Sarah is a Marketing Manager at Clearsale and has been with the company since 2012. During that time, she has developed deep knowledge about fraud prevention. She brings extensive expertise in planning, marketing, go-to-market strategy and sales experience, thanks to a background that spans financial planning, controlling and analysis. She previously spent 5 years with Proctor & Gamble, and she holds bachelor and master degrees in Business with great distinction from a top Brazilian business school.
Fraud filter algorithms are useful for identifying potentially fraudulent transactions quickly, but due to variability in consumer behavior – such as making online purchases while traveling abroad – some transactions will be falsely flagged for decline.
ONE OF THE BIGGEST CHALLENGES WITH USING TRADITIONAL FRAUD FILTERS AND FRAUD SCORES IS NOT PREVENTING THE FRAUD ITSELF. INSTEAD, IT’S ENSURING THAT GOOD TRANSACTIONS AREN’T DECLINED.
It’s clear that merchants need a better transaction review process. When fraud scoring or fraud filters tools are too sensitive, the result is a high amount of false positive transactions, which causes card declines for legitimate purchases.
In fact, automatic transaction review processes aren’t the best way to combat against fraudsters because they often deny legitimate orders. When doing the review process automatically, merchants usually flag up to 27% of its transactions as high-risk, and fraud prevention solutions on the market reject at least a percentage of these automatically.
So, what happens when legitimate orders are denied while fraudulent ones go through? Here, we explore two of the biggest consequences.
- You’re Leaving Money on the Table
Fact: False declines cost more than fraud.
There can be as many as 40 false positives for every legitimate attempt at fraud. This means up to 97% of transactions flagged as high-risk could be a legitimate transaction. These false positives result in credit card declines, a significant loss in sales, blocked accounts and an overall poor experience for your customers.
An average of 15 to 30% of customers fail identity proofing challenges based on personally identifiable information (PPI) data and life history questions while up to 60% of criminals and fraudsters pass. In addition, Gartner’s U.S. state government clients say that more of their citizens’ identities have been compromised than have not.
What’s worse is that depending on the margins generated by a given business model, one mistakenly approved fraudulent order could take a dozen or more good transactions to make up for it.
Retailers lose more money on false declines – $118 billion per year – than the amount they lose to actual credit card fraud, which is around $9 billion. Additionally, 32% of customers who experience a false decline choose not to shop with that merchant again.
Despite what many merchants believe, a “harder is better” approach doesn’t keep the bad guys away either. In fact, it probably annoys your good customers more than anything.
- Your Fraud Prevention Model isn’t Effective
Advanced analytics increases the concentration of fraud relative to good transactions at higher scores and decreases the concentration of fraud relative to good transactions at lower scores. It’s important to note, however, that there are going to be good transactions among the higher fraud scores.
For example, if you have a customer who frequently buys expensive items very quickly, makes purchases at odd hours and ships to many different locations, most merchants would assume that this is a fraudulent transaction and assign it a higher frauds core. However, it’s possible that this customer is wealthy, an impulse buyer, a night owl and is buying gifts for family or friends – making the order completely legitimate.
A FRAUD SCORE IS ONLY AS GOOD AS THE INFORMATION USED TO COMPUTE THE SCORE. IF THE DATA BEING ANALYZED ISN’T ACCURATE OR REPRESENTATIVE OF THE REAL WORLD, THEN IT’S NOT USEFUL. THIS CONCEPT IS SIMPLE, BUT IT’S OFTEN FORGOTTEN AMONG MERCHANTS.
FOR INSTANCE, IN A RISK MANAGEMENT ROLE, PEOPLE OFTEN THINK OF DATA AS BEING USEFUL FOR EXTRAPOLATING THE LIKELIHOOD OF FUTURE EVENTS. BUT THIS IS ONLY TRUE IF WE HAVE DATA WHERE THE EVENTS WE ARE WORRIED ABOUT ACTUALLY OCCUR WITH THE SAME FREQUENCY AND PATTERNS AS THEY DO IN THE REAL WORLD. YOU CAN CONCLUDE THAT THIS IS NOT TRUE FOR BUSINESSES WHO REJECT ALL HIGH-RISK TRANSACTIONS AND ASSUME THEY’RE ALL FRAUDULENT.
Achieving an Accurate Transaction Review Process
The difficulty in achieving an accurate and efficient review process isn’t exclusive to small and midsize businesses. Enterprise-level companies also deal with similar obstacles.
Most companies find themselves facing the same dilemma in the review process: touching transactions too little or not enough. In fact, many high-risk orders don’t get examined at all, and businesses alone don’t have sufficient or specific enough information available to approve a transaction.
WHEN BUILDING ANY PREDICTIVE SCORE, THE GENERAL RULE IS THE MORE DATA, THE BETTER. HOWEVER, AS IMPORTANT AS IT IS TO THOROUGHLY CONSIDER ALL DATA SOURCES WHEN BUILDING AND MANAGING A FRAUD SCORE, DIRTY DATA CAN MISLEAD THE ANSWERS PROVIDED BY THE SCORE.
Dirty data can come from a variety of sources – inconsistencies, incompleteness, duplication and more – and it yields a messy analytical model.
How to Accurately Build Fraud Scores
The data used to build a fraud score should be representative of your future customers or orders being placed.
Let’s take this example of fraud scoring:
Assume you want to build a fraud score that will score card-not-present (CNP) orders you will receive in the future. The future population then consists of all CNP orders in your business. Next, you need a subset of the historical population (orders placed in the past) to build your analytical model. And in the past, you automatically rejected 10% of your orders (those with higher fraud scores).
This implies that the historical population has two subsets:
- Orders Automatically Decided:
- Orders automatically approved. These orders can either never lead to a chargeback (legitimate orders) or can lead to a fraud-related chargeback (true frauds).
- Orders automatically declined due to a high fraud score.
THIS IS WHERE THE REAL ISSUE LIES. SINCE THESE ORDERS WERE NEVER APPROVED, YOU CAN’T TELL WHETHER THEY WERE REAL FRAUD OR LEGITIMATE ORDERS UNJUSTIFIABLY DENIED.
- Orders Manually Decided:
- Orders manually approved. A fraud analyst can make sure that the transaction is legitimate before approving since they have more information and skills than a machine. Fraud analysts still make mistakes; however, the chances of this occurring are very low. Now, the result of the approved transactions are orders that never led to a chargeback (legitimate orders) or orders approved but later generated a chargeback (true frauds).
- Orders manually rejected. This is the group of transactions that are confirmed as fraud by the cardholder or the real owner of the data being used for the purchase.
If you always consider every high-risk transaction as fraud, you’re going to believe your fraud model is accurate because your score will “believe” that bad transactions are actually fraudulent. As time passes, you will have an overly conservative fraud score, which means that good but high-risk according to your fraud score orders are always rejected, leading to more declines than should occur.
BECAUSE OF THE GROUP OF AUTOMATICALLY DECLINED ORDERS, YOU WILL HAVE A BIASED DATA SET WHEN BUILDING YOUR SAMPLE, WHICH LEADS TO A LESS ACCURATE FRAUD SCORE. CONSIDERING ALL OF THIS, YOU WILL END UP HAVING AN INFINITE LOOP OF BAD DATA – IN OTHER WORDS: GARBAGE IN, GARBAGE OUT.
Don’t Let False Declines Negatively Affect Your E-Commerce Business
False declines can have a serious impact on your business’ bottom line, and it’s important that you find ways to create an effective – and efficient – transaction review process.
Implementing a fraud prevention solution such as ClearSale can help you reduce the number of legitimate orders you decline while improving your profits.
WE ARE THE ONLY SOLUTION IN THE MARKET THAT DON’T REJECT ORDERS AUTOMATICALLY.