2012 UK Online Fraud Report

7/28/2019 2012 UK Online Fraud Report

1/28


2/28

Co-Authored by James Hunt,Senior Managed Risk ServicesAnalyst, CyberSource

James Hunt has over a decade of direct

experience across multiple frauddisciplines, gained by working for, as wellas advising, some of the biggest onlineand multi-channel brands. AtCyberSource, James speaks daily tomerchants across the retail, travel,banking and digital verticals about theirfraud challenges, helping them to optimisetheir defences and maximise profit.

Such expertise has made James aninvaluable advisor to this years report,

rationalising the feedback from merchantsand providing context and explanations forthe emerging trends.

Co-Authored by Dr Akif Khan,Director, Products and Services,CyberSource

As Director, Products and Services, at

CyberSource, Dr Akif Khan is recognisedas a thought-leader in the eCommerceindustry. He assists and advisesbusinesses globally and continues toshape fraud and data security bestpractices; the latter leading to thedevelopment of a framework thatorganisations can use to evolve theirpayment security policies and strategies.

Akif has helped to direct the research andanalyse the findings presented in this

report, as well as offering counsel ontrends and the future eCommercelandscape.

Methodology

For the eighth consecutive year, CyberSource presents the UK Online Fraud Report; the most comprehensive study of

online fraud in the UK. For this latest edition weve surveyed 200 merchants and undertaken in-depth analysis of the

results; comparisons are also drawn with the previous fraud surveys. Included within this report is best practice

advice for businesses trading online, together with industry comments from Visa Europe, the Police Central e-Crime

Unit and thetrainline.com.

Working with Vanson Bourne, a specialist technology-industry research consultancy, CyberSource has developed a

consistent and independent survey of UK-based merchants. Through online and telephone research, CyberSource has

gained valuable insight from respondents either directly responsible for, or having an influence over, online fraud

policy and decisions on the management of fraud. They revealed details about their revenues and expenditure, their

operations, and more importantly, their experience with fraud and how they defend themselves. The analysis of these

responses provides insight into how fraud is impacting the overall eCommerce industry.

The UK Online Fraud Report is designed to present an end-to-end view of the fraud management process from

automated screening and manual review, to order dispositioning and fraud claim management. The report also

highlights merchant eCommerce expansion across international territories and provides guidance on how businesses

can best protect themselves against the associated risks. Presented throughout is a selection of the key results from

the survey, as well as the latest eCommerce industry trends and challenges merchants are facing.


3/28

1

Table of Contents

The Survey Base; Todays UK Online Business . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .02

Executive Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .03

Setting the Scene . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .05

Stage 1: Automated Screening . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .08

Stage 2: Manual Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12

Stage 3: Order Dispositioning (Accept/Reject) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16

Stage 4: Fraud Claim Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .18

Tuning & Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21

Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23

Resources & Solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .24


4/28


5/28

3

3

In crease >100%

80100%

6080%

4060%

2040%

In crease 120%

No cha n ge

Decrease

2

4

2

5

23

37

24

3

Expected O n lin e Reve nu e Growth for 2012

0% of Mercha n ts 5 10 15 20 25 30 35 40 45

Combatting and controlling fraud remains a significant cost for

merchants of all sizes trading online. To better understand the

impact of payment fraud on businesses selling over the internet,CyberSource sponsors annual surveys covering the detection,

prevention and management of online fraud. This report

summarises findings from the eighth annual UK survey and isdesigned to help merchants make informed decisions about the

most appropriate ways to protect their organisations.

From the Physical to the Digital:eMedia Driving GrowthThe growth of eCommerce in the UK has continued apace despitethe economic climate. In the previous survey, 77% of merchants

expected online revenues to increase in 2011 and it seems theirconfidence was not misplaced: at the time of the survey 66% of

merchants were still forecasting growth in 2011; just 6% expectedto see their revenues decline. As you may expect, this is not evenly

distributed across all sectors. The travel sector forecast average

growth of 12%, compared to 38% growth in digital goods, one of thecurrent boom industries. The average growth forecast for 2011 was

24% across all sectors.

For the year ahead the picture remains relatively rosy. 73% of

merchants expect growth, whilst 24% forecast no change. The

results are broadly similar across all sectors surveyed. In line with

earlier years theres little prospect of decline for the UKs online

merchants. Previous reports have suggested that businesses areconservative when forecasting growth and theres no obvious reason

for this year to be any different. When looking at those expecting to

see online revenues rise in the travel sector, the outlook is fairlysimilar to 2011 figures: 11% growth. The digital media sector

remains optimistic: a 33% revenue climb is the average amongst

those forecasting growth.

Clearly the nature of the UK online business sector is shifting. Whilegrowth does continue in the stalwart industry sectors of travel and

physical goods, it is the digital media businesses games, apps,

music, and eBooks that are really driving the latest phase.

When looking at the growth expectations of different sizes of business there is a noticeable variation when comparing the largest

with the smallest. In the latter band (online revenue less than

500,000), expectations are up at 35%, dropping off a few percentwith each size category through to the very large businesses (greater

than 25m online revenue) where the forecast is for 18% growth.

Interestingly, 37% of respondents expected to see online revenue

increase by up to 20% in 2012 (Chart 3).

Executive Summary


6/28


7/28

5

All Sizes of Merchant Tackling InternationalCommerceAs one of the world leaders in eCommerce it is no surprise that

merchants from the UK have long been trading outside of these

shores. The latest figures show that even the smaller merchants areshipping overseas, with 52% taking orders from abroad; this

percentage increases by size of business. Overall 59% of companies

are trading internationally, with travel and digital respondents leading

the way, both at 69%.

When looking at the key territories, 82% of those shipping abroad sell

to Germany, 81% to France and 75% the US (Chart 5). Within Asia

Pacific (APAC), Australia is the country served by most merchants

(53%). Digital goods companies have the most open internationalpolicy, which is to be expected given their focus on downloadable

goods. Physical goods companies are more targeted in their territorial

expansions, focusing on individual countries rather than having anopen policy, with logistics being a key challenge.

Hong Kong is the most commonly cited next target for those looking

to expand, given that many of the key APAC geographies are already

covered by those merchants with international reach. Fewerbusinesses are looking to expand in Europe than last year for the

same reason they already have a presence in a number of

countries.

Setting the Scene

The UK Online Fraud Report series provides an annual snapshot of

the online industrys response to ever more sophisticated payment

fraud and evolving customer demands. The UK is one of the worldsmost successful eCommerce nations, and so the report has tracked

its expansion, both in this country and across the world, examininghow merchants have dealt with the differing payment conventions

and fraud practices.

Cards Remain Prevalent with Small MerchantsLeveraging AlternativesCredit and debit cards remain the most popular form of paymentacceptance by some margin (nearly double the next most prevalent

payment method). Whilst PayPal is less popular amongst larger

merchants it is accepted by 52% of the very smallest merchants;furthermore 65% of digital goods respondents stated that they offerthis payment method. Bank transfers have also gained in popularity,

now accepted by 61% of small merchants and particularly prevalent

in the services sector (64%) where direct debit (42%) is alsopopular.

Cash on delivery or, more importantly, in-store payment/pick-up is

now an option for 26% of merchants, and is more common

amongst the middle tier than the very largest. The biggestmerchants are more likely to offer gift cards and certificates,

accepted by 43% versus 11% of the smallest businesses (larger

organisations may have their own programmes or be part of widerindustry initiatives).

Mobile operator billing now forms part of the income stream for 8%

of merchants, and is focused on the top end (online revenues more

than 25m) where 15% of companies now accept payments thisway. Overall, 38% of companies have a mobile-optimised commerce

site, with the travel sector leading the way (56%). 26% of

respondents have their own mobile app, rising to 30% for thephysical goods businesses. Given the potential development costs, it

is the largest companies that are much more likely to have an app

(43%) versus the smallest (7%).


8/28

6

5

Asia Pacific C

Eu rope A Americas BPla n to add i n 2012

Cu rre n tly accept

Accepted i n 2010

Pla n to add i n 2012

Cu rre n tly accept

Accepted i n 2010

Pla n to add i n 2012

Cu rre n tly accept

Accepted i n 2010

0

5

10

15

20

25

35

45

% o f

M e r c h a n

t s

40

30

55

50

35 36

53

62

35 36 36

58

75

% o

f M e r c h a n

t s

A r g e n

t i n a

M e x i c o

0

B r a z i

l

C a n a

d a

U S A

10

20

30

40

50

70

80

60

+6 +4+8

+8

+6

+4+7

+7

+8+1

+3

6362

6872

81 82

63

58

6468

7679

9090

60

3634

43

35

38 3941

43

36 36 37

42 4244

46

53

+2+3

+8

+6+8

+2

+10

+7

C h i n a

S i n g a p o r e

H o n g

K o n g

A u s t r a

l i a

T a

i w a n

S o u

t h K o r e a

J a p a n

I n d i a

S w e

d e n

0

S p a

i n

F r a n c e

G e r m a n y

% o

f M e r c h a n

t s

10

20

30

40

50

70

80

60

I t a

l y

N e

t h e r l a n

d s

% of Mercha n ts Accepti n g In ter n atio n al Orders


9/28

7

End-to-End View RequiredThe true cost of payment fraud is a combination of many factors

beyond the simple losses represented by chargebacks. Alongside

these direct revenue costs, the cost of the stolen goods/services and

associated delivery/fulfilment costs, businesses have to account for:

falsely rejected valid orders, manual review staff, fraud claimadministration, internal systems maintenance, and third-party tools.

Fraud also presents challenges to business scalability.

Merchants can better manage fraud by recognising and optimising

the full pipeline view of operations and costs. This approach

illustrates some of the profit leaks that take place throughout the

payment process.

Over a third of businesses expect their total losses from fraud to

grow in 2012. When we drill down into the detail, we find that

merchants are rejecting on average 4.3% of incoming orders due to

suspicion of fraud a return to more historically typical figuresfollowing a spike to 5% in the last survey. Worryingly 31% of

merchants report that they are rejecting more than one in 20 orders

on suspicion of fraud. Unlike previous surveys, where there hasbeen a clear differentiation between rejection rates in the various

sectors; this year we are seeing rough parity between the physical

goods, digital, services and travel industries.

Of the total number of orders merchants receive, one fifth are

manually reviewed for potential online payment fraud, consistent

with previous years. Of the orders reviewed, 75% are ultimately

accepted. This year we have changed the way that we analyse the

fraudulent order rate to provide an even more accurate figure. Inusing the median versus the mean, we can focus on the mid-range

average, thus reducing the impact of outlying responses. Theaverage fraudulent order rate stands at 1% for 2011, similar to the

last surveys median result.

The 2012 UK Online Fraud Report details key metrics and practices

at each point in the fraud management pipeline in order to providebenchmarks and additional insight for businesses trading online.

Order Autom atedScreenin g

Manu a lReview

Accept / Reject

Fraud Cl aimManag ement

Ret ainedRevenue

Fra ud M a nag ement Pipeline

PROFIT LEAKS

Mercha n ts review o n average 22% of orders

On average, mercha n tsreject 4.3% of orders some may be valid

75% of reviewed ordersare u ltimately accepted

1% of orders overallprove to be fra u du le n t(media n )

32% of chargebacksare fra u d-coded

St affin g &Sc a lab ility

LostSa les

Fraud Loss &Administr a tion


10/28

8

Automated Screening: Intelligent ProtectionMany tools are available to help merchants evaluate incomingorders for potential fraud. Some automated detection tools identify

the probability of risk associated with a transaction, while others

validate the identity of the purchaser. The results of these tests canbe interpreted by reviewers or automated rules-based systems to

determine if a transaction should be accepted, rejected or marked

for further review. Some automated systems might reject a

transaction outright, if they are convinced of its fraudulent nature.

The vast majority of respondents use some form of automated

screening. For most business sizes only around 2% do not.

However, for the smallest class of business 20% of respondentsreport that they are completely without automated screening.

Defence in Depth: Adopting a Multi-LayeredApproachFor the past three surveys we have seen a consistent pattern with

smaller merchants deploying on average four fraud detection tools,the largest merchants deploying seven and an average across the

industry of six. The most prevalent remain Card Verification Number

(CVN), 3D Secure/payer authentication (Verified by Visa and

MasterCard SecureCode), and Address Verification Service (AVS).

This years respondents show a slightly lower level of adoption of

Verified by Visa and MasterCard SecureCode than in the previous

survey, due to the higher proportion of small merchants in this yearsbase (Chart 6A). However these tools remain at the forefront of

merchants plans for adoption in the next 12 months. Payer

authentication provides merchants with some protection from fraud

related chargebacks, as liability is transferred to the card-issuingbank on qualifying transactions. While not completely effective in

isolation, when combined with other tools, payer authentication can

help merchants minimise the cost of fraud to their organisation.

The most common fraud detection tool of all is the simple CVN,designed to help verify that the person placing the order has the

actual card in his or her possession. Historically, fraudsters may have

just traded images, scans or details from the front of cards, but haveadapted to this challenge. CVN remains a useful filter for the most

rudimentary fraud attempts but should always be combined with

other tools.

AVS is deployed by more than half the UKs merchants according tothe latest figures. It compares the address entered with that held by

the cardholders issuing bank, but is subject to a significant rate of

false positives. If the cardholder has a new address or has a validalternate address, this information may not be reflected in the

records of the issuing bank, so the address would be flagged as

invalid. As a result, when used on its own AVS may lead to

merchants unnecessarily rejecting valid orders and potentiallyaccepting fraudulent ones. Comparing the deployment of automated

tools between sectors shows that AVS is significantly less prevalent in

the travel sector (just 36% against 62% in services); this is likely dueto it only applying to UK- and US-issued cards.

While there have been some changes in tool usage, there are two

techniques that have held fairly steady: customer order history and

merchant in-house negative lists. The former involves looking at aspecific customers record of previous purchases; the latter requires

cross-referencing each transaction with an internal list compiled by

the merchant of blocked identities, addresses or payment cards.These tools are particularly prevalent with physical goods retailers

and large merchants (5m to 25m online revenue). The services

sector is less likely to look at customer order history than digital

merchants (25% vs. 38%) something that may not be required forthose subscribing to an online service with regular billing. The

difference is even larger when compared to retailers of physical

goods with 57% using this method.

Stage 1: Automated Screening


11/28

9

6A

Va lid a tion Services

Card Verificatio n Nu mber

Verified by Visa

MasterCard Sec u reCode

Address Verificatio n Service

Postal address validatio n services

Credit history checks

Telepho n e nu mber verificatio n

Paid-for p u blic records services

Sin gle Merch ant Purch a se History

Cu stomer order history

Negative lists i n -ho u se

Purch ase Device Tr acin g

IP geolocatio n

Cu stomer device 'fi n gerpri n tin g'

Multi-Merch ant Purch a se History

Shared n egative lists hotlists

P u rchase velocity/ ide n tity morphi n g models

Social n etworki n g sites

Au tomated Fra u d Detectio n Tool C u rre n t Usage a n d Pla n s

0% of Mercha n ts 10 20 30 50 60 70 8040

65

5952

28

16 15

17 16

8

Order velocity mo n itori n g 15

Tot a l%

70

77

82

60

44

31

26

22

52

35

32

31

2822

31

13

33

21

11

13

4 7

5 8

7

14

34 10

22 9

811

12

90

917

8Fra u d scori n g models i n ter n al 24Cu stomer website behavio u r/

patter n a n alysis 1219

Positive lists 18 10

8

676

41 11

Pl a nnin g toimplement

in 2012

7

In breaking out the results for very large merchants (25m+ annualonline revenue) we can highlight differing patterns of fraud tool

usage (Chart 6B). Such respondents have much higher usage of a

number of fraud tools, and are also likely to use the latest, and more

sophisticated, techniques e.g. device fingerprinting and websiteanalysis.

Automated Screening Investment PlannedThe previous report showed clear evidence of interest from

merchants in the sharing of data: a topic of conversation that has

been common at industry events. At this time, 16% reported their

plan to share negative lists in the coming year. This years figuressuggest that ambition was not achieved with just 17% using the tool

and 16% again asserting their intention to add it. Although initially

attractive, sharing negative lists can be problematic. Merchantsshould be cautious about making decisions using data from other

organisations; such data can be difficult to verify and may be based

on different business objectives, and be subject to legal regulation.

IP geolocation is a popular prospect for investment in 2012. Theability to place buyers in a given location based on their IP address

is certainly a valuable addition to the range of fraud tools, though its

accuracy is limited by certain factors: proxies can be used to hide

the real IP, and the increasing range of mobile broadband optionsmakes it hard to reliably place a customer. The latest device

identification technologies are beginning to overcome theselimitations, allowing merchants to pierce a proxy to see the reallocation, whilst pulling in additional data sources to locate mobile

devices.

One of the trends for 2012, particularly for the largest class of

business, is customer website behaviour analysis (17%): thisinvolves examining the browsing clickstream to identify patterns

that look like fraud. Fraudsters will often take a very direct and

identifiable route to the checkout, in a manner that can bepatterned and recognised, giving the merchant further evidence of

fraud.


12/28

10

INDUSTRY

comment

The role of fraud prevention is an ever changing one; as the fraudster adapts so there is a need for the merchant to change in line

with that behaviour. Key to this is the ability to detect fraudulent behaviour as close to real time as possible and then adapt, makingchanges quickly to counteract the latest threat. I liken fraud prevention to a game of chess; taking skill and strategic planning to get

it right, especially when you are potentially playing a few moves behind the fraudster. Customer needs are ever changing too, with

merchants looking to ensure that order and delivery/collection mechanisms are as easy and convenient as possible. Mobile devices

have been playing an increasingly important role in transaction growth over the last few years, with a wide, and evolving, array of

devices now on the market, all with internet access. Apps are also evolving; shifting from information stores to become purchasingand fulfilment instruments.

My view is that fraud hasnt changed, but fraudsters have. They are more organised and being given new platforms through which to

conduct activity. Any new purchasing process or platform is of real interest to the fraud community and will receive a lot of attention.

You should ensure that your business is prepared, and able to manage such transactions (good and bad). Any success on behalf of the fraudster is likely to lead to further abuse at some stage.

Finally, whilst much focus is placed on identifying fraudulent behaviour, it is just as important to recognise the behaviour of good

customers. Fraud identification is similar to looking for needles in haystacks; if you are adept at identifying good behaviour then youcan substantially reduce the size of haystack at the start of the process; cutting your manual review workload and making the

needles (or fraudsters) easier to spot and handle. In my experience, utilising tenure thresholds and monitoring on-going transaction

behaviour can certainly help to identify genuine buyers. Furthermore, encouraging customers to manage their online activity via a

dedicated user account area on your website not only provides you with valuable marketing data; you also gain much deeper insightinto who your trusted customers are and how they behave.

Martin PearceHead of Loss Prevention, thetrainline.com

6B


Card Verificatio n Nu mber

Verified by Visa

MasterCard Sec u reCode

Address Verificatio n Service





Sin gle Merch ant Purch ase History

Negative lists i n -ho u se


Purch ase Device Tr acin g

IP geolocatio n

Cu stomer device 'fi n gerpri n tin g'

Multi-Merch ant Purch ase History


P u rchase velocity/ ide n tity morphi n g models


Au tomated Fra u d Detectio n Tool C u rre n t Usage a n d Pla n s: Mercha n ts 25m+

0% of Mercha n ts 10 20 30 50 60 70 8040

69

67

54

44

24 13

31 17

17

19 19

Order velocity mo n itori n g

Tot a l%

74

80

85

63

50

37

33

26

58

51

50

48

41

40

37

24

48

38

126 6

6

15 9

9

9

7

17

39

30 7

9

7

11

11

90

924

Fra u d scori n g models i n ter n al

Cu stomer website behavio u r/ patter n a n alysis

Positive lists 30 11

9

283

52

41

Pl a nnin g toimplement

in 2012

31

31


13/28

11

Multi-channel CommerceWith 38% of respondents now having a dedicated mobile websiteand 26% having their own app, the challenges of managing fraud

across multiple channels are a reality for many. Today just 16% of

merchants are tracking fraud through their mobile apps. This could

be for a number of reasons but the fact that the ID of the handsetowner is known perhaps leads to a perception of lower risk.

Only 25% of merchants are tracking fraud from their mobile site. In

fact the barriers to fraud may be lower on a mobile site, with user

experience considerations forcing a reduction in the quantity of

information collected at purchase. As the mobile channel continuesto grow, merchants will need to understand how fraud impacts

mobile commerce.

Interestingly, one fifth of merchants dont track fraud by orderchannel at all. This is important for a number of reasons. From a

reporting standpoint, lack of tracking could hide the fact that fraud

is much higher for orders originating from a certain channel.

Furthermore, without such information an effective response cantbe put in place (such as updating rules that relate to a specific

channel only, rather than across the board).

Excluding those that didnt know, 62% of merchants who trackfraud on their mobile channels are doing so using their existing

fraud tools (Chart 7); this does vary by sector. If this is the case,

merchants should ensure that the tools are suitably configured to

take into account the different factors and attributes of eachchannel e.g. the chances of a successful geographic IP lookup

on a mobile device.

7

Total

Digital goods

Physical goods

Services

Travel

% Scree n in g Mobile Cha nn el with Existi n g Fra u d Tools

0% of Mercha n ts 10 20 30 50 60 7040 80 90

Yes, scree n with existi n g tools

No, we u se aseparate process

62

38

45

55

6535

50

50

81

19


14/28

12

Manual Review Rates Remain HighIn an ideal environment, efficient automated screening can be used

to eliminate most of the fraudulent orders and accept the goodones. Only a minimal number should be passed to the manual

review queue for human intervention. The checks here may bring in

additional tools and sources of information.

According to the latest survey, 61% of merchants use manual

review as part of their online fraud screening process, continuing a

falling trend over the last couple of years. This downward trend is

consistent across sectors, although some still show much higherrates of manual review usage than others, with physical goods at

66% and travel at 69%, compared to digital goods and services at

53% and 55% respectively.

Though more merchants in the travel and physical goods sectorschoose to use manual review, they dont actually analyse a greater

proportion of their orders. For all sectors, on average between 20%

and 24% of orders are subject to manual review. That said, theorder review rate does vary quite substantially by organisation size;

ranging from 39% for small businesses, to 26% for medium, 17%

for large and 11% for very large organisations. Given the scalability

and costs associated with the review process these results are notsurprising. It is noticeable that a fifth of small business respondents

review almost every order, something that is only practical when

dealing with low volumes.

Enhancing Manual ReviewReviewers are generally not solely reliant on the data from checks

already carried out by the automated screens: they have additionaltools at their disposal. These range from the very simple, such as

contacting the customer or card issuer (employed by 68% and 55%

of respondents respectively) through to checking the customer orderhistory (61%) or verifying the delivery location on Google Maps (30%)

(Chart 8).

It is the very largest businesses that are the most likely to deploy a

variety of additional data sources at the manual review stage with44% using in-house negative lists, and 31% using positive lists,

telephone number verification/reverse lookup, and paid-for public

records services such as 192business. The average number of manual review tools/data sources deployed for all sizes of business is

four. From a best practice perspective we would advocate that

merchants automate the use of some of their tools, such as in-house

positive and negative lists, thereby helping to streamline the reviewprocess.

A high proportion of companies are not looking to increase the

number of tools available to their review staff: 40% plan no new

investments in 2012. Of those that are looking to invest, sharednegative lists are the most common choice with an average of 21%

(30% in the travel sector) suggesting this will be their next addition.

Verifying location is clearly a key requirement for reviewers: 14% areinterested in IP geolocation (climbing to 19% in physical goods), and

12% in using Google Maps.

Stage 2: Manual Review


15/28

13

8


Con tact c u stomer to verify order

Con tact card iss u er


Google Maps look u p(for delivery locatio n )





Sin gle Merch ant Purch ase History


Cu stomer website behavio u r/

pattern

an

alysis

Purch ase Device Tr a cin g

IP geolocatio n in formatio n

Device fi n gerpri n tin g

Multi-Merch a nt Purch ase History

Fra u d Detectio n Tool Usage D u rin g Ma nu al Review

0% of Mercha n ts 10 20 30 50 60 70 8040


5540

30

34

12 14

Tot a l%

49

62

70

42

32

28

24

18

67

43

34

30

26

11

3514 21

9

9

11

21 11

21 7

12

97

90

717

8Negative lists in -ho u se 26

Positive lists 23 7

7

268

61 6

2 Pl a nnin g toimplement

in 2012

Case Management: High Expectations for 2012The previous survey revealed a dramatic rise in the use of case

management systems to optimise and streamline the manual reviewprocess. In 2011, 35% of respondents reported case management

usage (Chart 9A). This figure climbs sharply for the largest bus-

inesses where 50% have already deployed such a system (Chart 9B).

Merchants are forecasting significant adoption in 2012, with even

small businesses (29%) indicating plans to put such tools in place a wise move given their over-reliance on manual review. Overall,

27% suggest they plan to deploy a case management system in2012. Significantly however, 40% of large businesses (5m-25m

online revenue) are looking to adopt such a system, signalling their

intention to optimise the review process in a similar way to their

bigger counterparts.


16/28

14

Case Ma n ageme n t Usage 9

All Mercha n ts A Mercha n ts 25m+ O n lin e Reve nu e B

Pl an to implementin 2010

23.5%

Currently use

50%


31%

Do not use or pl anto implement

19%

Currently use

35%


27%

Do not use or pl anto implement

38%

INDUSTRY

comment

The Police Central e-Crime Unit (PCeU) has been allocated 30 million of additional funding to mitigate the levels of harm being

experienced as a result of criminal attacks on society, through computer misuse, which have become sophisticated, agile and evenmore pervasive. As this report shows, the cost to industry in responding to the level of online crime is a significant concern and last

year the government confirmed cybercrime as a tier one threat, second only to terrorism.

The PCeU is the operational strand of the ACPO National e-Crime Programme (NeCP), created to deliver the police response to the

National Cyber Security Programme (NCSP) that had been allocated 650 million in funding. Its target is to reduce the harm causedby cybercrime by 504 million over four years, and to improve mainstream law enforcement capability with respect to cyber

response, up to and beyond the Olympics. This includes the formation of regional PCeU hubs.

In the first 6 months of operation the PCeU has saved the UK economy 140 million in financial harm reduction. This equates to a1:35 ratio of funding to saving, and almost 28% of the four-year performance target delivered within the first six months. Although

not captured within these figures, what is just as important to represent from the impact of the PCeU operations, are the benefits

from the learning obtained by targeting the new and higher echelon of cyber criminality that we then share with our partners.

Whilst the performance delivered by the PCeU has been significant, the unit is still relatively small in comparison with the scale of theharm being caused to the UK by cybercrime. Only through partnership and engagement with industry to share intelligence on the

nature of threats, and prioritise the focus of our policing response with other cyber agencies, can we continue to make an impact and

reduce the harm being caused to our economy.

Detective Superintendent Charlie McMurdieHead of Police Central e-Crime Unit (PCeU)


17/28

15

11

Total

Manu al Review Staffi n g Pla n s

Small b u si n ess0500,000

Medi u m b u si n ess500,0005m

Large b u si n ess5m25m

Very largebu si n ess

25m+

0% of Mercha n ts

A n n u a l

O n

l i n e R

e v e n u e

10 20 30 50 60 7040 80

1121

73

234

654

31

5922

19

1374

13

68

In crease

Decrease

No cha n ge

Planning for Greater Efficiency

When looking at merchants business priorities for 2012, they areclearly related to catching more fraud first time, and boosting reviewefficiency. Over a third plan to focus on improving their automated

screens (this is roughly the same across all sectors), while 19% will

be looking to streamline the manual review workflow (Chart 10). Inall, 11% report that they plan to outsource this task. Significantly,

68% of respondents expect to keep their manual review staffing the

same in 2012. 21% of respondents envisage that their team sizes

will increase (by one fifth on average) and 11% forecast a decrease(of 21% on average) (Chart 11).

Given the proportion of companies predicting an increase in their

revenues in 2012 (73%), expectations must be high that they canachieve more with less via some form of optimisation. This may come

through enabling reviewers to complete more orders each day.Respondents reported that the mean number of orders each reviewercan check in a day is 48, although there is real variation by size of

organisation. Compare this latter figure to the very largest businesses

where reviewers are analysing an average of 109 orders per day(nearly a quarter review over 150) and its clear what can be

achieved with the right levels of automation and the deployment of

suitable support tools such as case management. If smaller

businesses can achieve this level of throughput, and cut the totalnumber of orders that they need to review, it could have a dramatic

impact on their profitability.

10

Improved a u tomated detectio na n d sorti n g capability 34

Streamli n in g the tasks/ workflow occ u rrin g d u rin g

the ma nu al review process19

Improvi n g process

a n alytics18

Ou tso u rcin g portio n s of yo u rreview/scree n in g operatio n 11

Top B u sin ess Priorities for 2012

0 5 10 15 20 25 30 35% of Mercha n ts


18/28

16

12

90100

7090

5070

3050

1030

110

10

510

35

13


19/28

17

14

Nigeria

USA

Chin a

Ru ssia

Pakista n

38

19

14

13

10

8

Blocked Co un tries with HighestFra u d Rates

0% ofMercha n ts

10 20 40 5030 60

15

Delivery address

Billi n g address

IP address

BIN co un try

The website o n whichthe order was placed

59

58

46

16

23

High Risk Co un try Ide n tifiers

0% of Mercha n ts 10 20 30 40 7050 60

International Expansion Presents

Risks as Well as RewardsWhile the UKs online merchants have expanded successfully

beyond these shores, they have also found new fraud threats

abroad. In the last year, 32% of respondents have blocked orders ata country level due to high levels of fraud. The travel and digital

goods merchants reported the highest figures, likely due to their

increased acceptance of international orders.

As per previous reports, Nigeria is the country that presents thegreatest risk; however a number of companies are blocking Africa as

a whole due to high fraud rates from the region (Chart 14). Given

the rapid economic growth of Nigeria, at some point we may reach a

decision gate where merchants choose to cautiously beginaccepting orders from Nigeria again. But that day still looks to be

some way off.

The USA remains an attractive, yet potentially high-risk, prospect for

many. Once again the USA is the country with the second highest

reported rate of fraud. This may be due to its popularity as a ship-to country; higher order volumes could open up the fraud risk if this

is not carefully controlled.

When merchants are reporting on transactions originating from high-

risk countries, there is an inconsistent approach to how theyassociate orders with particular countries. Delivery address is one

clear flag, relied on by 59%, whilst 58% look at the billing address.

IP address is examined by 46%, and just 23% look at the BIN

(Bank Information Number) country. This last piece of informationcan be valuable given that many fraudsters rely on a small number

of banks in fringe territories (Chart 15).


20/28

18

16Proportio n of Fra u d Chargebacks Received by Compa n y Size

A n n u a l

O n

l i n e

R e v e n u e

5 10 15 20 25 30 35 40 45% of Chargebacks withFra u d Reaso n -code

Very large b u si n ess25m+ 19

Large b u si n ess5m25m 35

Medi u m b u si n ess500,0005m 40

Small b u si n ess0500,000 34

Chargebacks Just Partof Fraud StoryThe survey examined in more detail merchantspractices associated with reviewing and

contesting chargebacks. Fraudulent orders are

presented to the merchant by two main routes:either via a direct request from a consumer

reporting unauthorised use of their account, or

as a chargeback from the bank.

Merchants state that, on average, 32% of thechargebacks received are reported as fraud-

coded chargebacks. This is consistent with

previous reports, as is the fact that the figurevaries significantly across industry sectors. The

latest results show a decrease in the number of

fraud-coded chargebacks seen by the travel

sector and a substantial rise for the digitalsector (averaging 40%; this high figure is being

impacted by the fact that 27% of this sectors

respondents stated that over 90% of theirchargebacks are fraud-coded).

Given the need to immediately fulfil orders,

digital merchants should look to automate their

accept/reject process as much as possible.They may also find it more challenging to

contest certain chargebacks because they haveless information about the buyer (for instance,unlike physical goods retailers, theres no

physical delivery address).

When looking at organisation sizes, this year

medium-sized businesses show the highest rateof fraud-coded chargebacks (40%), while very

large businesses have the lowest by some

margin (19%) (Chart 16). One consideration isthat the medium-sized brands might be well

established, but perhaps not quite as mature in

their operations. Thus, even though they areknown to fraudsters they may not have accessto the tools and skill sets utilised by larger

businesses to catch fraud and dispute

chargebacks.

Clearly not all claimed chargebacks are genuine cases of fraud thechargeback attempt in itself might be fraudulent. Merchants re-

present (challenge) on average 40% of their fraud-coded

chargebacks to the bank and win 39% of these. The re-presentmentrate reported is broadly similar across all sectors, although its

slightly higher for retailers of physical goods, who may find it simpler

to dispute chargebacks. For this sector, 30% of merchants re-

present over 90% of fraud-coded chargebacks. The very largest andvery smallest companies each re-present around 50% of their

chargebacks (Chart 17), many more than the middle tiers of

business who dispute closer to 31%. The smallest businesses canafford to do so because of the lower volumes, whereas the largest

businesses can because of higher staff numbers and well-ordered

processes. Given the percentage that they win, these processes are

clearly valuable.

When looking at the distribution of re-presentment rates, on average

19% of merchants are disputing over 90% of their fraud-coded

chargebacks (Chart 18), although this does vary by sector. At theother end of the spectrum, roughly the same proportion is

contesting less than 1%. This is a distribution that weve observed

for some years and is fairly typical as merchants tend to fall into

three groups: those that dispute everything; those that dispute verylittle; and the broad group in the middle that dispute some.

Interestingly, for the last three years, weve seen a peak in

merchants disputing 2030% of their fraud chargebacks; 16%reported this level in the latest survey.

Stage 4: Fraud Claim Management


21/28

19

INDUSTRY

comment

Visa Europe is seeing fraud rates at an historic low, reflecting the significant investments made by industry stakeholders in both the

bricks and mortar and card not present (CNP) spaces. Yet as we move to a new generation of payment related products andservices, we need to remain alert. Remember, when our industry first began the migration to EMV, new variants of fraud quickly

emerged.

We are approaching the cusp of another technology shift, and need to be equally well prepared. Visa Europes most significant fraud

delivery over the last 12 months has been the deployment of an enhanced detection solution (Visa Real Time Scoring); providing acomprehensive and cost effective fraud detection solution to issuing banks. This allows fraud to be identified promptly, cards stopped

and losses minimised. Aside from benefitting the issuers, the system is particularly good at identifying CNP fraud, aiding merchantstoo.

The great majority of fraud loss reported to Visa Europe relates to the CNP environment. As such, it is very important to understand

more about these losses. I recommend that you review fraud-coded chargebacks to assess which transactions they relate to, when

they were processed, the card issuer, time of day, IP address etc. this will help you to determine why the order was accepted first

time round.

In addition, speak to your acquirer to find out if you have experienced any close shaves i.e. where fraud has occurred, but you

werent liable for the fraud loss. Your acquiring bank should be aware of these as we at Visa Europe advise them. Undertaking such

analysis can help highlight where further improvements can be made to your acceptance process.

In summary, were seeing the level of internet-based business grow strongly, whilst the opportunity to evolve and enhance payments

is vast. However, there is always a criminal looking to exploit such opportunities; constant focus and vigilance remain absolutely

fundamental.

Peter BayleySVP Fraud Management, Visa Europe

17

Small b u sin ess0500,000 51

Medi u m b u sin ess500,0005m 31

Large b u sin ess5m25m 34

Very large b u sin ess25m+ 50

% of Fra u d Chargebacks Re-prese n ted

A n n u a l

O n

l i n e

R e v e n u e

0 10 20 30 40 50 60

18

90100

8090

7080

6070

5060

4050

3040

2030

1020

110


22/28

20

Sectors Showing Significant Variation

When looking at fraudulent order rates, the previous survey showed

significant divergence across industry sectors. This year we have

calculated both the mean and median averages to provide as realistic a

picture as possible. The median average is likely the most accurate way

to analyse responses; on average 1% of orders accepted later resultedin fraud. When looking at the mean, the average fraudulent order rate is

highest for the services sector; decreasing as we move across physicalgoods merchants, then digital goods, and lastly travel organisations

(who report the lowest rate).

Digital goods merchants may see less impact from fraud, since a loss

doesnt mean lost stock, and the costs of delivery are much lower. Forthe services sector, higher loss rates could have serious consequences

for the business (particularly for those services that have a cost base

associated with them that includes third parties and staffing).

% of Orders Accepted that Later Res u lted i n Fra u d Losses 19

B

>10

510

35

13

10

510

35

13


23/28

21

Adapt to Survive and GrowThe UKs online businesses continue to grow at a very credible rate,

expanding into new products and services, territories andtechnologies as soon as the opportunity is presented. This

necessitates an agile approach to managing one of the key business

threats: fraud.

The most successful and profitable companies have successfully

systematised their management of fraud, automating as many parts

of the process as they can. This typically allows business managers

to modify decision rules without assistance from internal IT staff orexternal parties so that they can adapt quickly to manage the order

review flow, tailor rules to new products and respond to new fraud

trends as they are encountered. Without this functionality,merchants cannot easily minimise reject rates or review costs and

fraud rates. Providing organisations with the ability to adjust

Fraud Remains a Finance IssueFinance departments have retained the responsibility for

managing fraud (Chart 20) inside many respondent

companies, with smaller businesses particularly placing the

problem at the finance teams door (46%). In fact, financeis the top response for all sectors. It is therefore not

surprising that the top fraud concern for many merchantsrelates directly to the revenue being lost. Largerorganisations are more likely to have dedicated Loss

Prevention departments or fold the fraud team into

Operations. The only major difference between business

sectors in the management of fraud is in the digital goodsspace, where responsibility is much more likely to lie with

the operations team (37%) than for example, physical goods

(16%).

In most businesses anecdotal evidence suggests that the

actual tracking, management and resolution of fraud is

conducted across multiple teams with finance often takingthe lead role.

.

20Departme n ts with Fra u dMan ageme n t Respo n sibility

Fin ance

38%

Oper a tions

23%

Loss Prevention

14%

Other

12%Customer

Service

13%

Tuning & Management

business rules in real-time can reduce costs as well as the burden

on IT support.

Some merchants are integrating fraud tools and strategies via fraud

management portals. These portals employ a combination of

flexible rules systems that interact with a portfolio of truth servicesaround the world, allowing business managers to set payment type,

product type and market specific screens. Case management

systems are often integrated with these portals to streamline

workflow. Global fraud portals typically include hierarchicalmanagement, as companies strive to centralise fraud management

across multiple lines of business and geographies.


24/28

22

Recognising Fraud ManagementCostsOne of the questions respondents struggle to

estimate accurately is the total cost of fraud

management to their business: a high proportion

of respondents didnt know or couldnt make anaccurate estimate. This may in part be because

those who have operational responsibility formanaging fraud are often not the budget

holders.

From those who did respond its hard to provide

guidance on precise expenditure, although thereported spend is not that different to the

previous survey in terms of its distribution (Chart

21). The figures do show a clear ratio betweenthe different business size bands: median

expenditure increases two to three timesbetween bands, with the largest businesses

spending more than ten times as much as thesmallest. This goes to show that even with

efficient fraud management processes in place,

investment in managing the problem scalesapproximately in line with revenues.

Looking ahead to 2012, most of the respondents were

willing to make predictions about how their expenditure

will change. Excluding those that didnt know, the majority(61%) expect no change (Chart 22), which may be

optimistic given their expectations for growth and that

fraud management costs seem to be growing in line with

revenue. In all, 33% expect their spending to increase

(similar across all sectors), by an average of 17%, while6% expect to see costs decrease.

21

>500,000

250k500k

100k250k

50k100k

25k50k

10k25k

5k10k

2.5k5k

1k2.5k

100%

60100%

3060%

1030%

In crease 110%

No cha n ge

Decrease 110%

1030%

3060%

Decrease >100%

1

4

19

9

61

1

4

1

Estimated B u dget Cha n ge forFra u d Ma n ageme n t i n 2012

0% of Mercha n ts 10 20 30 40 50 60 70

60100%


25/28

23

Conclusion

The UK is a leader in online business, sustaining a multi-year streak

of rapid growth by incorporating new territories and technologies in

the face of a challenging global economic climate. In 2011, we sawthe large multi-channel operators really begin to reach maturity with

their online propositions, and some of the earliest entrants into thephysical goods space becoming the digital equivalent of high-street

brands. The still young services and digital goods sectors are

growing well, and despite a tough year there is still optimism within

the travel sector. Based on our respondents forecasts, the onlinesector will continue to grow in 2012.

Unfortunately, growing revenues in online business have historically

always been matched with growing fraud losses. The fraud lossrates seem to remain relatively constant, but it is a battle in which

neither party is losing or gaining ground. As the industry gets richerso the total take by fraudsters increases. The challenge for the

industry is to keep pushing the boundaries, refining and optimisingprocesses and technologies to keep fraudsters on the back foot.

Though it is unlikely that we can ever eliminate fraud our goal must

always be to optimise profits while helping ensure the safety of thecustomer experience.

2012 looks set to be focused on optimisation, refining current rules

and systems for maximum effect but also creating platforms for

growth that allow businesses to scale to new territories andcustomer touch points. Budgets are likely to remain static so it will

be down to internal teams and their vendor partners to do more with

less, ensuring that current investments are well adapted to cope

with new channels such as mobile web, apps, and social media,each of which has its own specific requirements.

Manual review remains one area where the greatest savings can be

made. Too many merchants continue to review too many orders,wasting time and money and potentially damaging the customer

experience. By introducing more sophisticated fraud tools,

improving automated screens, and equipping the review team with

effective case management systems, merchants can cut the timetaken to analyse transactions and increase the throughput from

each reviewer. In todays world it is absolutely vital for businesses to

focus on automating what they can, and optimising what they cant.


26/28


27/28

25

CyberSource Decision Manager: Rule Consoleand Fraud DetectorsHaving more data allows you to gain more insightful correlations to

detect sophisticated fraud. Decision Manager is a hosted systemproviding access to a full range of data generated from global fraud

detectors, multi-merchant and cross-industry correlations, truth data

and more. The system comes with a business rule console thatcontrols automated screening and case routing, an advanced case

management system, plus reporting and analytics.

Payment Management SolutionsIn addition to our fraud management solutions, we provide a

comprehensive range of modular services and tools to help you better

manage your business and optimise sales results. All are available viaone connection to CyberSource.

Global Payment AcceptanceAccept multiple payment types; including worldwide credit/debitcards, regional cards, direct debit, bank transfers and alternative

options, such as PayPal. CyberSource also provides professional

services to help you integrate payment with front-end and back-office systems.

We process your payments in our high availability data centres

located in the US, Europe and Japan. All data centres are certified

PCI-compliant and include sophisticated processing management

logic to help prevent payment failures and rate downgrades.

A full array of online and exportable payment reporting capability is

available to streamline reconciliation activity. Furthermore, systemscan be installed to automate many of the tasks associated with

payment reconciliation.

Payment SecurityRemove payment data from your network; helping you streamline

PCI compliance and mitigate security risk.

Payment Tokenisation and Hosted Payment Acceptance Services:Enables you to process payments without storing or eventransmitting payment data

Payment System Centralisation: Our team of experts will help you

consolidate multiple payment systems into a single, easy to managesystem. Link legacy systems/GDS to web-based services for rapid

service expansion. Optionally, CyberSource will also host, support

and manage these centralised payment systems in our secure

datacentres

Professional ServicesWe maintain a team of experienced payment consultants withproven systems integration expertise. Our client services team is

additionally available to help you monitor, tune, or fully outsource

portions of your payment operations.

2012 CyberSource Corporation. All rights reserved.

If you would like to receive more information

about our solutions, please contact us on:-

Call +44 (0)118 929 4840

Email [email protected]

Visit www.cybersource.co.uk


28/28

Global Offices

EMEAUnited KingdomT: +44 (0)118 929 4840

E: [email protected]

DubaiT: +971 4 457 7200

AmericasWorld Headquarters USAT: +1 650 432 7350

E: [email protected]: [email protected]

Asia PacificSingaporeT: +65 6671 5010


JapanT: +81 (0)3 3548 9873


www.cybersource.co.uk

CyberSource is more than a global payment gateway we're a

payment management company. We are focused on solutions thatoptimise business results and boost revenue through active

management of the entire payment process from global payment

acceptance and processing, through to order screening, fraud

management and enterprise payment security.

Founded in 1994, CyberSource pioneered online fraud screening

at the inception of eCommerce. Today, through continuedinnovation and investment, we offer a comprehensive set of high

performance solutions for multiple sales channels. With a customer

list that includes lastminute.com, British Airways and Debenhams,we enable our merchants to sell online in over 190 markets world-wide, helping them to protect, optimise and grow their operations.

Headquartered in the United States, we have operations across theworld, including the United Kingdom, Dubai, Singapore and Japan.

Documents

2012 UK Online Fraud Report