In France today, when 1000€ is spent with a bank card, almost 1€ comes from a fraudulent transaction. Indeed, the French observatory for payment cards security (OSCP) says in its 2013 report that out of 586,5 billion euros spent in 2013, 469,9 million come from fraudulent transactions. A fraudulent transaction is a card transaction done while frauding, which is to say while using illegitimately a payment card or any attached information. Payment card fraud is therefore rather high and, while it does not progress relatively to the evolution of the total amount of transactions by card (-0,002% from 2002 to 2013), the total amount of fraud rises dramatically (+92% on the same period) . Does card fraud need to be a source of worrying for etailers ?
E-businesses are more and more targetted by fraud
If we pay attention to the distribution of fraud by transaction type over 4 years, from 2009 to 2013, we can observe that businesses are not equally targetted by fraud.
Truth be told by the chart hereafter :
Whereas fraud on proximity payments is rather stagnating from 2009 to 2013 (+12%), remote payments fraud on the Internet raises heavily during the same period (+141%), while it gradually takes a bigger share in the distribution of fraud by transaction type over 4 years: it now represents 52% of the total amount of frauds whereas this number was “down” to 36% in 2009.
E-tailers are thus particularly and gradually more targetted by the fraud on card payments. Which answer can we bring to this statement? Is it altogether negligible or should we instead worry about the pullulation of fraudsters on online business websites?
The negligence of e-tailers towards fraud may explain their overexposure
Reasons are legions and sometimes even bare speculations because it is actually impossible to get a detailed sociology of cyberfraudsters, and yet can we nevertheless distinguish out of this two main ideas: e-business has never ceased to expand for the last 15 years, and active e-business websites in France have tripled from 2007 to 2013, for example. This can explain why e-tailers were not especially interested in fighting fraud before: it was not worth it. Another reason is the essential structure of e-commerce, both immaterial and international, which makes remote fraud operations really easier from another country, another continent,… provided the fraudster knows how to be careful.
e-tailers tend to forget that there is no worse remedy than to ignore the harm, and that prevention is always less painful than the cure.
Thus the nature of e-commerce itself as an immaterial shop tends to attract fraudsters, while its rapid expansion has tended to hide losses that are relative to fraud. These two factors combined have caused e-tailers to nourish a kind of a negligence regarding the impact of fraud on their turnover. It is seen as a neglectable cost, inherent to their occupation, to which the treatment would be even more costly. Yet thos e-tailers tend to forget that there is no worse remedy than to ignore the harm, and that prevention is always less painful than the cure.
The consequences of fraud for an e-business
Indeed, one who lets e-commerce fraud thrive on its e-business exposes oneself to a certain amount of risks. On the short term, it means enduring a substantial loss on its turnover, for the neglecting e-tailer will find himself at the end of a chain of responsibility that starts when the cardholder opposes a fraudulent transaction that has been made with his bank details: the banks pays him back, then asks the payment service provider (the e-tailer’s bank, PayPal, etc.) for money, which finally asks the e-tailer to pay back the sum of the harm.
This loss, rather petty at first sight, can rapidly turn into a real gap in the e-business economy if the e-tailer does not take the threat into account, nor quantifies or recognizes it as it is. Fraudsters can therefore turn to be loyal customers, coming back each time with different bank details, different card information, yet altogether obtained via fraudulent deeds. Fraudsters could also speak on fraudsters’ channels of communication of a website where fraud is easy. And on the long term, the problem could also come from banks: the e-tailer’s one can send him a warning, impose him a financial penalty, or simply refuse to let him use its virtual payment terminal, whereas the client’s bank could blacklist the website.
The e-commerce market is doomed to stagnation
The stakes in the fight against fraud can also be estimated in economic terms regarding the furture of e-commerce itself. As described in a study from Xerfi published in march 2014 on e-commerce in France in 2020, the growth of e-businesses, prolific since the years 2000, will stagnate in 2020. Indeed, the rate of growth would come down to 13% in 2015, while it was up to 53% in 2005. On the other hand, the growth of demand would stagnate in 2017. This unprecendented mutation of the e-commerce market imposes strategical, crucial, choices from e-tailers in the years to come in order to stay in the race. Especially for example, the market being saturated, concurrence between e-businesses thus being harsher, a necessary optimisation of management processes in order to maintain acceptable margins.
The necessity to maintain an efficient automatic e-commerce fraud detection system
The fight against fraud must thus not be neglected by e-tailers. But a simple manual detection process of each command, in addition to being inefficient, would also come to be too costly in a climate of harsh competition. This cost comes from expenses that could be put to use elsewhere, whereas the controler, by a natural risk aversion inherent to every human being, would rather have a tendency to reject a non-neglectible number of clients in a fraud detection process: it would generate false positives because of the fear to generate a false negative, that is to say let a fraudster fraud. The e-tailer must therefore deploy a rational and efficient automatic fraud detection system.
Card fraud detection must therefore be a major concern for e-tailers. Firstly because fraud on remote payments by Internet does not cease to grow, then because this growth can be explained by the surexposure of e-businesses to fraud together with the absence of a real answer from e-tailers to the problem of fraud. But fraud can have dramatic consequences on an e-business, as much on the short term as for longer periods, whereas e-tailers will soon have to optimize their management processes, including their anti-fraud process. These observations make necessary the setup of an efficient automatic system of e-commerce fraud detection.