swombat.com

daily articles for founders

Fighting online fraud  

Fraud can be a huge issue for online businesses, for a number of reasons.

First of all, fraud can affect you even if you've done nothing wrong: any customer can request a chargeback, for spurious reasons, even if you did deliver the service as described and they made use of it. The ultimate decision about whether the transaction was fraudulent will then often rest with the issuing bank - i.e. the customer's bank. Unsurprisingly, those usually side with their customers.

Another big issue is that merchant banks (those that provide you with a merchant account) are usually very strict about how many chargebacks they will allow before they start investigating your account and possibly closing it down. Typical figures are 1% - of both transaction volume and amount. So, if you have 150 monthly customers, and just 2 of them turn out to be fraudulent (or one of them causes two fraudulent transactions in that month), you could end up being investigated because that's more than 1% of your transactions. If you have less than a hundred customers, a single chargeback could cause you trouble.

You might think that your payment gateway will help you with this by detecting fraud patterns across their entire network, and therefore saving you from obvious fraud... but in practice they don't. It's your job to write algorithms to detect obvious or likely fraud and figure out how to convey that to what might either be a strange customer, or a fraudster.

So, with that in mind, this is an excellent article to bookmark, written by Eran Galp, as it goes into a lot of detail about how you can detect and deal with fraud for a variety of payment methods, like Paypal or credit cards.

More from the library:
Why I won't sign your NDA
Your job as a CEO
The obvious, the easy and the possible
Google Analytics Alternative