Global instances of eCommerce fraud have increased significantly, resulting in an estimated $48 billion in total losses in 2023, according to Mastercard. Online marketplaces can be a hub for such crime due to the presence of many different merchants and customers for criminals to exploit.
Additionally, the Mastercard report highlights the growing use of artificial intelligence (AI) applications, such as ChatGPT, for setting up fake apps that trick customers into entering sensitive payment information. Generative AI programs have also proven useful to criminals for developing malware, increasing the overall risk of malware attacks.
To protect their customers, merchants must address the ever-growing threat of eCommerce fraud at the source, requiring a thorough understanding of the trending crimes occurring today.
Prevalent Financial Crimes in the eCommerce Industry
Ecommerce fraud is a catch-all term that describes many different types of financial fraud that occur within the industry. While the range of crimes happening in digital environments can vary widely, there are a few specific forms of fraud that happen regularly:
Chargeback Fraud & Friendly Fraud
Chargebacks pose one of the most substantial risks to eCommerce businesses.
Visa reported in 2022 that first-party misuse (also called friendly fraud) is responsible for up to 75% of all chargebacks, positioning chargeback fraud as the most prevalent crime in eCommerce.
Chargebacks are not inherently a criminal activity, they are a means for customers to get back stolen funds or to request a refund if they do not receive the products they purchased. However, proving a chargeback is legitimate and not an instance of friendly fraud can be challenging.
Identity Theft
Identity theft is often the most well-known form of fraud to the general public. One National Council on Identity Theft Protection report reveals that there are new victims of this crime every 22 seconds, with estimated total losses topping $8 billion in 2022 per data from the Federal Trade Commission.
Fraudsters can steal the identities of both customers and merchants via many channels, including:
- Theft of personal information (Social Security Numbers, credit card details, cardholder names and addresses, etc.)
- Posing as trusted merchants either by accessing the actual merchant account or setting up a fake account designed to appear as the real deal
- Man-in-the-middle attacks in which criminals intercept a transaction between a customer and merchant to obtain financial identification information from one or both parties
Credit Card Fraud
Credit card fraud is a specific form of identity theft that involves the use of stolen credit card information.
Interestingly, a 2024 online poll of 991 U.S. adults found that cardholders still possessed their physical cards in 93% of credit card fraud cases, indicating that the bulk of the information theft occurs digitally. The poll results also uncovered that 60% of U.S. cardholders have experienced credit card fraud.
This category of crime can be particularly complex, as it requires a collaborative effort between both businesses and customers to prevent it. On the merchant’s end, a secure vault is needed to store credit card information. Meanwhile, customers must be more mindful of risky financial habits, such as using the same passwords across their different financial accounts.
Promo Fraud
Promo fraud is an emerging form of eCommerce fraud that exploits promotional incentives offered by merchants. Examples of this type of fraud include:
- Taking advantage of signup incentives by creating multiple different accounts all belonging to the same user, but posing as different users
- Exploitation and reverse-engineering of referral bonuses that offer rewards like cash or gift cards
- Leaked loyalty discount codes used by multiple users, despite being designed for one-time use
Ekata, a Mastercard company, released research findings that reveal promo fraud represents nearly 1.2% of U.S. retail revenue, resulting in total revenue losses of nearly $89 billion.
Account Takeover (ATO)
Account Takeover (ATO) is a type of fraud in which criminals gain access to a person’s account login credentials and “take over” the affected account. Criminals can gain access to legitimate customer accounts and exploit all manner of value ranging from payment methods on file to make purchases to their unused incentives, such as loyalty points, or even just the victim’s identity. The report highlights that criminals have redeemed roughly $3.1 billion in loyalty points via this threat vector.
Outside of promo fraud instances, ATO also poses its own risks to eCommerce. The National Council on Identity Theft Protection recently published findings that 29% of internet users have experienced ATO, equating to approximately 77 million people.
How Open Payments Secure eCommerce Against Financial Crime
The fact is that fraudsters have evolved, so fraud prevention must evolve as well.
Effective fraud detection and prevention tools are an absolute necessity when combating financial crimes in the eCommerce industry. Establishing a comprehensive fraud strategy independently can be a serious hurdle, especially for smaller merchant businesses, making strategic partnerships with technology providers an essential component of any merchant’s strategy.
Open Payments technologies offer merchants and marketplaces the operational flexibility to stay ahead of emerging fraud trends in the eCommerce industry. Through a more connected and streamlined digital environment, an Open Payments platform can enable more precise prevention and detection processes.
Building from the technical foundation of payment orchestration, Open Payments give merchants the ability to verify customer identities with greater accuracy while also providing a secure environment for storing payment information and processing transactions.
Reach out to Spreedly today to discover the fraud prevention capabilities of our Open Payments platform.