A recent report by CBS showed that 86 percent of consumer chargebacks are deliberate. This is a growing trend of post EMV friendly fraud – where consumers make a purchase online and then request a chargeback from the issuing bank after receiving the goods or services they ordered. Instances of friendly fraud tend to spike after data breaches – another high frequency occurrence lately – as true fraud rises and consumers “jump on the bandwagon” to receive a refund from the merchant.
Friendly fraud has always been a problem for merchants, but with the liability shift in October of 2015 and the migration slated to continue over the next few years, this type of fraud will escalate. In countries that have already migrated to the EMV standard, the uptick in fraud was palpable: The U.K. experienced a 62% increase in CNP shoplifting after it implemented EMV in 2005. Experts predict the U.S. will see similar outcomes and online merchants should be prepared.
CNP merchants now must navigate the threat of fraud from multiple angles. Online fraud is expected to more than double by 2018, increasing from $2.8 billion to over $6.3 billion. Recent studies show that more consumers are turning to their mobile devices to make purchases, a prime channel for friendly fraud. Since 2011, friendly fraud has gone up 41%. These factors put CNP merchants on treacherous territory.
Matters are complicated by the lack of collaboration between merchants and issuers. Without real-time order detail information sharing between the two, issuers are not as equipped as they could be to resolve inquiries and disputes on the first call. This leads to spikes in operational costs for banks…and avoidable chargebacks for merchants. When merchants share order details with issuers, the inquiry or dispute can be quickly resolved – either validated as true fraud, which can then be relayed directly to the merchant to resolve and refund the cardholder, or challenged as friendly fraud, arming the Issuer with information to stop bad actors in their tracks and eliminate “double dipping” and over-refunding.
The trend will only continue and merchants need to have a friendly fraud prevention strategy in place to protect payments against unscrupulous consumers looking to game the system.
How does Friendly Fraud Happen?
Friendly fraud is traditionally defined as a situation where a consumer uses his or her credit card to make a purchase and then disputes the transaction with the issuer once the item has been received, causing a chargeback. There are two main categories for friendly fraud:
- Deliberate – a method of getting products or services free
- Accidental – the customer does not recognize the charge on the card statement
Whether the friendly fraud is deliberate or accidental, the merchant is left on the hook for both the cost of goods or services plus shipment costs and the fines and fees associated with the chargeback itself.
The fact is that convenience has become a driving factor for non-fraud consumer-initiated chargebacks. 86% of the time, the consumer is bypassing the merchant because s/he claims it’s “easier” than resolving the issue with the merchant. And on the flip side, consumers are also fraudulently charging back orders that they did receive, using the “I didn’t buy that” or “I never received that” excuse as a reason to dispute the charge. Unfortunately, both fraud and non-fraud chargebacks cost merchants the same in fees and penalties and both could potentially cost them processing privileges if their chargeback ratio breaks the acceptable threshold by the card brands.
Beating Friendly Fraud – Best Practices to Protect Payments
CNP merchants must remain vigilant against this costly type of fraud and develop their own action plan based on the current payments climate. A dynamic landscape means the best fraud prevention strategy will be comprehensive, yet agile. Layered tools and using multi-layered authentication, biometrics and other emerging technologies can mean the difference between hundreds of thousands or even millions of dollars saved from fraud.
In a post-EMV environment, there is no single way for CNP merchants to confront every type of fraud scenario. So implementing at least two of the following best practices can protect online businesses from friendly fraud.
Authentication – From biometrics to one-time passwords to device fingerprinting authentication, this process validates both the legitimacy of the card and the identification of the consumer attempting to make a purchase.
Address Verification Services (AVS) – This is a service provided by credit card companies and issuing banks to check submitted addresses against the address on file. It can indicate if a transaction is authentic or fraudulent.
Tokenization – The card values are replaced with different values called tokens with this method. Data remains secure, and since the process includes the last four digits of the credit card, it can always be verified.
3-D Secure (3DS) – This tool offers real-time cardholder identification right from the issuer during an online transaction. It’s very beneficial because it can reduce fraud, especially when used with other risk management resources.
CNP merchants are in a vulnerable position due to the EMV migration, which will shift more fraud to online channels, and the continual increase of cyber crime each year. To prepare for the expected rise of friendly fraud, e-commerce businesses must understand how digital shoplifting can impact their bottom line. They also have to develop an action plan using a multilayered approach to ensure their online companies have fraud protections in place. Through the use of layered tools, CNP merchants will have a much better chance to confront friendly fraud in today’s post-EMV environment. Finally, a collaborative merchant/issuer approach to fraud and chargebacks can save both sides millions of dollars in unnecessary chargeback costs, operational expenses and lost customers due to poor service experiences.
For more information on how to protect your payments in a post-EMV payments landscape, visit Verifi for a number of informative resources on the EMV and multilayer authentication topic.