Achieving Payments Optimization Part IV: Fighting Fraud


Grace Greenwood

Community Knowledge Lead

March 8, 2024

March 8, 2024

March 8, 2024

Welcome back to our series on achieving payments optimization! In our previous posts, we explored strategies for maximizing revenue potential and optimizing the total cost of payment acceptance. Now, let's delve deeper into a crucial aspect of payment optimization: decreasing fraud risk. 

If you’re joining us for the first time, we recommend starting with the first post in this series: Achieving Payments Optimization.

The Problem with Fraud

Fraud isn’t just a problem for commerce businesses, it’s often the problem. Beyond the direct loss of revenue from fraudulent transactions, fighting fraudulent chargebacks is an expensive endeavor that can drive up your operational costs. This includes losing out on the original sale and the processing fees paid to accept it, chargeback fees charged by payment service providers (PSPs) to process disputes, and the time and resources spent fighting fraudulent chargebacks. Sometimes additional vendors are needed just to manage this, adding even further costs. In severe cases, excessive fraud chargebacks may lead to enrollment in expensive dispute-monitoring programs by card brands.

Fraud-Fighting Tactics

As technology evolves and more commerce moves into the card-not-present space, fraud has become increasingly sophisticated. Fraudsters continuously adapt their tactics, making it imperative for businesses to optimize their payment processing by mitigating risk. Here are some key strategies to combat fraud:

  • Customize Fraud Rules: Tailor your fraud rules with each payment processor or your fraud platform provider to detect and prevent fraudulent transactions effectively. By analyzing transaction data to identify patterns indicative of fraud (e.g. BIN values, issuing banks, issuing countries, card types, etc.), you can configure rules to flag suspicious activities.

  • Real-time Fraud Detection: Proactive monitoring and detection of fraud attacks as they occur is essential to minimize losses and protect your business’s reputation. If you don’t find out about a fraud attack until the fraudulent chargebacks start rolling in, it’s even harder to mitigate associated costs.

  • Chargeback Response Optimization: Optimizing your response to chargebacks is critical in reducing the financial impact of fraudulent transactions. By implementing efficient dispute resolution processes and providing compelling evidence to refute fraudulent claims, you can increase your chances of winning chargeback disputes and recovering lost revenue.

Going From Reactive to Strategic with Data

If the quest for payment optimization hinges on fraud mitigation, then your business needs to design a comprehensive and adaptable strategy for fighting fraud. Even more, you need data on how that strategy is performing across your key payments metrics to really understand if and when you need to make changes. And when we say data, we don’t just mean the count of how many carding attacks you stopped, but also how your overall revenue and approval rate fluctuated in response to any new tools and rules you implemented. 

At Pagos, we understand that nothing empowers you more to protect yourself from fraud than the ability to visualize fraud metrics in the context of your overall payment metrics. Our payments data aggregation and visualization platform, Peacock, offers powerful data dashboards covering every aspect of your payment processing ecosystem, allowing you to combine your fraud rule data with standard payment attributes and metrics. With real time and historical data from all your payment processors harmonized together in one place, you can identify if your fraud strategy is protecting you while still allowing your business to grow and acquire new customers.

One of the main ways Peacock enhances fraud system orchestration is by making it easier to segment your payments data into important verticals so you can catch the early warning signs of where your fraud rules may be too restrictive or not protective enough. For example, the Decline Codes dashboard demonstrates your declined transaction volume over time, broken down by the assigned decline reason codes and other identifying traits such as payment method or stored credential type. With this dashboard, you can single out suspected fraud declines to look for trends. When your fraud rules are configured correctly, you should expect to see big spikes of suspected_fraud or refer_to_issuer declines as a proportion of total declines. If that’s not the case, then something has changed in the attack patterns and your rules may need a tweak. Equally important is understanding which payment methods see the biggest change in volume or declines over time. You may stop accepting a payment method that’s favored by fraudsters (such as non-reloadable debit cards) or promote alternative payment methods with more security. In extreme cases, you may move out of markets where the fraud cost is too high. 

If you’re employing fraud fighting technology like 3D Secure (in countries where it isn’t required), the data in Peacock can also help you confirm if the added security is worth the cost of implementation and doesn’t negatively impact your website sales funnel. 3D Secure can be extremely beneficial, as it both challenges fraudsters at checkout and shifts chargeback liability from your business to the issuing bank. That being said, your business pays fees every time you process a 3DS transaction, meaning there’s a literal price tag on your reduced fraud risk. Additionally, 3DS checks can occasionally block valid transactions, meaning you’ll have to spend more marketing money to replace those prospects with new buyers coming through your website. Using the 3D Secure dashboard in Peacock, you can visualize the frequency by which you employ 3DS, including a breakdown of the 3DS version used. You'll also find data on the success rate by processor for 3DS transactions, and the response code breakdown for these transactions. Only with this complete picture can you feel confident in continuing with or even expanding your 3DS strategy, whether through your PSPs or a third-party 3DS solution provider.

Real-Time Fraud Detection

If Peacock empowers you to assess the effectiveness of your fraud response strategy, Canary offers a solution for making strategic adjustments to it in real-time. This powerful data anomaly detection service monitors all your payments data from each processor and alerts you when specific metrics deviate away from a desired value or your historical norm. As such, Canary significantly reduces the work and time needed to see when a fraud rule or tool might not be effective in a market or channel, allowing you to find out at the moment when you need to make changes. 

In your Canary account, you can build out completely custom triggers to monitor any desired segment of your business. Say you identified prepaid cards as the payment method of choice for most fraudsters attacking your business; you can configure a trigger in Canary to monitor only transactions made with prepaid cards and alert you when transaction volume spikes, approval rates drop, or even when the volume of declines with specific decline codes changes unexpectedly. Ultimately, Canary is the tool for staying on top of any anomaly that may indicate fraudulent activities.

Dealing With Card-Reissuance

Thus far, we’ve discussed fraud only in the context of how it impacts businesses when fraudulent parties attack them. Another side of fraud is an experience customers across the globe know all too well: fraudsters stealing their payment credentials. While this issue directly impacts customers who have to dispute charges with their bank and request new card details, fraud of this kind has a trickle-down effect on businesses like yours. When a customer’s card is reissued, the PAN you’ve stored on file for them no longer works; the customer will need to manually log into their account and update their payment credentials before you can ever charge them again. This added friction often results in customer churn, especially for recurring business models.

Pagos offers two solutions for protecting your business from this inevitability: Loon and Toucan. Loon is a global account updater service, designed to keep vaulted card credentials from all four major card brands (Visa, Mastercard, Discover, and Amex) up to date. Whenever a customer’s stored card is replaced—whether due to fraud or simply because it expired—you’ll receive the updated card details automatically, all without any work from the cardholder themselves. Similarly, our network tokenization service—Toucan—eliminates the need for manual card updates by replacing stored card credentials with secure network tokens. Network tokens are inherently decoupled from their underlying card, meaning customers can make purchases from you even when their card information changes. When you employ services like Loon and Toucan, your customers never have to manually update their cards on file to maintain a relationship with your businesses.

Payments Optimization Continued

Commerce businesses must always remain vigilant and proactive in combating fraud. Neglecting to address fraud risks can have dire consequences, including financial losses, damage to brand reputation, and potential legal liabilities. Moreover, fraud not only impacts individual businesses but also undermines trust in the broader e-commerce ecosystem, affecting consumer confidence and industry stability.

Stay tuned for the next installment, where we'll explore advanced strategies for better understanding and serving your customer base. If you’re new to this series, be sure to catch up on the first three installments:

Share on LinkedIn
Share on X
Share on Facebook