False positives — A touchy problem for businesses
False positives are getting to be a bigger problem than actual fraud, as they can seriously harm online business’s bottom line. It’s a complex issue that touches many online merchants. What exactly are false positives and how can merchants minimize them?
According to the Merchant Risk Council’s 2017 Global Fraud Survey, online stores declined on average 2.6% from all incoming transactions due to suspicion of fraud. At the same time, the Baymard Institute states that 4% of online customers abandon their online purchases during the checkout process because of credit card decline.
There are, of course, various reasons for canceling transactions, besides the false positives, but online businesses should be able to both track and estimate the impact of false positives on the company’s budget.
What are false positives?
The false positives, also known as false declines, are credit card transactions that are legitimate but declined because they look suspicious. The consequences of these phenomenons are getting serious for online businesses’ budgets, and it’s growing concerns for all players that operate in the online world.
According to LexisNexis, in 2016 85% of declined transactions were false positives, while, as BI Intelligence estimates, false positives cost U.S. companies $8.6 billion in 2016 alone.
The declines could happen for various reasons, but the most common is when the transaction is canceled because it was flagged by the fraud system as being too risky. Another situation is when a human agent reviews the transaction and finds it suspicious — this can be, for instance, because of a shipping address being other than the billing address.
Overall, false declines can be caused because of different shipping and billing information that are given by a customer, outdated card information, or too strict fraud rules. Also, merchants tend to block purchases made from countries and regions known as ones that generate a number of fraudulent transactions, especially when they are completed overnight. In such cases, there’s a huge likelihood that the purchase is suspicious, however, when the order is genuine, a merchant loses a customer by declining it.
To make sure that the transaction is legit, merchants can, for instance, track the IP, do address checks (eg. via Google Maps), or contact the customer or their issuing bank.
A layered approach
To minimize the number of suspicious transactions, merchants usually implement the Address Verification Service (AVS), as well as CVV code checks. The tools such as AVS can help, however, note that mismatched addresses don’t have to come with an attempt of fraud. There are various situations when buyers submit different shipping and billing address, such as when they buy a gift or order items to their workplace. Having this in mind, when in doubt, contact the customer or the shipper before you decline the order.
We also recommend our clients to use non-invasive 3D Secure authentication, which helps them verify customers. Why non-invasive? While standard 3D Secure verification couldn’t be the best solution, as it affects both user experience and conversion, non-invasive 3DS developed by SecurionPay enables completing the transaction, even if a customer intentionally closes the window. This means that an extra layer of authentication doesn’t interrupt the payment process that much, so it won’t cause a drop in conversion.
Overall, keep in mind that the aforementioned tools could be not enough, as in many cases fraudsters are in possession of necessary information. This is why we recommend having multi-level risk protection in place, as this approach helps effectively reduce suspicious activity and results in fewer false positives.
So, search for payment solutions that give you a set of anti-fraud tools that include ones mentioned above, as well as machine learning solutions and AI-based tools for accurate fraud detection. But, note that systems based on outdated technology can’t handle complex fraud attempts, so make sure that your payment provider offers solutions that adapt to new fraud patterns in real-time, as it can have a significant impact on your bottom line.
Also, keep in mind that effective tools prevent your business from overstepping a chargeback threshold. Companies that use outdated solutions need to tweak their fraud tools to enhance both theirs and their customers’ security.
Is your fraud control too tight?
In general, there are plenty of payment gateways that provide merchants with security solutions based on fraud rules to spot suspicious attempts. However, when the rules are overly strict, fraud filters might cause genuine transactions that are labeled suspicious. The Riskified reports claim that 40-60% of false declines occur because of too tight control on fraud.
While being careful and incisive when reviewing transactions is highly recommended, merchants need to realize that too strict filters or inaccurate risk assessment can lead to significant losses. Wrongly declined transactions are also a way to damage merchants’ relationships with their customers. Sometimes, removing some filters may help increase sales revenue, but it’s all about the technology that should simply adapt to actual users’ behavior.
There’s no question that machine learning can be effective, however, it needs to be upgraded at the speed merchants need nowadays. Note that basic machine learning solutions as we know them can be inaccurate as they adapt much slower to new fraud patterns than tools with dynamic filters. The thing is that solutions based on typical scoring flag suspicious transactions more often which may lead to having more legitimate customers scored as fraudulent.
Keep in mind that SecurionPay AI-based filters adjust to specific business model and traffic origin which makes them more accurate than static filters based on widely known patterns. This means that they adapt much faster to new fraud patterns in real-time. Moreover, you can customize the rules to identify suspicious transactions, so it’s up to you which of them will be blocked or flagged.
All in all, while advanced and stricter security is becoming increasingly necessary, too strict measures can lead to blocking genuine transactions, which usually ends up as a lost sales opportunity. The transactions are mistakenly flagged as fraudulent or labeled as suspicious because of static rules that don’t adjust to specific industries or scenarios.
Online stores and websites that engage millions of users can experience massive money loss due to false positives. Even if these are small amounts, it hurts profits in the long run, not to mention missed business opportunities and companies reputation that can suffer. For some, it may also cause a customer retention problem. Another thing impacted by false positives is the customer lifetime value. Having a group of frequent customers is often times more important for businesses than one-time shoppers.
The thing is to find a balance between security checks and a reasonable way of accepting transactions to avoid situations when you set up too many net restrictions and to rather minimize the results of this constant cat-and-mouse game.
No matter if you run on top of the top of online stores or a local business, people need to feel comfortable when they buy something from you. So, when you block genuine transactions for no reason, how are they supposed to trust you and come back again?
Take a closer look at your online business, find out what changes you can make (Perhaps it’s time to switch to another payment solution?) and decide whether to change the approach to your security settings. Search for more accurate fraud identification that will prevent you from revenue losses and optimize your fraud system to minimize the risk of losing legitimate customers.
Latest posts by Sandra Wróbel-Konior (see all)
- Fintech blogs and services worth following. 2019 edition - April 8, 2019
- What is a retrieval request? - April 5, 2019
- Online payments for gaming: Turn players into payers - February 25, 2019