False declines have long been known as a side-effect of aggressive credit card fraud enforcement, but few experts believed the losses incurred as a result of false declines would ever exceed those of fraud losses. That is, until it happened.
It’s well known that ecommerce merchants are facing rising fraud, especially since the implementation of EMV payment cards have taken away much of fraudsters’ card-present fraud opportunities. This increase in card-not-present (CNP) fraud is not much of a surprise to industry experts, as similar statistics were seen in other countries after the implementation of EMV. As a result of the increase in CNP fraud, ecommerce merchants are putting stronger safeguards in place to help protect themselves and their customers. Unfortunately, in some cases these safeguards are too strong, leading to false declines – also called false positives – which happen when a legitimate transaction is declined. These false declines are becoming a more costly and troublesome problem than actual fraud. It is estimated that U.S. based ecommerce merchants will lose $8.6 billion due to false declines in 2016 alone, amounting to more than $2 billion more than the $6.5 billion in fraud they will prevent, thereby undermining the merchants’ own efforts to combat fraud.
In order to make fraud-busting efforts effective, ecommerce merchants must get a handle on the number of false declines they are experiencing. This can be accomplished with some simple strategies in foe form of additional authenticators at the time of purchase. Identity-related issues can be solved by requiring customers provide information that will authenticate themselves, essentially telling the merchant’s system that they are the card account owner. These can include an address verification service (AVS), which compares the billing address provided by a customer to the billing address on the card issuer’s file before processing a transaction; card security codes, the three- or four-digit numbers on the back or front of a card that help verify the customer is in physical possession of a valid card; and Verified by Visa and MasterCard SecureCodes, an additional password a customer enters after clicking the “Buy” button that verifies his or her identity. Some ecommerce merchants are also looking into other authentication methods, such as answering secret questions (beyond “mother’s maiden name”), and even biometrics. The merchants themselves can help their false decline situation by examining and solving technical issues by using smart routing, card updaters and local domains.
Most legitimate customers won’t be bothered by having to provide additional information to an ecommerce merchant, and in fact many will gladly provide it, as to them it shows the merchant values security and has taken extra steps to ensure the customer’s information is safe. Additional authentication is unlikely to trigger a false decline, and can go a long way in bringing the numbers down. The last thing an ecommerce merchant wants to do is infuriate a customer, sending them to a rival site and risking potential brand damage when the angry customer “social shames” the brand on social media, particularly if the media believes the complaint is newsworthy.
No merchant wants to be a victim of fraud, regardless of whether he or she is a brick-and-mortar merchant or an ecommerce merchant. Utilizing a few extra authentication measures to verify customer identification can not only reduce fraud and false declines, but it can also help keep your customers happy, which is very good for business.