EMV and the 5 Things All Online Retailers Need to Know

EMV, card not present, CNP fraud, ecommerce fraud, ecommerce fraud prevention, chip-and-pin, chip and pin, ecommerce security, payment securityWhen it comes to online fraud, it hasn’t been a great year for ecommerce merchants. In fact, online retailers lost an average of 1.3% of revenue to fraud and fraud related costs according to a recent LexisNexis study, representing a startling 94% increase over 2014. What will EMV do to this trend?

The Worst Is Yet to Come

The bad news is that it’s going to get worse. EMV chips should help to reduce fraud in card present transactions, but not in card not present (CNP) ones. But why does Aite Group predict that online card fraud will double following EMV?

Since EMV will make face-to-face fraud harder, fraudsters will move online. They aim to make the greatest possible profit with the minimum amount of work. So once card present fraud is more difficult, CNP fraud becomes appealing. Online retail will be a weak spot and become a target for fraud.

Upgrade Your Technology

Fraudsters are fast, flexible and quick to adapt to changing circumstances. As Forrester points out in its report “Stop Billions in Fraud Losses with Machine Learning,” the rules on which traditional fraud prevention relies are too slow to keep up with the constantly changing, high-tech reality of today’s fraud environment. That will become more obvious as more fraudsters go online post-EMV.

Merchants must act fast to address the gaps caused by legacy systems. The solution is a real-time, automated system based not on rules but on machine learning that updates continuously. And unlike static legacy systems, it has to scale for the growth of ecommerce, and the growth of online fraud.

Automate or Become Obsolete  

Eighty-one percent of online retailers rely on manual review to stop fraud, according to the CyberSource Online Fraud Management Benchmark Study, and even merchants with automated systems have humans decide 75% of flagged transactions, according to LexisNexis. That means that already, far too many orders are far too slow, and EMV will mean more orders needing review.

Reviewing one transaction takes five minutes, so the time needed for review mounts fast, causing significant delays. Customers who have to wait for order confirmation often cancel their order, and customers who have to wait for their package to arrive often call up to complain. Neither experience is likely to lead to more business.

Every Channel and Omnichannel

Each commerce channel has its own unique risk profile. Ecommerce, mobile commerce and phone order fraud must all be dealt with differently. Fraud prevention must be adapted to each channel in which a retailer operates, and cope with hard-to-track cross-channel fraud. Otherwise, with more fraudsters moving online post-EMV, any weakness is a huge liability.

International merchants must be especially careful. Each country has different norms and preferences. Ignoring these distinctions is a recipe for increased fraud and false positives when genuine customers are rejected for displaying risky qualities. Fraud prevention systems must see each customer’s unique story, and within their own social, economic and cultural context.

Prevent Fraud, Not Sales

Retailers often underestimate the cost of old-fashioned fraud prevention technology and manual reviews. Unfortunately, a quarter of declined transactions are false positives, according to LexisNexis. That’s a tremendous amount of lost business especially if you consider the future purchases those customers might have made.

With online fraud already increasing, and EMV likely to exacerbate that trend, it’s natural for many retailers to feel defensive, and hope to protect themselves by rejecting any remotely risky orders. But merchants must act out of conviction rather than fear. Consider the needs of the business as a whole, and design fraud prevention policies and systems to match those, rather than the other way around. Fraud prevention should be geared towards growth, just like the rest of the company.

As we’ve discussed, the impact of fraud prevention on a business is far wider than most ecommerce merchants realize. Fraud prevention is at checkout, making it a part of customer experience, something few retailers consider.

Sluggish, inflexible or overly stringent fraud prevention adds friction to checkout by demanding further passwords or identification, frustrates customers by slowing fulfillment, leads to order cancelations, and rejects good orders outright.

The cost of successful fraud is high, but the cost of inadequate fraud prevention may be even higher in terms of lost sales. Retailers must make their fraud prevention real time, automated, highly accurate and always up to date. That way, fraud prevention will stop cutting into their revenue and start contributing to it.

Liron Damri is cofounder and COO of Israeli ecommerce fraud prevention company Forter