13 December 2017
10 min read
Although jewellery stores, top-shelf fashion merchants, and premium-class perfumeries invest a lot in in-store security, as soon as they go online, they immediately become easy targets for criminals too smart to barge in with a pistol or peel security labels in a fitting room. For fraudsters, tricking a luxury eCommerce store requires more effort than extorting money from, say, a digital goods marketplace. But the reward is incomparably higher and the risk of being caught red handed much lower than while shoplifting.
Does it mean that luxury goods are destined for brick-and-mortar commerce? Not at all! Below I explain what makes upmarket goods different from other categories, what the specific features of fraud in this business are and how merchants who operate in this segment can effectively protect themselves against online criminals.
Let’s start with a brief summary of the key distinguishing features of luxury goods eCommerce.
Sure, there are many more differentiators but the above listed are strictly bound by the sector’s vulnerability to fraud.
Fraudsters tend to reach for low-hanging fruits, but when it comes to luxury goods, they don’t hesitate to climb or even to fell the tree. While in the digital goods eCommerce, where most transactions present relatively low value, criminals simply make a number of fraud attempts using many different cards (the process is often automated), knowing that the lion’s share of those will be rejected, in the luxury goods segment, they invest much more time, toil and creativity to effectively outsmart the merchant.
They collect information about cardholders in social media, in publicly available databases, and sometimes even use malware to extract relevant data directly from their victims’ computers. In effect, fraudulent user accounts might look truly credible, including even telephone numbers similar to the ones used by real cardholders.
Moreover, as in the case of high-value transactions fraudsters know that the merchant might request a scan of the cardholder’s ID or passport to verify their identity, they often forge documents.
In other words, it is much more difficult to detect fraud in luxury goods commerce than in other categories of online retailing.
As luxury goods are relatively expensive, consumers often search for original products from this category on the second-hand market. Sure, the risk of purchasing fake items is quite high there, but as consumers are lured by prices as low as a fraction of the original retail price… they do not care.
It makes perfect conditions for fraudsters who need to convert extorted goods into cash as quick as possible. According to McAfee Institute, criminals usually sell stolen goods on Craigslist, eBay (mostly electronics) and Cash4Gold.com (jewellery). Try searching any of the largest consumer-to-consumer platforms. Type in one of the upmarket brand names, apply filters to display new items only and compare their prices with those offered by certified online retailers. See?
Only some of the ads are posted by official retailers or individuals who didn’t like their birthday presents. How many of the displayed items have been stolen?
Luxury eCommerce merchants not only lose products extorted by criminals and money that they have to return to legitimate cardholders as a consequence of chargebacks, but they also have to compete with second-hand market prices.
This problem refers mostly to mass luxury eCommerce segment, but this segment is actually the most fraud-vulnerable one. According to Ingenico, 82% of chargebacks noted in upmarket eCommerce in 2016 were for mass luxury goods and 18% of chargebacks were for high-luxury goods.
Mind that all these designer handbags, Swiss watches, iPhones and other premium goods had to be monetized somehow.
Beyond all the economic threats that chargebacks imply for online merchants, there is one more important aspect of the problem. Namely, the chargeback thresholds imposed by card organizations on merchants and acquiring banks.
Those are meant to protect the payment ecosystem and consumers against fraud by blacklisting business entities incapable of ensuring appropriate security standards. Once a company gets blacklisted it might lose the ability to accept online payments, which equals the end of its eCommerce operations.
Of course, before they blacklist a company, card schemes send warnings, impose fines and give some time to fix the problem.
The standard threshold at Visa and Mastercard is 1% (calculated differently), which means that the share of fraudulent transactions processed by a merchant in a given month cannot exceed 1% (actually, it is not that simple, but such an explanation should suffice you at that stage). Mind also that some acquiring banks, in order to play it all safe, impose their own, even more rigorous chargeback thresholds (i.e. 0,98%).
Why are the chargeback thresholds that dangerous for upmarket merchants?
Just take a look at the following comparison:
|Regular online retailer||Luxury goods merchant|
|Sales/Month||$1000 000||$1000 000|
|Avg. Transaction Amount||$20||$1000|
|No. of transactions/Month||50 000||1000|
|No. of chargebacks/Month||500||10|
As you can see, a luxury eCommerce merchant can exceed the threshold quite easily, while an erroneous dropping of a legitimate customer would cost them much more than in the case of a regular online retailer.
Remember that the true cost of an erroneous transaction denial (so called false positive) is much higher than just the amount of money the merchant would have earned unless they denied the transaction. Customers are quite unforgiving and, therefore, a denied transaction usually equals a lost customer.
Premium customers require premium service. Unfortunately, most of the traditional fraud prevention methods significantly lower the quality of shopping experience. Verification phone calls, for instance, might be considered by some shoppers quite annoying. Customers do not like to type in any extra security codes sent via SMS, let alone confirming their identity by sending scans of an ID/Passport.
The shopping experience must be smooth, which means that payment must be hardly noticeable. Some premium merchants, therefore, prefer rather take more risk than decrease the quality of service. They make the erroneous assumption that it is an “either-or” situation. But it is not.
One just needs to know their customers really well to avoid uncomfortable situations without risking their bottom line security. When it comes to fraud prevention procedures, it is not a matter of “if” but in what manner and how often those are activated.
While in low-value-high-volume businesses manual reviews are becoming pointless, as automatic FDP (Fraud Detection and Prevention) systems have become far more accurate than human analysts and the cost of a potential false positive is relatively low, in the case of luxury goods it still makes sense to manually screen suspicious transactions. The cost of a verification phone call is also relatively low, compared with the margin.
However, the shopping experience aspect remains an issue.
Therefore, merchants should be extremely careful while choosing who to call and how to talk with the customer to make the process as smooth as possible. The latter can be achieved through an appropriate training of the customer-facing personnel. The former, in turn, requires accurate automatic FDP tools.
Artificial Intelligence, or Machine Learning, in particular, happens to be the holy grail of fraud prevention.
Of course, it must be implemented properly, by people who know how to make the most of this technology.
In a nutshell, AI-based FDP solutions leverage Machine Learning models (self-learning algorithms) to analyse rich data featuring each and every individual visiting a given website, search for interdependencies between thousands of apparently unrelated variables, recognize regularities and anomalies, and – in effect – accurately tell fraudsters from legitimate shoppers. If you want to learn more about Machine Learning in fraud prevention, check out the recent article by Nethone’s Head of Product, Aleksander Kijek.
Thanks to AI-based FDP systems, luxury goods merchants can, among others, reduce the number of verification phone calls to a minimum – by calling their customers only when really necessary.
As mentioned a few paragraphs earlier, some acquiring banks impose chargeback thresholds even more rigorous than those defined by card organisations. Instead of being constantly flooded with alerts from your acquirer, luxury eCommerce merchants should search for one as risk-tolerant as card schemes.
As searching for such an entity might be quite time-consuming, the best way to streamline the process is to delegate the task. Quality payment gateways have relationships with numerous acquiring banks and know how to talk with them to get favourable conditions of cooperation. Contacting a quality payment gateway (i.e. Straal, one of our partners) is, therefore, the best way to find the right acquiring bank.