When you can buy almost everything online, there’s no reason why you can’t buy medicines online. The steady growth in the number of apps to purchase medicine online shows how online businesses are adding convenience and comfort in one more area.
Online retail today is so competitive that only those businesses who follow ecommerce best practices will survive in the long term.
It is important to note that while pricing will remain an important element in the online retail industry, best practices for ecommerce is much beyond that.
These best practices include factors like user friendly designs and better cart management. But more than that, the way you make your customers feel when they purchase from your website decides the future of your online store.
Ecommerce stores are under a new, dangerous threat of cyber attacks that can steal personal and payment details of customers. Only quick, expert help can prevent the worse fears from coming true
What’s common between British Airways, Ticketmaster, Vision Direct and Newegg?
They were all affected by Magecart cyberattack.
Ecommerce stores have been attacked worldwide by the malicious attacks targeting information that customers enter in login details and payment forms.
These attacks can easily go on for days without being spotted – at British Airways, the attack remained undetected for fifteen days by which 380,000 customer payment card details had been affected. At Vision Direct, the payment card details of as many as 6,600 customers were found to have been compromised. The personal data of 9,700 people were also compromised, sources add.
Surprisingly, these attacks could have been detected a lot earlier. “Customers have a right to shop across ecommerce stores with complete peace of mind. They would not like to be under a constant threat of their payment or other details being compromised.” says Kaartik Iyer, CEO of Infigic, a firm that provides end to end ecommerce website development solutions and ecommerce security.
“You can’t take security lightly or leave it to random checks. You’ve got to have a time-table behind it and you must stick to it” adds Iyer. Recalling an experience one of their clients had, Iyer says Infigic had built into the system an auto-check every five minutes. That would quickly alert the system in case of an attack and minimize the damage, if any.
This interview was originally published on Whatech
If your ecommerce store accepts credit cards, you deal with fraud. It’s an unfortunate reality of being an online merchant. The card-not-present (CNP) fraud loss rate is 38 bps in value according to data from the Federal Reserve Bank of Kansas City. The card-present (CP) fraud rate is just 3 bps in value.
Ecommerce stores see these losses manifest as chargebacks, or customer disputes. Chargebacks are a form of consumer protection from fraudulent activity guaranteed by federal law and credit card companies alike. Whether the fraud is at the hands of a dishonest merchant or an identity thief, consumers can rest assured that they won’t be held liable for those purchases.
Does this mean that only shady merchants and merchants with poor front-end fraud solutions are the only ones who experience charge backs? Absolutely not. To restate what we said in the beginning, if you accept credit cards, you get charge backs. So really, the question becomes why do bad charge backs happen to good merchants?
All Chargebacks Are Not Created Equal
There are three distinct types of fraud that cause chargebacks: friendly fraud, chargeback fraud, and true fraud. More than two-thirds of chargebacks are wrongfully initiated, and won, by cardholders. The misuse of chargeback rights stem from ‘friendly’ fraud or ‘chargeback’ fraud. While legitimate chargebacks, or ‘true’ fraud, represent less than one-third of an ecommerce merchant’s total fraud losses.
Chargeback Misuse: Friendly Fraud and Chargeback Fraud
Chargeback fraud and friendly fraud both indicate a misuse of chargeback rights by a cardholder. However, there’s a significant difference in cardholder motivation and appropriate subsequent actions.
Friendly fraud represents a cardholder who unintentionally misuses her chargeback rights. In other words, the cardholder was not malicious in her dispute actions. The cardholder isn’t some scheming criminal, but instead perhaps genuinely confused or even forgetful. To illustrate, here are some examples of friendly fraud:
- The cardholder didn’t recognize the merchant descriptor used by a online store that differed from their business name, so the transaction was disputed.
- The cardholder forgot about the purchase and disputed the transaction.
- A member of the cardholder’s family authorized the transaction.
Chargeback fraud, on the other hand, is the intentional misuse of chargeback rights by a cardholder with the goal of retaining the product or service as well as the transaction value. In cases of chargeback fraud, the cardholder is trying to take advantage of the protections guaranteed to him for personal gain. Instances of chargeback fraud are represented in situations including:
- The cardholder wants to circumvent a refund or return policy.
- The cardholder knowingly authorized a family member’s use of the card, then changed her mind about the transaction authorization.
- The cardholder doesn’t want to pay for the goods or services received.
It’s up to the merchant to decide how to deal with chargeback fraudsters. After all, this cardholder tried to intentionally commit fraud against your business. It’s not unreasonable to blacklist or ban customers who are also chargeback fraudsters. Oppositely, a friendly fraudster is an opportunity to create a customer for life. As a merchant, opening up the lines of communication can lead to valuable insights about the customer experience. These customers reveal opportunities to improve the store’s product descriptions, merchant descriptors, customer service, and so much more.
Legitimate Chargebacks: True Fraud
The remaining one-third of chargebacks merchants receive are legitimate disputes. In other words, true fraud occurred as the result of compromised payment card information. This sensitive customer data is obtained through data breaches, card skimming, database hacking, identity theft, the list goes on and on, and it’s growing every day.
In instances of true fraud, it’s identified by either the cardholder or the issuer and the transaction is disputed. The card account is immediately closed, while a new account and new card are issued to the cardholder. Merchants must use front-end, pre-transaction fraud solutions like AVS matching, CVV/CVV2, 3D secure tools, device fingerprinting, and transaction scoring to protect themselves from falling victim to true fraud.
How To Tell The Difference
Merchants need to respond to all customer disputes with comprehensive and relevant compelling evidence in order to analyze reason codes against win-loss data and determine the store’s real rates of friendly fraud, true fraud, and chargeback fraud.
Essentially, submitting a chargeback response results in either a merchant win or a merchant loss. A merchant ‘win’ encompasses situations when the issuing bank or card network decide a chargeback was not valid. Invalid chargebacks suggest that the cardholder is either a friendly fraudster or a chargeback fraudster. While a merchant ‘loss’ indicates the chargeback was determined to be legitimate and the cause was true fraud.
It takes a bit more digging to distinguish friendly fraud from chargeback fraud, but it’s necessary based on the gravity of subsequent actions. Merchants should reach out to the customer who initiated the dispute and let them know you’re still committed to ensuring their experience improves. To do so, you want to understand their unique situation. How the cardholder responds will help you decide how to proceed with the relationship. If the cardholder is not responses, defensive, or still insistent on the occurrence of true fraud, they’re likely a chargeback fraudster and should be dealt with as such.
Finally, do not assume a chargeback to be true fraud just because it’s categorized as fraudulent by the issuing bank or card network. The majority of disputes are submitted by the issuing bank to the card network under descriptions like “Fraudulent Activity” and “No Cardholder Authorization”. However, as you’ll see shortly, this couldn’t be further from the truth.
Why the Difference Matters
By uncovering the root fraud cause of the customer dispute, you’re also enjoying the critical difference between the three types of fraud: revenue lost to true fraud is sunk, while revenue lost to friendly fraud and chargeback fraud is recoverable. And that’s good news—considering true fraud accounts for less than one-third, just 29 percent, of overall fraud losses.
An astounding 71 percent of fraud losses are the result of chargeback fraud or friendly fraud, according to data from LexisNexis and Chargeback. Which means merchants can recover more than two-thirds of the revenue they’re currently losing to fraud.
Fraud may be a reality for ecommerce, but it doesn’t have to be a revenue-siphoning cost of doing business. Instead, ecommerce stores can take control of fraud through post-transaction fraud and chargeback management and recover revenue.