Authenticating cardholder data can help reduce eCommerce fraud

When the world shut down in 2020, commerce and payments rapidly went digital and fraudsters saw an opportunity to cash in. With eCommerce fraud on the rise, cardholder data authentication is a key to protecting digital transactions.

Tags: Credit cards, Fraud protection, Technology
Published: September 29, 2021

The U.S. eCommerce market is thriving, valued at $538 billion in 2020. Second only to China, the shift towards digital commerce in the United States has been accelerated by the pandemic and technological innovations that make these transactions seamless and simple.

But the exciting growth of the eCommerce market is threatened by the parallel rise of online fraud. In the last year alone, experts predict online retail fraud represents a $20 billion problem. Payment fraud began moving online when EMV technology was implemented back in 2015 in the U.S. for in-store purchases. EMV was so successful in decreasing card-present fraud that it pushed payment fraudsters to online transactions. 

The COVID-19 pandemic further added to the rise of eCommerce fraud when internet traffic surged 60% and more employees began working remotely with fewer security controls in place. With commerce shifting to online environments more rapidly than ever, digital card-not-present transactions also increased and many environments were left vulnerable to fraudulent activity. 


Credit card chargebacks top eCommerce fraud

While fraudsters are developing sophisticated new scams like credential stuffing (mass payment authorization attempts to verify stolen accounts) and streaming potlucks (unauthorized sharing of streaming subscriptions), the most common and concerning type of online fraud is old school. Known as friendly fraud, this is when a cardholder claims a charge is fraudulent when in fact it was a legitimate transaction.

Friendly fraud accounts for up to 75% of all chargebacks. It’s an expensive type of fraud for merchants, who lose around 84% of all chargeback disputes – resulting in a loss of inventory and additional processing fees. Friendly fraud is quickly becoming a major problem for eCommerce retailers across all industries. Over the last three years, nearly 80% have seen an increase in friendly fraud attacks, while 68% blame the pandemic for a spike in their chargeback rates. 

Protecting digital transactions in the new normal

Research shows eCommerce sales in the U.S. rose nearly 32% in 2020, and the trend is only expected to continue throughout 2021 and beyond. Fortunately, businesses can take advantage of the rise in digital sales growth while protecting themselves from all types of transaction fraud, including friendly fraud.

According to a recent IBM study, companies with a formal security strategy fare better, experiencing almost a 50% reduction in the cost of a data breach event when one occurs. Yet, despite the strong evidence for advanced security measures, just 21% of businesses have fully deployed security automation/breach orchestration platforms.

When developing a security strategy for digital transactions, it’s important that any protective tools also help to reduce false declines and unnecessary friction that impede a smooth transaction for online customers. This will support a fast, easy and convenient checkout experience that keeps those customers satisfied. 


Data authentication key to fighting eCommerce fraud

Thanks to innovations in payment technology, there are many ways businesses can fight fraud and protect cardholder data while offering customers seamless digital payment transactions. One of the best tools available today is EMV 3-D Secure. Improving upon the older 3-D Secure (commonly known as Verified by Visa or MasterCard SecureCode, among others), the updated version offers a smoother user experience and now adapts to a wide variety of devices, including mobile.

EMV 3-D Secure uses 10 times more assessment datapoints than the previous version, allowing for risk-based authentication by the card issuing bank. After the cardholder submits their information on the merchant payment page, it is sent to the issuing bank, which decides if there is adequate data to determine if the purchase is being made by the true cardholder in order to authenticate and then authorize the cardholder’s transaction.

EMV 3-D Secure also relies on enhanced frictionless security such as biometrics, which is easy for cardholders to use and means customers don’t have to remember complicated passwords. These extra security features decrease the overall risk of fraud and friendly fraud specifically, since merchants who accept the strongly authenticated transactions are less vulnerable to losing potential chargeback disputes.

Businesses incorporating this new tool into their digital payments flow are already reporting impressive results, including checkout times reduced by 85% and cart abandonment lowered by 70%. By providing customers with simple, secure online checkouts, EMV 3-D Secure allows businesses to better protect against fraud, reduce chargeback liability, increase payment authorization rates and ultimately drive eCommerce revenue.


To learn more about the benefits of EMV 3-D Secure for your business and how to get started, read our white paper






5 IBM Average Cost of a Data Breach Study