The rate of change has never been greater — or faster — for the footwear industry, with new challenges popping up every day in nearly all corners of the business, from navigating cash crunches and supply chain issues to understanding the latest technological advances. In its “Ask An Expert” series, FN asks industry leaders — all solutions-based providers — to take on some of the most timely topics.
Retailers across the footwear industry have been embracing e-commerce, but the focus is commonly on convincing the customer to make the purchase — the checkout itself is an afterthought. But a seamless checkout function can not only improve the consumer experience but also protect merchants from e-commerce fraud, which is a growing threat.
Yitz Mendlowitz, CEO and co-founder of SaaS anti-fraud solution Paay, spoke to FN about the most vulnerable parts of the checkout process for small and medium-sized businesses (SMBs), plus the newest developments in verification technology and an unexpected — free — way that merchants can cut down on friendly fraud.
FN: When verifying payments in e-commerce, what are the most important factors that need to be checked?
Yitz Mendlowitz: There are two types of credit card transactions: ‘card present,’ which means physically swiping the card, like in brick-and-mortar; and then ‘card not present,’ which means manually keying in that card information when buying over the phone or online. Generally, the more information you can give to the banks and the card networks, the better it is. A very basic and standard checkout form can’t really handle passing a ton of information through to the issuers; the legacy system wasn’t built to handle it. But, at the very least, you want to ask for the billing, shipping and cardholder information.
At the next level, now the networks themselves have created protocols where you can pass significantly more data to the card issuers. The protocols allow you to do device fingerprinting, so you can use the device I.D., location, IP address, keystrokes, plus the metadata that the issuers have on the consumers themselves. This allows them to determine in real time if it’s that cardholder.
FN: For SMBs, in particular, where are they most vulnerable to payment fraud?
YM: Surprisingly, the most common form of fraud is friendly fraud: It makes up about 75-80% of all fraudulent transactions. The example I like to use is, let’s say my wife buys a pair of Louboutin shoes. The merchant has a return policy of 30 days, but once you wear the item, you can’t return it. Say my wife wore them out but doesn’t like them. If she calls up the merchant to take them back, they’re not going to accept it. But what she could do is call up the bank and say, ‘I never authorized the transaction.’ It’s actually the merchant who’s liable for fraud, in that case.
Fraud is not something that brick-and-mortar stores really worry about because it’s not their problem if it ends up being a fraudulent transaction — it’s the bank’s. In e-commerce, because these transactions are [digital and] card-not-present, it becomes a merchant’s problem. That’s generally where the majority of SMBs are most vulnerable.
FN: How can retailers balance a comprehensive verification process with an easy and smooth checkout experience for the consumer?
YM: It’s definitely evolved significantly where you can pretty much have a frictionless experience for a lot of those transactions. Amazon probably has the best fraud tools in the world: When you go onto Amazon’s website and start shopping, within a matter of seconds it already knows if it’s you. Keystrokes, devices, all these types of things [verify you]. Then there are third-party fraud tools out there, or the network protocols themselves, that have created ways of doing it in a completely seamless and frictionless way. So you will never have to change your checkout experience with a lot of the fraud tools that are out there. You can have it where the cardholder comes and says all their information, click submit and it goes straight through for processing.
FN: Are there any misconceptions that SMBs may have about introducing a fraud-prevention policy, that you can dispel?
YM: There are methods of doing it where it doesn’t impact your conversions in any sort of way, like through the networks themselves. There are so many different ways that we are now making payments in a card-not-present environment, that the networks themselves are finally understanding that. They are shifting the onus of who’s going to be liable for fraud off the merchants and onto the issuers. And they’ve created tools and solutions that are out there that do it in a way that doesn’t impact your conversions.
FN: For companies that feel unable to implement a comprehensive verification solution, what are some steps that they can take to create a more robust system?
YM: If you’re one of those merchants that sees high instances of friendly fraud, sometimes it’s as simple as picking up the phone and calling the customer. It’s easy for someone to make a friendly-fraud dispute with e-commerce because they have usually had no human interaction. They don’t actually see a human being that they’re screwing; they are just sitting behind their keyboard and disputing that charge. As soon as you have that human interaction, that’s where it changes. Technically, friendly fraud has existed as long as credit cards have been around, but it’s never been a big problem in the brick-and-mortar world because people have a human interaction. They are generally reluctant to lie about something once they’ve spoken to a human being. So even if it’s an email, something that is personalized a little bit could go a long way to stopping some friendly fraud.