Our Product Team’s Guide to Fraud Prevention

Written by: Mike Misasi

Every eCommerce business has to have a fraud prevention solution in place. Stolen credit card numbers are so readily available that all ecommerce business are vulnerable to attack. It’s as simple as that.

 

Each merchant’s risks are different though. Small ticket items are appealing to card testers. Large ticket items risk being unrecoverable after shipment. Subscriptions and digital content also have unique threats. Fraud patterns can also vary depending on the geographies in which products are marketed. These are just a few examples. We give you the tools to optimize the fraud strategy that is best for your business.

 

Our Enterprise Fraud Prevention service allows you to completely customize your fraud prevention strategy using Kount’s Agent Web Console. The demo screenshot included below highlights the Order Detail page, which efficiently summarizes the most relevant information for a particular order.

 

kount_bluesnap_enterprise_fraud

 

To get started with Enterprise fraud prevention, you must have first installed theBlueSnap iFrame on your checkout pages if you are using our API. The JavaScript will pass information about the shopper’s device such as browser settings, operating system and other software version numbers, cookies, and cache IDs to Kount for analysis. We require this step because it is a significant component of the the rules engine.

 

Here are a couple tips to get the most out of your integration by personalizing it for your business:

 

Create Custom Scorecards

Fraud rules can be defined to take an action such as Approve or Decline whenever the rule is triggered on an order. There is certainly a place for a few of these rules in most rule sets, but will oversimplify the decision in many cases. As an alternative, users can create custom scorecards so that action is taken based on an evaluation of several rules in combination. Point values can be assigned to each rule in the scorecard, and a Master Scorecard rule used to determine the action taken on the order based on aggregate points accrued.

 

Use Custom Fields

BlueSnap’s integration with Kount allows users to pass two types of custom fields, Website IDs (Site IDs) and user Defined Fields (UDFs). You can reference both fields in your fraud rules or just have the data available for agents when they review orders.

If you sell your products or services on many different websites (which could each have unique fraud risks), the Site ID could indicate the website used to submit the order. Consider using UDFs to pass shopping cart information so you can create different rules for different products. Or you might also want to pass information you have about the shopper that wasn’t included in BlueSnap’s API call. This could be their email address, username for your site, length of order history etc.

Custom fields should be included in <transaction-fraud-info>. There is no limit on the number of Site IDs and UDFs you can define. Before sending Site IDs or UDFs in your API call, you should first define them in Kount’s web console.

<transaction-fraud-info>
<fraud-session-id>1234</fraud-session-id>
<shopper-ip-address>123.12.134.1</shopper-ip-address>
<company>BBBBB</company>
<shipping-contact-info>
<last-name>LL</last-name>
<first-name>YY</first-name>
<country>US</country>
<state>AL</state>
<city>Juneau</city>
<address1>Address1</address1>
<address2>Address2</address2>
<zip>12345</zip>
</shipping-contact-info>
<enterprise-site-id>DEFAULT</enterprise-site-id>
<enterprise-udfs>
<udf>
<udf-name>ENT_UDF1</udf-name>
<udf-value>aaa</udf-value>
</udf>
<udf>
<udf-name>ENT_UDF2</udf-name>
<udf-value>bbb</udf-value>
</udf>
</enterprise-udfs>
</transaction-fraud-info>

 

Card Fingerprinting

A card fingerprint is a unique and secure identifier associated with a specific payment card. No two payment cards will have the same fingerprint. Card fingerprints allow merchants to identify when a single payment card is being used by multiple shoppers, which can indicate fraud.

BlueSnap automatically generates and returns a fingerprint every time a card number is “passed” in an API call.

Merchants that have implemented business logic to take action based on the fingerprint returned can move this logic to Kount’s rules engine. For example, a UDF could store either the number of unique shoppers, email address, or shipping addresses that have used a given card number. A rule could then be defined to trigger when the value exceeds a specified amount.

 

Read more about our fraud prevention service in this blog.

Increase conversion rates up to 40%

Learn how your business can convert and protect more revenue.

Talk to a Conversion Consultant Today

We use cookies on this website. By using this site, you agree that we may store and access cookies on your device. Read more about our Cookie Policy.