Ecommerce Fraud Prevention: An Overview

Fraud prevention has always been an important part of the strategy of any ebusiness, but simply preventing as much fraud as possibly may be detrimental to your bottom line and your customers’ satisfaction.

We all know the obvious cost of fraud: A payment is processed, the product is delivered and the charge is disputed. However, maximizing accepted orders is just as important as minimizing fraud. If you only have your eye on minimizing fraud you may be leaving a lot of money on the table.

There are also other hidden costs to anti-fraud such as the cost of anti-fraud employees, the cost of decreased customer satisfaction by delaying orders in manual review (especially if they expect instant electronic delivery), the cost of rejecting a valid customer who seems suspicious but is in fact valid, and the direct and indirect costs of lost chargebacks.

This can be particularly insidious, because rates over 1% can result in large fines from Visa or Mastercard in the short term, and lost merchant accounts in the long term.

Different Anti-Fraud Strategies for Different Delivery Methods

Fraudulent orders for physically delivered products incur additional costs associated with the loss of the product and the price of shipping, along with the somewhat higher tendency towards “friendly fraud” (customers claiming the product never arrived in the mail).

This leads to the next important point: creating an anti-fraud strategy to minimize cost and maximize revenue depends on the type of product you sell. Products delivered electronically tend to have different fraud than products delivered physically.

Ecommerce merchants who deal mostly in electronic delivery may tolerate somewhat more fraud because there are minimal shipping losses while physical merchants with expensive products may be more risk-averse by necessity.

In terms of preventing fraud, SaaS products fall somewhere between electronic and physical products. While there are no shipping costs, there still may be costs involved in making the product available to the end-customer. For example, an ecommerce business that sells domains must pay to register the domain.

Best Practices for Ecommerce Fraud Prevention

With all this in mind, we bring you some best practices that cover all three types of products and are essential for successfully preventing fraud.

One basic, yet often overlooked best practice is to avoid “black and white rules” for your manual review team.

For example, less than a decade ago, a customer ordering in Malaysia with an American credit card was a sure recipe for a chargeback. But now the world is becoming a smaller place and Malaysia tends to be a reliable country.

A good anti-fraud specialist tries to find a plausible story for such “inconsistencies” in the data rather than memorizing and reacting to patterns such as “no American cards on orders with Malaysian IPs.”

Additionally, all ecommerce businesses with in-house anti-fraud solutions should be analyzing, modifying and re-analyzing. While there are some fraud issues that hit all merchants, many issues will be specific to your business.

A specialist that looks directly at which aspects of an order lead most often to reports of fraud or chargebacks and takes action against future orders of those types will do the most to optimize your bottom line. Of course, after any changes, be sure to follow up and measure how effective your changes were on both your fraud rate and false positive rate.

Lastly, all ecommerce businesses that deliver electronically should cut off access to the product as soon as they are notified of the fraud.

Companies that deactivate licenses / products / access rights immediately are a lot less attractive to thieves because they will only profit for a maximum of a few weeks before the fraud is reported. This will drive your fraudsters to competitor products that are less protected and keep them from coming back to you repeatedly for the long-term.

In-House vs. Outsourced

With all the different kinds of costs related to anti-fraud, the difficulty of maintaining state-of-the-art fraud tools and the necessity of an up-to-date anti-fraud team, many e-commerce businesses opt to outsource their anti-fraud.

However, all anti-fraud providers are not created equal. If you are thinking about outsourcing your anti-fraud you have some important questions to ask.

Firstly, what kind of experience in ecommerce and anti-fraud do the team members have? It is vital that team members have a year’s experience in ecommerce and/or anti-fraud at the bare minimum. Some companies employ fraud specialists with no previous experience in the ecommerce or fraud industries. This is critical because these people make the decisions about your money.

Secondly, what kind of transparency do they provide if you have questions about an anti-fraud decision? Of course, trade secrets for anti-fraud are highly confidential to ensure their continued effectiveness, but your partner should be able to answer questions to a level that it inspires your trust in their decisions.

Some anti-fraud teams will also answer fraud and manual review related questions directly from customers. This saves you time and ensures that customers are as satisfied as possible without feeling as if they are being accused of a wrong-doing.

Some questions you should include a checklist when researching an anti-fraud team include:

  • Does the provider have a wide range of anti-fraud tools and negative lists?
  • How often do they update their tools?
  • Do they actively analyze their chargebacks and fraud notifications to keep up with the growing sophistication in fraud techniques?


Whether you do your ecommerce fraud prevention in-house or outsource it, there are many things to consider. But an effective anti-fraud strategy will increase your bottom line and your customer satisfaction.

Questions? Comments? Critiques? Let us know what you think in the comment section below. Or engage the Building Keystones team on Twitter or Facebook. We look forward to hearing from you!

Tabitha Stang contributed to this week’s post