5 October 2022
8 min read
Before we talk about how the pandemic affected eCommerce, it is important to understand how the situation looked prior to the world going into lockdown. In 2019, US eCommerce growth was only 14.3% of total retail sales but grew to 31.8% in 2020 (in Europe it grew. Even though figures have fluctuated since the easing of lockdowns, it is undeniable that the impact of COVID-19 on financial performance was a factor in this growth.
But what has become clearer to retail merchants with an online presence is that payments made online are no longer a quirky additional option but rather a means that can help achieve payment optimisation. As eCommerce continues to grow, and the world becomes more hands-on with online shopping thanks to the increase in global mobile device ownership, providing customers with increased choice is not only beneficial, it is expected - especially from Gen-Z and Millenials who spend a lot more time online than previous generations. Covid impact on consumer spending has simply hastened a process which was already visible prior to the pandemic.
And herein lies a fundamental problem being experienced today by eCommerce merchants. A surge in online shopping has caught many brick-and-mortar retailers off-guard, having neglected their online presence up until the pandemic. To survive they were forced online, but with this abrupt change to operations there arose problems with fraud due to deploying inefficient fraud systems and worries over causing customers online friction through authentication measures. Some merchants were unprepared for eCommerce, as were many new online customers - all of which proved ideal for fraudsters.
Fraud has developed during the pandemic and beyond as the vast number of online users new to online shopping and banking have been seen as soft targets by fraudsters. They do not need sophisticated tools to hack user accounts and databases, all they need are some tried and tested social engineering techniques to trick customers. There has been a proliferation of fraud tools and knowledge on the dark web, making fraud a lucrative endeavour even for those with mid-level IT skills.
Prior to, and during the pandemic, our fraud intelligence team scoured the darknet to keep up with the latest goings on in the cybercrime underworld (something we document in monthly reports in our Darknet Summary fraud podcast). In light of the growing no. of global eCommerce users, it is therefore unsurprising that the main focus of dark web forum discussions tends to revolve around carding fraud, account takeovers (ATO) and identity theft and fraud. It is a growing problem that is still being felt now, even as the world economy gradually sees some prospects for post-Covid recovery.
Conflict in the Russian-speaking dark web (where most of the world's online fraud originates) has also exacerbated online fraud trends as the previous camaraderie amongst Russian-speakers has fractured.
The travel industry was particularly affected by COVID-19 lockdowns. An entire industry came to a near standstill. But it was also prone to fraud prior to the pandemic. On the road to recovery, following months of inactivity, travel companies and airlines have been eager to entice customers back to exploring the world. Various offers were provided, which could lead to a huge increase in policy abuse - fraudsters and dishonest customers taking advantage of airline/travel loyalty schemes and promo codes to gain financially, claiming refunds and returns that will all impact their financial growth. Stolen accounts with loyalty points have also become lucrative.
These are problems that arise when companies do not fully understand the disadvantages of using ineffective rules-based fraud detection. The approach, to date, has been to implement any system, so long as it is not too expensive. Any fraud system is better than no system, right? Of course, it’s better than having no protection at all, but it remains ineffective when fraudsters are continually finding ways to exploit their ineffectiveness. Why have ineffective fraud protection when fraudsters continually adapt carding techniques to defraud your company? These are problems that can be avoided with advanced fraud solutions.
Part of the problem why fraud rates are increasing worldwide is due to a lack of understanding of how fraud can be efficiently blocked. Many businesses with an online presence still suffer from fraud which can be easily prevented. The same applies to customers (and any online users) who are not fully aware of the threats that lurk in the online world. It is down to businesses and financial organisations with the knowledge of how to prevent fraud to share it with their customers.
Fintech companies play a part too - especially those, like Nethone, that provide advanced fraud solutions. There needs to be an understanding of how it can provide business value and protect its customers. This is, in part, why we frequently create content on our fraud prevention blog - in order to educate the wider world on how best to deal with online fraud trends.
What has become more apparent on the road to post-Covid recovery is the need to combat online payment fraud with effective multi-factor authentication. Europe has finally fully implemented PSD2 Strong Customer Authentication (SCA) measures, which has seen a fall in fraud rates. The problem of checkout friction remains a problem in various regions of the world - in Africa, for instance, where mobile payments are growing in popularity, but do not always require an internet connection. The challenges of payment authentication vary around the world, but what is clear is that even traditional cash-based economies have either changed or are changing with the growing popularity of online payment choices that consumers love. There are, of course, existing solutions to enhance current authentication problems and future stumbling blocks that may arise.
The increasing need to fight fraud has shown that fraud solutions which take a holistic approach to detecting and preventing fraud are far more effective than rules-based fraud systems. In practice, this means that advanced fraud solutions use behavioural biometrics and digital fingerprinting to understand every single service user - and thus, gain insight into their true intentions and motivations. Machine learning models power the entire process to automatically analyse 5,000+ data points, passively and in real-time.
This approach has shown itself to be effective, with a proven track record. Behavioural biometrics and machine learning can ensure SCA measures are met for online payments, without negatively impacting the user experience. Companies such as Nethone have been able to find the perfect equilibrium between fraud fighting and frictionless experiences. Merchants working with Nethone are PSD2 compliant and can authenticate users and their payments efficiently, which can also be applied to eCommerce merchants and other online businesses around the world using 3DS2 authentication.
We will always monitor online fraud trends, but one thing is for certain - we know we must stay ahead of the curve in order to effectively combat fraudsters. We feel confident we have been able to provide these solutions during the many challenges faced by merchants during the pandemic. We are more than confident to state we will be able to meet the fraud challenges of the future.