Online Fraud Hotspots Named

Online fraud against U.K. merchants is at levels that have forced many to refuse orders from certain countries, with Nigeria, Ghana, and the U.S. heading the list, a new e-commerce report has found.

According to payment company CyberSource's annual fraud analysis of 200 companies, 55 percent of U.K. companies questioned refused to ship to Nigeria at all, ahead of Ghana on 34 percent, and, surprisingly, the U.S. on 25 percent.

Of digital-only companies (i.e, those shipping downloadable goods as opposed to physical ones) Nigeria again headed the blacklist, with 47 avoiding it ahead of Vietnam, China, and South Korea on 29 percent each, and the U.S. on 24 percent.

The average fraud rate was now 1.6 percent of orders, down from 1.8 percent in 2009, with digital retailers suffering the highest rates overall. Rejection rates for online sales are now 5 percent.

An interesting finding is that digital vendors seems to be much fussier about accepting orders than physical retailers, which sounds surprising given that this sector has less to lose in the event of fraud.

This is probably down to the more limited means at the disposal of digital retailer when it comes to fraud detection. A physical retailer has longer to fulfill and order which allows for fraud detection systems such as manual address checking.

"The absence of physical products creates a different eCommerce environment for digital goods merchants and as a result, they experience their own set of fraud management challenges," said report co-author, CyberSource's Dr Akif Khan.

"Their geographically diverse customer base requires the adoption of more sophisticated tools, like device fingerprinting, to help identify instances of cleaner fraud; ultimately detecting more fraud, first time," he said.

This leads online retailers toward using automated fraud detection systems, with the most popular used by all sectors being external systems such as Verified by Visa and MasterCard's SecureCode, as well as checking a credit card's CVV number. Nineteen percent of vendors currently used IP geo-location to assess where an order is being placed from.

In the coming year, 11 percent of those questioned said they would start using external screening agencies for some of the checking process.

Subscribe to the Security Watch Newsletter

Comments