Last year’s surge in e-commerce spending came with an unwelcome feature for e-commerce merchants: a sharp increase in payments fraud. A recent FIS/Forrester Consulting survey found that worldwide, 59 percent of merchants reported more card-not-present fraud in their e-commerce channel during 2020 than in 2019. As fraudsters increased their attacks on merchants, a quarter told surveyors they were “struggling” to deploy stronger anti-fraud solutions. Forty-six percent of the surveyed retailers said they require two-factor authentication (2FA) and similar types of knowledge-based authentication to reduce their risk of fraud.
Stopping fraud is a worthwhile goal to prevent losses but requiring that additional 2FA step at checkout—and customer interaction with an additional device if they’re using a computer to shop—can add friction to the process. Here’s what online merchants should know about 2FA’s benefits, risks and alternatives as they look for ways to reduce their fraud risk.
What’s the appeal of 2FA for e-commerce merchants?
If 2FA adds friction, why do merchants implement it? Compliance is one reason. Some merchants must use 2FA if they’re bound by the EU’s Payment Services Directive 2. 2FA is a required element of PSD2’s Strong Customer Authentication. Another reason for adopting 2FA is most of the time, it works. Requiring a code sent via SMS to the customer can thwart fraudsters who use stolen card data to make online purchases, because they usually don’t also have access to the cardholder’s phone (Some scammers, however, do find ways to intercept SMS codes or even commit SIM swap fraud to gain control over a victim’s cell phone accounts. In those cases, 2FA codes go straight to the fraudster.)
How can 2FA impact customer experience?
The challenge for merchants is that 2FA’s extra step at checkout—in the U.S., usually keying in a code sent to the customer’s phone—can cause up to 15 percent of customers to give up without submitting their order. To better understand what customers want in terms of convenience and security while shopping online, ClearSale commissioned a March 2021 survey of more than 5,000 regular online shoppers in the U.S., U.K., Canada, Mexico and Australia. When asked what elements would keep them shopping online instead of returning to stores, 61 percent cited convenience, compared to just 34 percent who said “knowing that my information is secure.”
When asked if they’d abandoned an online purchase, 35 percent said they’d done so because of a “too long, complicated checkout process.” Only 40 percent said they always have their mobile phone within easy reach while they’re shopping online. Interestingly, there was virtually no difference by age group among those who always have their phones nearby while shopping, but consumers aged 55 and up were three times more likely (25 percent) than under-55s (8 percent) to say they never have their phone in reach. Consumers who regularly spent $400 or more online each month were the most likely to always have their phones in reach while shopping, but even among that group, less than half (47 percent) said their phone is always handy.
Customers who don’t shop with their phones in reach may abandon their cart rather than interrupt what they’re doing to find their phone, get an SMS code for 2FA and resume checkout. Instead, they may visit a competitor’s site they know will let them check out faster, like Amazon, which has one-click checkout.
How can merchants reduce both fraud and friction?
If 2FA increases the risk that customers won’t complete checkout, how can online retailers protect themselves from chargebacks without losing good customers? One option is to incorporate AI-powered machine learning tools that can analyze individual orders based on behavioral biometrics like how they typically navigate the site as well as their purchase history and recency of other online orders.
When the algorithm flags orders as suspect, it’s important to have in-house or outsourced fraud analysts available to review them quickly, to avoid decisioning delays that could cause the customer to cancel the order. These reviews can reduce the likelihood of rejecting good orders by mistake. False declines are perhaps the ultimate form of friction, one which can bring the customer relationship to a halt and cost merchants more than fraud over the long term.
Forty percent of consumers in the five-country survey agreed that they “will never place an order with the same merchant/website again” if their order is rejected. More than one-third (34 percent) agreed that they would “post a negative comment about the merchant/website on a social media platform” after a rejected order. Expert review can quickly separate good orders from bad, so that fraudulent orders get rejected and good ones are approved.
Manual review results are also the key to helping merchants’ fraud control algorithms improve their accuracy at identifying fraud and good customer behavior. Over time, that can reduce the number of orders that require manual review and shorten the time it takes to approve orders, all while avoiding fraud, friction and false declines.
Online merchants have lots of resources available to reduce the wave of fraud that’s hitting the e-commerce industry. Each option should be considered in terms of how it affects the customer experience as well as how well it detects fraud, so merchants can make an informed decision that protects their business now and protects their customer relationships over the long run.