If you’ve operated in the eCommerce space for any significant length of time, you’ve probably run up against chargebacks at least once or twice.
These bank-level payment reversals are more than minor inconveniences. Chargebacks mean lost sales revenue and merchandise, plus added fees and long-term threats to your business’s survival.
Each chargeback issued comes with a reason code meant to explain the dispute, but these reason codes are not a reliable indicator. The truth is that we can trace all chargebacks to one of just three fundamental sources:
- Merchant Error: This covers any kind of misstep in policy or procedure on your part that might result in a chargeback.
- Third-Party Fraud: Criminal activity; this covers all third-party fraud attacks involving a bad actor who impersonates a legitimate user to make fraudulent purchases.
- First-Party Fraud: Commonly known as friendly fraud. These attacks involve a cardholder who completes a transaction, then requests a chargeback without a valid reason to do so.
So, if we can source every chargeback to one of these three triggers, why is it so hard to stop chargebacks? The problem is that all three sources are interconnected. Failing to address one threat source—like third-party criminal fraud—makes it harder to defend against friendly fraud and merchant error.
All Chargebacks are Interconnected
The process of segmenting chargebacks into separate categories based on genuine source is not as cut-and-dry as you might assume. Chargeback management is a holistic process; how you respond to one threat source affects your response to the rest.
To illustrate this idea, let’s say that you manage to trace a majority of your chargebacks to friendly fraud (or first-person fraud). You dedicate your resources to fixing this problem, but that single-minded focus comes at a cost.
You might end up devoting too few resources to stopping criminals from engaging in third-party fraud. You won’t notice a problem right away, but it will build over time as the number of first-party fraud incidents grows. This would lead to preventable chargebacks going unaddressed in the short-term, plus other issues that arise in the mid- to long-term.
This creates a kind of feedback loop. It becomes harder to stop friendly fraud because you haven’t addressed that other underlying issue, and this will sabotage your efforts over time.
Pre- Versus Post-Transaction Threats
Many merchants run into trouble with segmenting first-party and third-party threat sources. The problem is that criminal fraud is pre-transactional in nature, while friendly fraud is post-transactional. You can prevent criminal attacks by identifying bad actors during the transaction process, but you can’t “prevent” friendly fraud in the same way.
Furthermore, merchant error can be either pre- or post-transactional. For example, the way you handle customer service after a transaction, can impact chargeback issuances as much as the billing descriptor that you set to appear on your customer’s statement.
That’s not to say it’s impossible to prevent chargebacks resulting from post-transactional threats, though. You just have to develop a more complex strategy.
You have to identify potential friendly fraud triggers before they cause a chargeback, which relies on detailed and in-depth data analysis. Thus, having access to reliable data is the key to protecting your business against both genuine and fraudulent chargebacks, as well as errors and other losses.
To collect useful and reliable data, you have to address every facet of chargeback management. Otherwise, you end up with a skewed impression of your situation in regard to chargebacks. This generates inaccurate data, which leads you to deploy solutions to address problems that aren’t there, while actual problems go unaddressed.
So…where do you start?
The Right Tools to Stop Third-Party Fraud Attempts
Addressing third-party criminal fraud is central to your chargeback management efforts.
When asked about the most important factors in identifying criminal activity, surveyed merchants said that customer profile was a leading indicator. If you can understand your customer on a deep level, you can spot red flags associated with fraud. However, developing a useful profile means deploying a variety of complimentary tools as part of a coordinated approach.
You can supplement a detailed customer profile with antifraud tools targeting behaviors that don’t fit this profile, including:
- Device Fingerprinting
- Velocity Limits
- Address Verification Service (AVS)
- Fraud Blacklists
- CVV Verification
- 3-D Secure Technology
Of course, the fraud risk factors you prioritize will vary based on your business. Still, using a variety of tools that target different fraud indicators allows for smarter, more accurate decisioning during the checkout process. There’s less of a margin of error in detecting fraud. This makes it a lot easier to pick out friendly fraud incidents.
For another example, imagine that a consumer files a chargeback against you. The buyer claims to have never authorized the purchase in question, but come to find out that the purchase was actually authorized by a family member, like a child or spouse of the cardholder. This would be a case of first-party fraud (specifically, a scenario known as family fraud). Without the right tools in place to rule out a third-party fraud claim, though, you could have no way to know that.
Better deployment of fraud indicators will lead to better third-party fraud decisioning. In turn, better third-party fraud decisioning enables you to identify first-party fraud more easily and respond appropriately.
Third-Party Data Helps Eliminate First-Party Threats
As we discussed, protecting your business against chargebacks calls for a multilayered strategy. Over time, you can then build up the body of data necessary to detect and eliminate both merchant error, as well as third-party fraud.
You can couple the data produced by the elimination of possible chargeback triggers with that data generated through the use of antifraud tools and best practices. This allows for a much clearer understanding of the customer experience from end-to-end. Only once you’ve eliminated merchant errors—and cut out the possibility of genuine criminal activity—can you start to tackle first-party threats like friendly fraud.