understanding of the fraud journey. This understanding will make it easy for them to differentiate actions a legitimate user would take, from fraudulent actions. For example, a change of the shipping address upon login indicates a possible fraudulent action. Carefully considering the behavior of a legitimate customer at every stage of the customer journey can help isolate suspicious activities with more accuracy, and thus cut down on false positives.
Fraud Prevention: The Ultimate Juggling Act
Understanding chargebacks and how to prevent them, starts with understanding how retailers approach fraud prevention. In cases where retailers focus on detection and prevention at the payment stage, or even only one part of the payment stage, fraudsters are able to successfully move through their journey undetected until it is too late.
If a fraudster’s activity is detected as suspicious and flagged only at the payment stage, gives an opportunistic fraudster plenty of opportunities to monetize the service by other means before their presence is detected. This could include everything from promo abuse and referral abuse to new account fraud.
That’s exactly why a more advanced fraud prevention and detection approach is required. For example, using technologies such as behavioral biometrics will enable retailers to stop a fraudster long before the payment stage, before any real damage is done, and will help cut down on chargebacks.
Is it really that simple? Retailers are rightfully concerned with the need to ensure that detection of fraud early in the fraud journey, early enough to prevent damage including chargebacks, will introduce as little friction as possible into the customer’s journey. At times it seems retailers can’t win. If they flag an activity as suspicious based on strict rules, they might find themselves with a rise in false positives and possibly disappointed legitimate customers. Other times retailers rely on fraud detection and prevention at the payment stage, ignoring any fraudulent activity, which happens before that, throughout the customer journey. Either way, with fraudulent activities getting more sophisticated, retailers are dealing with a growing number of chargebacks due to fraud.
In-depth understanding of the fraud journey, identifying and monitoring its various touchpoints, will help retailers to reduce fraud and still maintain the balance between customer satisfaction and security.
Proactive Chargeback Management
The common passive-reactive approach to chargeback management is proving to be insufficient as fraudsters are increasingly using tools such as bots and emulators to scale their attacks. Behavioral biometrics-based fraud detection introduces a proactive approach to counter advanced fraud. As opposed to focusing on login or checkout only, and reacting too late, behavioral biometrics focuses on user behavior throughout the entire customer journey, making it easy to identify suspicious and potentially fraudulent behavior at its earliest stage, enabling to stop the fraudster in his tracks, before damage is done.
Adopting advanced technologies like behavioral biometrics will provide retailers with visibility and insight into the entire fraud journey, leading to better, data-driven decision making, pre-transaction prevention and cut down chargebacks.
SecuredTouch is the expert in adaptive fraud detection solutions for online retailers and financial institutions. Using machine learning, the technology continuously analyzes hundreds of behavioral data points to differentiate between human and non-human behaviors, human to device interactions and behavioral anomalies to provide early detection of fraud. The solution identifies sophisticated fraud throughout the customer journey while simultaneously improving the user experience. Businesses benefit from reduced drain on internal resources and increased transaction rates, ultimately leading to an improved bottom line. Today, our award-winning solutions are used by some of the world’s largest retailers and financial institutions.
By Ran Wasserman, CTO, SecuredTouch – Sponsored Content
The chargeback process was introduced more than four decades ago as a consumer-protection mechanism. It was meant to inspire consumer confidence in payment cards, which were still a novel concept at the time. Fast-forward to today, though, and these forced payment reversals have evolved into a significant problem for online merchants.
Chargeback abuse—commonly known as friendly fraud—is a major source of loss. In fact, chargeback issuances resulting from friendly fraud were expected to reach $50 billion annually in 2020, according to Mercator Advisory Group.
Even then, this figure is a low estimate. It doesn’t account for current trends in a post-Covid environment, where we’ve seen a dramatic increase in friendly fraud. These attacks were already up by the end of March, and there’s no sign that they’re going to slow down.
Covid-19 might look like the source of the problem on a superficial level. If we dig deeper, though, we see four underlying factors behind the preexisting upward trend in chargeback filings:
More fraudsters view the CNP environment as the “channel of least resistance;”
Inconsistency in technologies and regulations across different markets;
The rise of mobile banking;
The response by card networks like Visa and Mastercard.
These four factors carry diverse ramifications for the market. For instance, roughly $118 billion in e-commerce transactions are declined each year, according to Javelin Strategy & Research. Most of these rejected purchases are false positives, meaning the merchant unnecessarily rejected the purchase in hopes of avoiding a chargeback.
Clearly, there’s a growing disconnect between merchants, financial institutions, and card networks regarding how best to address this situation. We can see this reflected in the fact that the rate of chargeback issuances in North America is expected to significantly outpace those in the European market. This is attributed to factors like strong customer authentication protocols required by the Revised Payment Services Directive (PSD2), and more widespread use of 3-D Secure technology.
The pressure is on for industry players to find more comprehensive solutions for chargebacks. These solutions must be data-driven and adaptable, though. Otherwise, the growing disconnect between cardholders, merchants, financial institutions, and card networks will exacerbate existing problems in the market, leading to further losses.
The good news is that, in the meantime, there are strategies merchants can employ to address these concerns. For instance, even though friendly fraud operates by concealing itself behind false chargeback reason codes, it’s still helpful to have a clear understanding of what each reason code means in context.
Merchants can’t avoid friendly fraud in the same way they can detect criminal attacks or eliminate merchant errors. However, they can minimize friendly fraud risk by adopting key best practices, including:
Notifying customers to remind them about recurring payments;
Keeping organized and well-documented transaction records;
Using delivery confirmation when shipping physical goods;
Providing easy access to round-the-clock, live customer service;
Providing a quick response to any refund or cancellation requests.
Also, if a merchant identifies a chargeback as friendly fraud, it’s important to engage that dispute through the representment process. This is a complex, time-consuming process, which is why many merchants opt to outsource their chargeback management. It’s still possible to conduct the process with in-house management. However, it will require strong evidence to support the merchant’s case, such as:
A legible sales receipt
A tracking number
Any emails or transcripts of communications you’ve had with the customer
Delivery confirmation information
A record of in-store pickup
Photographic evidence (when available)
This evidence needs to be contextualized with a chargeback rebuttal letter, explaining why the original transaction was valid. Also, merchants are on a tight schedule. In most cases, they have only a few days to provide a response to their acquirer.
Chargeback management can be a difficult and confusing process. But, with the problem of chargeback abuse only set to grow over time, it’s something merchants can’t afford to take for granted.
—Monica Eaton Cardone is the chief operating office and cofounder of Chargebacks911, Clearwater, Fla.
With smartphone users on the rise 
