According to the estimates, the largest Fintech segment will be digital payments with a total transaction value of 8.488 billion U.S. dollars in 2022. By 2027, the number of digital payment users is expected to amount to around 5.480 million users. Currently, digital payments are processed and offered to the customers (end users) by many traditional financial institutions and Fintech companies.
Providing high-level digital payments service for end users and maintaining customer engagement and satisfaction requires fast and secure payment processing. But, the explosion of the e-commerce industry during and after the coronavirus pandemic as well as the fast-increasing worldwide utilization of smart phones used as a direct Pointof Sales (POS) for online purchases have resulted accordingly in the growth of digital payments volumes and the same time have driven the growth of fraud case numbers. According to the statistics, more than 35% ofall scams reported worldwide are related to purchases on e-commerce platformsin recent years.
The leading types of fraud attacks to online merchants worldwide are friendly fraud and card testing and phishing. Friendly fraud is a case when a consumer purchases a product or service from the online marketplace and then files a claim with their bank for denying the purchase or claiming they did not receive their order with a goal to receive a refund. Card testing and phishing is a type of fraudulent activity when a fraudster tries to determine whether stolen card information (purchased on the dark web or stolen via phishing or spywaresoftware) is valid for making online purchases. Account takeover is alsoreported to be one of the top increasing fraud types for e-merchants. According to the provided outlook, global e-commerce losses due to payment fraud are estimated at 41 billion U.S. dollars in 2022 and are expected to grow further to 48 billion U.S. dollars by 2023.
As for the consumer perception and experience regarding fraud attacks on e-commerce platforms or digital payments, a survey conducted in the United States, United Kingdom, Germany, and France showed that only over 1/3 of customers (end users) trust the ability of merchants to prevent fraud. Therefore, merchants worldwide, as a part of their business approaches, tend to increase their budgets for fraud management on their e-commerce platforms, as well as pay bigger attention to fraud management and focus on customer experience overall.
Among the many varieties here are some of the common fraud signs to monitor in the e-commerce business and ensure relevant control implementation in their business processes:
· Order with many high-value or luxury items.
· Order includes several numbers of the sameitem.
· Multiple payments on one card over a shortperiod.
· Payments placed with multiple cards allshipping to a single address.
· Multiple payments on a card with one billingaddress shipping to multiple addresses.
· Multiple payments from a single IP address.
· Order amount is larger than usual(average).
· Urgent or overnight shipping method.
· Shipping to an international address.
Fraud risk cannot be entirely avoided because of the following main reasons:
· Fraudsters stay more sophisticated with their tools and keep adapting them to bypass implemented controls by financial institutions and merchants.
· Worldwide fast development of digital payments and e-commerce businesses.
Fraud risk still can be managed and mitigated by taking certain appropriate measures in a timely manner. Therefore, for fraud risk management — readiness with timely implemented controls is key. There are three components in process of managing fraud risks:
· Threat from the external environment suchas fraudsters’ constant fraud attempts and internal environment such as fast-growing digital payments volumes and customers (end users) low financial literacy.
· Vulnerability, which is deficiencies in featuresof the software used or business process designs.
· Possible consequences, which are any kind of financial and reputational loss or business disruption and less operational efficiency.
The main goals of fraud risk management for digital payments are to assist customers (end users) to prevent the exposureof their data and ensure compliance with information security and internal control requirements within your company. Here are some recommended practicalactions to take to conduct fraud risk management within a company:
· Include fraud risk management in the over all business strategy and make sure internal policies, regulations, and programs within your company have relevant control measures for fraud risk management.
· Implement automated controls and use modern fraud detection and prevention software that allows processing big payment datavolumes, identifying fraud signs among them in real-time, receiving alarms and AI/ML predictions, and taking prompt response actions.
· Ensure compliance of your information security controls with relevant certification recommendations, international standards, and local regulatory requirements.
· Have a proper business process design for fraud detection, prevention, and monitoring processes. Regularly conduct a risk assessment by at least business process mapping that includes assessment for all process participants (employees), software used, and implemented controls, and assess whether they are currently effective enough and within the company’s risk appetiteand approved limits. If by the time there is a change in a business process related to digital payments and e-commerce business, then review risk assessment results accordingly.
· Provide periodic training and updated information on fraud risk management for teams involved specifically in fraud detection, prevention, and monitoring, and also for teams in general related to consumer (end users) payments processing.
· And last but not least, educate your consumers (end users) on financial literacy by providing relevant and updated notifications and information with cautions on information security and keeping data safe.
In the case of not having a risk management process fraud risk indicants may cause financial and reputational consequences for businesses related to the digital payments and e-commerce industries. If in terms of financial consequences, it can be direct financial losses, e.g., chargebacks in dispute programs of payment systems or regulatory sanctions, then in terms of reputational consequences it is usually loss of customer trust and satisfaction along with the spoiled perception that will not further lead to a successful long-term customer relationship.
Many fraud cases result from avoidable mistakes or business process deficiencies, so the better you maintain efficient business process design for payment processing, fraud management by using modern fraud detection and prevention software and keep an eye on fraud signs by monitoring internal and external risk factors, the less likely you will result to face actual losses due to fraud cases.