Why payment fraud affects online stores more than you realise

Photo: Shutterstock
Payment fraud is a major vulnerability for e-commerce platforms. While it’s easy to physically deal with a dodgy customer, it’s hard to keep bad customers at bay when they’re hiding behind a screen. A report by analytics firm Payments states that 8.6 percent of sales globally were affected by fraud. That suggests that retailers in Q2 2016 could expect to lose $8 for every $100 to fraud, four times the value from 2015.

The anatomy of payment fraud

Fraud comes in many forms. As payment methods have evolved in the last decade, so have fraudsters’ methods. Some hackers could use an online store as a front for phishers, using the platform’s legitimacy to obtain sensitive information. Others set up fake payment sites mimicking real ones to collect financial information.

If a site is particularly vulnerable, it may even be subject to a man-in-the-middle attack. This occurs when an unauthorized third party positions itself between the sender of sensitive data and the recipient of the data. So while a payment platform is collecting information, a hacker sees the information being transferred.

Hackers may also resort to malicious redirection. So while visitors believe that they’re going to their favorite shopping site, they may be diverted to a fake site where they’re vulnerable to attack.

Once the information is obtained, hackers can commit synthetic identity theft, in which the attacker impersonates someone using their personal information. Malicious attackers often target customers, but could also pose a threat to ecommerce merchants. If a fraudulent order is accepted, the merchant could stand to lose not only merchandise but also be slapped with a chargeback fee, which occurs when a purchase is forfeited.


Business Standard is now on Telegram.
For insightful reports and views on business, markets, politics and other issues, subscribe to our official Telegram channel