![]() Reflected in spreadsheets, statements, chargebacks / disputes, profits, losses, and so on. AccountingĮverything ends with accounting. Potential Data Points: Account Name, Order Number, Shipping Address, Phone number (for phone call requests), Email (for Emailed requests), Phone number (for text messages), Social media (for requests submitted over social media, etc. Examples of exploits might include: Bypassing website security, adjusting orders after the verification has been completed, adding or removing objects, requests wholesale refunds and reimbursement, establishing billing cycles, associated payment details to an account, and many many more. The unifying concept here is this: Both teams are responsible for taking requests from customers / clients and working to satisfy them. These teams typically operate isolated from each other. A fraudster might place an order with accurate billing information and matching shipping address, but submit a request to change the shipping address during the fulfillment period. ![]() That’s 48 hours wherein a customer (or fraudster) has a chance to submit tickets or requests to alter the package in one way or another, relative to fulfillment / shipping.Ĭhanging the shipping address. FulfillmentĪ typical fulfillment period is 48-hours. Potential Data Points: Billing Name / Address, Shpping Address, Payment details: Card number, Expiration date, CVV, Phone number, Email, etc. Fraudsters can exploit systems like these by generating credit card numbers.Īdversely, checkout forms that ask for (and verify) every available piece of information will be the most difficult to exploit. CVV (the 3 digits on a card, or 4 digits for American Express), AVS (Address Verification Service, submitted billing address verified by the issuer of the card, relative to the information they have on file.) are not being employed with these weak forms. This is a cheap route to go, but offers no real security. For example, there are checkout forms (coded by hired developers) that only require a valid credit card number and expiration date. This is the only step wherein real verification is a mandate, although the various pieces of verified information can vary. Potential data points: Account Name, Email Address, Phone Number, IP Address, Device ID, Biometrics, Geolocation, etc. For the sake of simplicity, we will be starting with account creation. It is possible for a fraud prevention strategy to take effect as early as first interaction that a customer (or fraudster) has with your website. Let’s open up the list and the data available. There are many ways for this list to grow and change, but for now we will focus on the basics. Here I’ve listed five touchpoints for a typical e-commerce retail operation. In order to isolate the transfers of value, we need to identify the various touchpoints offered to customers and put thought towards the related data. A Transfer of Value is any engagement across the customer journey wherein a consumer (or potential fraudster) might make a request that affects an order. ![]() In this article, we will expand our scope and cover various use cases for data implementation across the customer journey with a focus on e-commerce retail, but also shedding light on processes in other industries that are sought after by fraudsters.Īs I mentioned in the first article, the first step is to identify each “Transfer of Value” that your company participates in. This is especially useful for merchants who are new to e-commerce and are using sales platforms like Shopify, Magento, Big Commerce and others. ![]() Part two outlined the difference between in-person payment such as cash, check and card (swiped at a point of sale) and the associated data points, drilling down on the inherent points that are verified by issuing banks. The first article in this series covered a 4-step strategy development process that will serve to provide merchants with a high-level overview of what an effective strategy entails.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |