Mitigating Cross-border eCommerce Fraud

Last week we hosted a webinar to discuss key challenges to cross-border eCommerce, based on our “Grow Cross-border eCommerce and Mitigate Fraud” eBook. Trevor Nies, Sr. Director of Payments, Risk Operations & BI at Microsoft, participated and shared anecdotes and best practices throughout the webinar.
Trevor has an extensive background in eCommerce payments and risk management. His team supports payments and fraud in all global markets at Microsoft—from Xbox to Azure purchases. Here are a few of the key challenges we discussed and considerations when developing strategies to overcome them:
Challenge #1: Consumer identity data varies by region
Unfortunately, there is not yet a global standard for customer identity verification. Country-by-country variations in the availability, format, and reliability of individual identity data make it hard for companies to adopt a consistent, comprehensive approach to verifying a customer’s identity.
Email has been one of the biggest identity data points that merchants would leverage. However, it’s no longer enough to prevent fraud on its own. Now companies are also relying on device identification, behavioral analytics, and other identity data such as phone number, residential address, and IP address.
When applying checkpoints to the purchasing process, it’s also important to think about the customer experience by region. Some countries are used to a lot of friction when creating an account or making a purchase. For example, some customers may have to log into their bank and push funds to buy something. In those countries, it might be fine to apply more checkpoints without creating a negative customer experience.
Challenge #2: Fraud tactics constantly evolve and get more sophisticated over time
Cyber criminals are always testing new tactics to circumvent fraud management systems. In addition to chargebacks, friendly fraud, and account takeovers, merchants are dealing with synthetic identity fraud (falsified identity based on a combination of real and fake information), massively multiplayer online game fraud, and retail crime groups.
Trevor shared that Microsoft was selling Xbox games in Ukraine at a much lower price point than other countries. Soon, people around the world were gaming the system by buying games from Ukraine and then using them elsewhere. Microsoft instituted better processes to deal with price arbitrage.
Challenge #3: Fraud risk varies by region
Some regions of the world are simply less risky for cross-border eCommerce. Lower levels of risk can be associated with a combination of factors, including the availability of consumer identity data, security of payment methods, and population density.
Trevor’s team constantly evaluates risk rules to understand where they can be loosened and tightened in individual countries around the world. In our eBook, we listed Indonesia, Venezuela, Romania, Brazil, and South Africa as being at a higher risk for eCommerce fraud. Trevor added Vietnam to our list. At one point, Microsoft rejected almost every eCommerce transaction from Vietnam. However, the field in Vietnam advocated for the market and pushed for better ways to identify good customers. They did, and it has become an important market.
Solution: Use a multi-layered approach to approve more cross-border transactions and avoid fraud
The demands of global commerce and risk management have given rise to a multi-layered approach to verifying identities—one that correlates common customer identity data such as phones, emails, behavioral analytics, device identification, and existing profile information.
Trevor’s team uses multiple data elements in making decisions. They look at a variety of data sources—including internal data—to make sure an email connects to a person, a phone connects to an address, and so on.
Individual data attributes are important, but linkages are exponentially more powerful, especially when it comes to verifying a new customer where a company has no history or data. Trevor’s team has built a knowledge graph with hundreds of millions of accounts and they will leverage external data sources to strengthen their knowledge graph further.
This is where we partner with Microsoft. They use the Ekata Identity Check global identity data solution to help them identify fraud and speed good transactions to clear. In a single API query, Identity Check returns match statuses and risk signals around the five key consumer data attributes of name, address, email, phone, and IP address. It leverages the Ekata Identity Graph™, which houses over 5 billion global contact records and curates 1 million linkages per day to connect these consumer data attributes.
As Trevor concluded, “You know you have a good product when fraudsters are after it.” While that’s a good problem to have, companies need to determine what controls to put in place. It takes a series of trial and error to get to the right levels of friction and good customers. It’s our hope that by sharing this information and best practices, we can help your organization get to those right levels more efficiently.
Read the Grow Cross-border eCommerce and Mitigate Fraud ebook to learn more about the challenges discussed today and ways to overcome them.

Start a Free Trial

See how Ekata can reduce fraud risk for your business, contact us for a Demo.