When’s the Next Wave of E-commerce Fraud Coming?

The FBI recently announced that online fraud increased 20% since 2006. While this may seem large – I am perplexed that it is not larger. As we have have talked to many online merchants, we are finding that they have a variety of tools deployed, mostly using logical screens such as looking at the IP address, the browser languages, the country of origin, time of day, difference between Bill TO and Ship TO address, etc…..

As we are getting into the analytics, however, we are observing that it is still relatively simply to get through the screens. As long as you use an IP that doesn’t ring the bell, get the right Bill TO address, and don’t order in obvious fraudulent patterns (eg. 10 orders for the same high end electronics product), etc. it is fairly easy to get through the hooks. When we study the known frauds that are getting through – we see this all the time. The good news is that there are ways to combat these tougher frauds by looking not only order related data , but third party data and analytics that can take fraud detection to the next step.

However, what we are also seeing is that the fraud incidence for online merchants is still at historic lows. This is telling me that the fraudsters have not yet figured this out. They are still routinely trying their old tricks, and are having their orders blocked more and more. While this is great – it is also suggesting that it is just a matter of time, before they change tactics and begin figuring out how to get through. As we like to say “Once you shut down one device for the fraudsters – they don’t tend to give up and go get day jobs”. Instead, they tend to keep pushing to open up that next vulnerability.

I believe we are going to once again begin seeing a substantial increase in fraud rates, as this next migration occurs. Thoughts?

Date Posted: April 9, 2008 Author: Category:   IDI Blog

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload the CAPTCHA.