Tuesday, February 10, 2009

Cybersource Online Fraud Report: 2008

According to the 10th Annual Cybersource Online Fraud Report, online fraud totalled $4 billion in 2008, or 1.4 percent of revenues. Only 13% of online merchants expect to increase manual review staff in 2009. At the same time, merchants reported increased interest in implementing more automated fraud detection tools, in some cases two or three times higher than last year’s reporting.

Overall 96% of merchants use one or more validation tools. These tools are often provided by the card associations to help authenticate cards and card holders. The tool most often mentioned by merchants is the Address Verification Service (AVS) which compares numeric address data with information on file from the cardholder’s card issuing bank.

Card Verification Number (CVN; also known as CVV2 for Visa, CVC2 for MasterCard, CID for American Express and Discover) is the second most commonly used detection tool.

Automated order decisioning/screening systems are now used by 56% of merchants (up from 25% in 2005). Eight out of ten larger online merchants (>$25M in sales) use such systems. These tools help companies automate order screening by applying a merchant’s business rules in the real-time evaluation of incoming orders.

Company-specific fraud screens received the highest rating as being an effective tool by merchants who use it. Half of the 42% of large merchants who use custom fraud models rated them as one of their three most effective tools.

Device Fingerprinting (used by only 7% of large merchants) was rated by 43% of these merchants as being one of their three most effective tools.

Four tools had 15% or more of merchants planning to adopt them in 2009; and, for three of these four tools the plans to implement them have more than doubled over last year. These tools are Device Fingerprinting, IP Geolocation, and Order Velocity Monitoring.

Device Fingerprinting examines andrecords details about the configuration of the device from which the order is being placed. This can aid in flagging fraud attacks where a variety of fraudulent orders are launched from a common device or set of devices. Nearly 50% of large online merchants indicated they were planning to add Device Fingerprinting in the next twelve months.

IP geolocation tools attempt to identify the geographic location of the device from which an online order was placed.

As in several years past, card association payer authentication services (e.g. Verified by Visa, MasterCard SecureCode) figure prominently in many merchants’ future plans. 2008 survey results show that one out of four merchants currently use one or more of the available payer authentication services. 18% of respondents say they are interested in deploying these systems in the next twelve months as a new tool to manage fraud, although similar data from earlier surveys did not show implementation rates meeting well-intentioned plans.

Click HERE for a copy of the White Paper.

No comments:

Web Analytics