There is no denying the increase in the number of consumers that are turning to the internet to buy services and products.
By 2021, more than 2.1 billion people worldwide will buy goods online.
This dramatic surge has forced businesses to change the way they run their operations, with many choosing to digitise their processes to keep up with demand.
This opens up opportunities for business growth that never existed, but there is also a downside: credit card fraud.
There is a slew of cybersecurity methods out there: identity verification, multi-factor authentication, knowledge-based authentication etc. But none of them would help if online businesses would not be concerned about their financial security themselves in the first place.
Credit card fraud has increased, most notably because the card holder does not need to be present and rarely has to show ID when they make an online purchase. And here are some numbers that show the scope of the problem.
In 2018 alone, 14.4 million people in the US were victims of identity fraud, with credit card fraud topping the list of most common complaints.
Credit card fraud reports have grown from 55,500 in 2014 to 157,700 in 2018 in the US alone!
In 2018, $24.26 billion was lost due to payment card fraud worldwide. At the current rate, friendly fraud will cost merchants upwards of $25 billion a year by 2020.
Credit card fraud is by far the most common type of identity theft, representing 29.1% of the total cases.
While credit card fraud is a nightmare for consumers, it can be devastating for businesses too.
Your business can suffer through costly chargebacks and false payments, making it incredibly difficult to grow if you are having to pay out money that you do not have.
So, what is the solution? How can businesses ease this pain and move forward, allowing their customer base to grow and their revenue to thrive?
This guide by IT company GetID will give you a walkthrough to preventing credit card fraud with ID verification.
How does credit card fraud affect a business?
The most common case of credit card fraud occurs when a third party makes a purchase using card information that is not theirs or that they do not have permission to use.
When the false charge is detected, either by the actual owner of the credit card or the lender, the burden falls onto the shoulders of the merchant. This can be particularly frustrating when the business is always the passive receptacle (the party which did not choose to be targeted).
And the law usually favours the victim, which is completely understandable considering they did not choose to be targeted either. In fact, according to the Fair Credit Billing Act, identity theft victims have very limited liability for anything that has been bought in their name without their consent.
This is clearly evident in the clause, which outlines that if a card is reported as stolen before any goods have been purchased, the cardholder owes absolutely nothing.
While this is good for credit card holders, it is not so good for businesses.
Someone has to pay, right? And it tends to be the business that gets hit with settling the cost.
If it happens too often, it can spell disaster for a growing business.
Think about it: if you have banks looming over you asking for money back from a fraudulent transaction, what can you do? You have to pay, even though you technically never had the money in the first place.
This is a surefire way to end up in the red.
Simple fraud prevention tactics no longer cut it
Since the rise of online payments, businesses have tried their best to prevent fraudulent payments in a number of different ways, all with varying levels of success.
While “traditional” verification methods do the job in the most basic way, they are often time-consuming and require a lot of manual checking from businesses. This slows down the buying process and can actively put customers off buying from a brand if it takes too long.
Again, this is not good for a company’s bottom line.
These traditional methods include, but certainly are not limited to, activities like:
- Requesting the CVV code from the back of a credit card
- Using device identification tools to see computers that are associated with suspected fraud
- Asking for a phone number or a shipping address and matching those with previous customer purchases
- Keeping a detailed and signed proof of delivery to avoid chargeback penalties
The majority of these tasks add an extra few steps to the buying process and many require a real person to manually check them. As a result, a lot of time gets wasted and mistakes can slip through the gaps.
For growing businesses – particularly those that are looking to expand into new global markets – these methods no longer cut it.
Add to this the fact that consumers are less trusting than ever (an Ofcom report showed that 25% of internet users have given inaccurate or false details on a website to protect their personal identity online) and we have a problem.
Consumers want to trust the brands they buy from, and a large part of this involves trusting businesses with their personal information.
Consumers want to feel safe when buying from a brand, which is precisely why regulatory requirements like KYC and AML have been put in place.
For businesses, gaining the trust of online buyers is vital for growth, but businesses also crave methods that allow them to gain that trust without impacting the customer experience in any way.
75% of businesses that operate online are actively seeking advanced authentication and security measures that have little or no impact on the customer experience.
This is particularly important in an age where customer experience is an increasingly important part of business — an age in which 86% of buyers will pay more for better customer experience:
How ID verification can prevent credit card fraud
Most businesses – regardless of sector – tend to lean towards the same ID verification methods.
As the graph below shows, password protection is most common, along with email addresses, phone numbers, and PINs. But these are all traditional forms of verification and can easily be stolen or used by someone who does not have permission to use them.
Nearer the bottom of the chart are methods like digital copies of ID documents, facial recognition, and other biometrics. While these are not common practice amongst businesses, the use of them is beginning to increase because they are very difficult to forge.
The added bonus of these verification methods is that they can automatically verify a customer’s identity against their credit card details without needing a real human to manually check them.
This helps brands bridge the gap between providing an enjoyable customer experience and having to check ID to avoid chargebacks and fraudulent payments.
And we are starting to see more and more businesses tapping into new tools and technologies to prevent fraud, with the worldwide identity verification market revenue set to triple over the next ten years:
A guide to implementing ID verification to prevent credit card fraud
New technologies have made it easier than ever to handpick ID verification methods that work for each individual business and its customers. More than ever, we are starting to see a slew of tools that automatically check a consumer’s ID and verify it in a matter of minutes.
Here are some tools and technologies that are proving the most popular to prevent credit card fraud:
This is essentially the practice of asking consumers to provide a selfie or a video of themselves to verify their face. The technology uses accurate comparison through facial characteristics to recognise an individual from a huge database.
Face-matching eliminates fraud because it is obviously impossible to replicate someone else’s face without having them present.
This requires consumers to log in to an account using a password or a PIN. They then must confirm their log in or payment through a secondary code that is sent to their mobile device or email address.
A lot of brands use this as a common form of ID verification because it can be done automatically when a user logs in without the customer having to take a selfie or go out of their way to film a video.
The downside is that every time a user logs in, they have to authenticate their identity twice. With the other methods listed here, it’s usually a case of “one-and-done” – that is, once a customer has verified their identity they do not have to do it again.
Two-step authentication helps prevent fraud because it requires the customer to take two actions. If a fraudulent buyer manages to get the password of their victim, it is highly unlikely that they are also going to have access to that person’s mobile device to get the second-step code sent.
Data extraction from documents
This process occurs when a business asks a customer to take a picture of a physical ID document. Technology is then used to extract data from those documents – like what kind of document it is (is it a passport? A driver’s licence? Something else?) – and organised into segments (name, date of birth, address, etc).
Using a software to implement this process speeds up the amount of time it takes to verify a customer’s ID – and, the more physical documents you verify, the quicker and better the software becomes.
Users simply upload a picture of their ID and the technology cross-checks the image and data automatically – and, more importantly, very quickly.
Data extraction fights against credit card fraud by actively matching up a consumer’s ID with their credit card information. It is incredibly difficult to forge an official piece of ID and have it match a victim’s card details at the same time.
Other forms of ID verification that can help prevent fraud
There are plenty of other forms of ID verification that are popping up in the digital age. We are seeing more and more cases of liveness detection, where consumers are required to take a video of themselves to verify their ID. This is particularly common in the banking world, with a lot of disruptive, app-based banks turning to this verification method.
Businesses can also use powerful tools to auto-check watchlists and automatically scan for fraudulent documents to determine if a consumer has committed fraud in the past or has a suspicious background.
How to implement ID verification to prevent fraud
Businesses that are looking for a way to tighten up their security and eliminate credit card fraud entirely should consider the best ID verification method for their customers.
While there are many digital ID verification methods, not all of them are appropriate for all industries and all companies – particularly in the wake of recent data breaches that have led to major consumer distrust.
As a result, businesses should evaluate their current needs to determine which method (or which combination of methods) is best suited to their specific use case.
Crack down on credit card fraud
It is a common fact that credit card fraud is on the rise. Now, more than ever, businesses are required to check the IDs of their consumers if they want to avoid costly chargebacks and growth-crushing payouts.
However, it is not always possible for businesses (particularly fast-growing ones) to manually check every customer’s identity. Instead, businesses are beginning to turn to tech-powered ID verification methods that automatically check a consumer’s identity.
The key is choosing the right verification method to meet customer needs, whether that is through face-matching, data extraction from digital documents, or some form of two-step authentication.
GetID is an Information Technology company located in Tallinn, Estonia.