The Art (and Math) of Balancing CX With Fraud Prevention - Security Boulevard

The Art (and Math) of Balancing CX With Fraud Prevention

The balancing act between generating revenue, preventing fraud and delivering a good customer experience has never been more challenging for e-commerce merchants. U.S. retail e-commerce will grow by 18% in 2021 as shoppers spend $933 billion online. Meanwhile, e-commerce fraud is increasing, too. It’s projected to cost merchants more than $20 billion this year, and the cost to online retailers is now $3.90 for each dollar of fraud, per LexisNexis 2021 True Cost of Fraud data.

Fraud controls are the answer, but when they’re too inflexible they can rule out legitimate orders along with fraud. In fact, 25% of respondents in a five-country March 2021 survey by ClearSale said they had purchases declined by merchants in 2020. Among that group, 49% said they experienced more declines in 2020 than in 2019, with 10% experiencing three or more declines. 

FinConDX 2021

That’s unwelcome news for brands that want to get the most value from their marketing efforts and their customer relationships. Forty percent of customers in the survey said they will never again shop with a merchant or website that rejects their order and another 33% said they were unsure if they would go back. That represents a lot of lost marketing spend and customer lifetime value, but the damage can continue—34% of consumers said that after a decline, they would post something negative about the merchant on social media. Those comments can accumulate and cause brand damage that drives up the merchant’s cost to acquire new customers. 

To avoid fraud and false declines, it’s helpful for merchants to think in terms of financial risk reduction rather than fraud elimination. Why not set a goal to get fraud to zero? In practical terms, the only way to ensure that a store never has a fraudulent transaction is to manually review every order. However, that will raise fraud control costs dramatically, because it costs a few dollars to manually review a transaction, compared to only a few cents to automatically approve one. Manual review of every transaction could also slow order approvals to the point where a number of customers may cancel their transactions. 

Balance Automatic Approvals and Manual Reviews

Instead, it makes more sense for merchants to find the cutoff point where it’s most cost-effective to automatically approve some orders and manually review others. Besides the low cost per transaction, automatic approval of as many ‘good’ orders as possible is also ideal because it only takes a few seconds per transaction, so customers are less likely to get impatient and cancel their orders. 

If automatic order approval is inexpensive and efficient, why not use automatic order denials to reject suspected fraud just as quickly and cheaply? The problem with this approach is that many good customers behave in ways that can seem to an algorithm like fraud, especially since the pandemic has changed the way many people live and work as well as the way they shop. 

For example, a good customer’s order may incur a higher fraud risk score if they use a friend’s phone to order food delivery or if they shop while staying with family in another state. A customer who’s brand-new to shopping online may raise the same kind of flags that a scammer does when they shop with a freshly created email address and phone number. Their behaviors don’t guarantee that their orders are fraudulent, and automatically declining those orders can cause long-term harm to the merchant in the form of lost customers and brand damage. That’s why the investment in manual review—anywhere from $1 to $5 on average per order—is minor compared to the potential revenue losses associated with false declines. 

Using “Expected Loss” to set Fraud Controls

To balance speedy approvals with avoiding fraud and false declines, merchants can calculate their expected loss for transactions and use that number to adjust their automatic approval cutoff points. Expected loss is simply the likelihood of fraud for a particular order multiplied by the order value. The likelihood of fraud for each transaction can be provided by the merchant’s fraud prevention algorithm. 

What factors go into assessing risk for an order? Ticket value is one. Often—but not always—fraudsters place high ticket-value orders because they’re shopping with other people’s credit cards or rewards points to obtain items for resale. 

Another risk factor is the product category. Mobile phones, designer shoes and handbags and gift cards are popular fraud targets. Delivery addresses in high-risk ZIP codes where fraudsters are known to receive orders for reshipment can also affect the risk score. So can the customer’s behavioral data and device attributes, which the fraud control system can compare to known data about the customer to look for discrepancies that could indicate account takeover or credit card fraud. 

If the expected loss for an order, based on the risk and ticket value, is less than the cost of manually reviewing the order, then the cutoff point can be adjusted to automatically approve the order. For example, if a customer orders $300 worth of casual clothing and the fraud algorithm calculates a 1% risk of fraud for the transaction, the expected loss would be $3—not enough financial risk to warrant the cost of a manual review. On the other hand, if another order for the same items from a different customer carried a 30% risk of fraud, then the expected loss would be $90, and worth the expense of a manual review. 

Adjusting and Updating Approval Cutoff Points

Expected loss calculations can help merchants protect their revenue from fraud and false declines, as long as they keep in mind that risk variables are always changing. Product categories can fall out of favor, new ones can become targets and, as we’ve seen over the past 18 months, consumer behavior can change drastically—all of which require adjustments to the fraud rules that determine risk. 

Monitoring chargeback and false decline rates can show merchants if their fraud rules, risk scores and cutoff points are calibrated correctly or whether they need updating. Keeping up with the always-changing fraud landscape can help merchants make the most of the e-commerce boom and the relationships they build with their customers. 

Featured eBook
The State of Cloud Native Security 2020

The State of Cloud Native Security 2020

The first annual State of Cloud Native Security report examines the practices, tools and technologies innovative companies are using to manage cloud environments and drive cloud native development. Based on a survey of 3,000 cloud architecture, InfoSec and DevOps professionals across five countries, the report surfaces insights from a proprietary set of well-analyzed data. This ... Read More
Palo Alto Networks

Rafael Lourenco

Rafael Lourenco is Executive Vice President and Partner at ClearSale, a card-not-present fraud protection operation that helps retailers increase sales and eliminate chargebacks before they happen. The company’s proprietary technology and in-house staff of seasoned analysts provide an end-to-end outsourced fraud detection solution for online retailers to achieve industry-high approval rates while virtually eliminating false positives.

rafael-lourenco has 1 posts and counting.See all posts by rafael-lourenco