Learn How to Prevent Online Payment Fraud

White Paper

Global eCommerce sales are predicted to reach $1.5 trillion in 2014 and are further predicted to grow by a meteoric 57% by 2017, according to eMarketer. A downside of this explosive growth is the increased opportunity for online fraud. In the UK 1.65% of revenue was lost to fraud, in North America 0.9% of revenue, an estimated total of $3.5 billion (Cybersource report). Download this whitepaper to learn how you can use IP intelligence to help protect your customers from fraud.

Get the download

Below is an excerpt of "Learn How to Prevent Online Payment Fraud". To get your free download, and unlimited access to the whole of bizibl.com, simply log in or join free.

download

Not all IP vendors are created equal

There are several suppliers and systems available that can determine where an IP is and for a small investment an answer can be provided, but is it the right one? Determining the correct location of an IP address and discovering other critical fraud prevention data such as proxies requires advanced infrastructure analysis, as opposed to simply scraping Internet registries or repackaging publically available free data.

Digital Element’s premium IP data, at its most granular level, can accurately locate a user down to the city/postal code sector level without becoming personally-identifiable. The coverage is global, accuracy is 99.99% at a country level, and the data is refreshed regularly. Importantly it can also determine how a user connects; enabling the identification of data that merchants need to effectively combat fraud such as VPNs, Satellites, Anonymisers, Tors, Mobiles, ISPs, Domains and Hosting centres.

This is achieved by combining IP routing infrastructure analysis with anonymous location insight gleaned from a network of global commercial partners. NetAcuity is an effective one source solution that is simple to integrate into merchant systems and manage in-house. Conversely, publically available data has patchy global coverage, is rarely updated, is limited in terms of data parameters identified and is inherently inaccurate.

What are the fraud types?

The greatest threats for digital merchants are Clean Fraud, ID Theft, Friendly Fraud, Phishing and Botnets. Digital Element’s NetAcuity IP Intelligence delivers technology that can expose the anonymity or lift the cloak of the fraudster.

  • Clean Fraud
  • ID Theft
  • Friendly Fraud
  • Phishing
  • BotNets

Invest in smarter rules

Building smarter rules around fraud detection and automating the process is proven to increase detection rates, reduce false positives and improve visitor experience. IP Intelligence can be used to automatically block suspect traffic, request verification (via email or SMS) or flag suspect activity for further internal review.

Geography is part of the fraud detection landscape and smart merchants take it further than just location, by using NetAcuity’s advanced intelligence parameters to identify Proxies, VPNs, Anonymisers, Tors, Mobiles, ISPs, Domains and Hosting centres. By providing more than just geography, NetAcuity IP Intelligence can identify greater numbers of suspicious connections.

What rules should be employed?

Check IP address country of origin

A company trading internationally will often block common high risk fraud countries such as Nigeria, India, Pakistan and Russia. Additionally, if a user is known to reside in a specific country, access to an account from another country could be deemed suspect. A basic “registry scraped” system will not be able to accurately determine the location of a user. Also, free IP data cannot identify if a visitor is masking the country they are accessing the internet from (via a proxy or anonymiser), allowing potentially fraudulent activity to take place.

Bill to - Ship to - IP Address location

If the bill to / ship to / IP address do not match, an automated red flag can be passed for further review, or the account holder could be asked for verification via an email or text.

Domain Names

Review of known fraud domains and suspicious internet locations such as public wifi hotspots, Internet cafes and university/colleges.

Proxies

Understanding the type of proxy a visitor is connecting to the internet with such as Anonymous, Transparent, Corporate, Public, Edu or AOL can trigger fraud alerts. Responses to the type of proxy can vary depending on what type of proxy it is, for example an Anonymous may warrant a greater score than a Corporate proxy. By identifying connections that obscure the end user location or those that seek to portray a connection from an “acceptable” city or country can now be easily categorised.

Hosting

End user traffic should generally not be seen from hosting or data centres as these types of facilities are designed for traffic to pass through, not originate from. Some cloud browsers do use these centres but services are patchy and not widely developed. Review with other CRM data is highly recommended before order acceptance is confirmed.

Home, Business and ISP

Additional layers of intelligence can be added that identify whether a connection is home or business and in addition to identify which ISP. The data can be used to build profiles of previous connectivity to assess differences or anomalies over time.

When should rules be employed?

The critical points of any authentication or payments system are during sign up, login, purchase, funds deposit or withdrawal. Ideally, continually check at every stage of the purchase process to ensure the session has not been hijacked.

Mobile transactions/h1>

Gartner reports worldwide mobile payments to top $235 billion by the year end. A significant 44% increase on 2012 and over the next four years an average growth of 35% per year is predicted.

Using a mobile device for ecommerce and completing the purchase still creates an IP connection. Users are 80% more likely to be on a wifi network due to speed, convenience or cost, around 20% connect via 3G, 4G or LTE.

A wifi connection is just the same as a desktop setup in that NetAcuity can accurately determine the wifi location and the types of proxy being used, so the same rules apply. If via 3G, 4G or LTE then network characteristics identifying the service provider and their connection hub are seen.

Compelling reasons to know more about your traffic

Understanding where and how visitors connect to a site can result in more accepted orders, less false positives and reduced fraud. Automation is key and NetAcuity’s IP Intelligence provides a simple one source solution to enable digital business to reduce fraudulent activity by as much as 90%

Easy to deploy on an internal server in less than 20 minutes, queried by various supplied APIs, the NetAcuity response time is fast and reliable at less than 0.3 milliseconds, allowing it to handle up to 30,000 requests per second.

Digital Element is the only dedicated global provider of IP Intelligence. With over 15 years of experience and knowledge, specialised European and US teams can advise on how to defend against online fraud. Knowing more about where your customer is coming from and importantly how they connect will deliver many of the improvements needed in merchant systems.

Want more like this?

Want more like this?

Insight delivered to your inbox

Keep up to date with our free email. Hand picked whitepapers and posts from our blog, as well as exclusive videos and webinar invitations keep our Users one step ahead.

By clicking 'SIGN UP', you agree to our Terms of Use and Privacy Policy

side image splash

By clicking 'SIGN UP', you agree to our Terms of Use and Privacy Policy