Yahoo Stores features ‘automatic’ PCI compliance for secure payments, among other options.
(Page 2 of 2)
All told, including the cost of Kount, Stuffspot now keeps about 75% of what it used to lose to fraud. These savings come from requiring fewer staff paid to do manual reviews and fewer chargebacks and lost goods. Ilene declined to tell how much she pays for Kount, but says it was cheaper than other competitors she researched. Each LexisNexis check costs an extra $0.35-$0.75 she says, although she can direct those checks to run on only certain transactions; Targusinfo is similarly priced. "And I'd rather pay somebody to stop fraud than pay the fraudster," she says.
Retailers acknowledge that maintaining thick armor may mean they miss out on some legitimate sales, and they adjust their fraud-detection thresholds to ensure that the financial benefits of being careful outweigh them.
Letendre at PC Game Supply says he knows he blocks some good transactions with ThreatMetrix, but he works to keep those to a minimum. Blocking the bad even if he must swallow some good sale losses is vital, he says, because PC Game Supply is required by merchant processors to keep its chargebacks below 1% of gross revenue, otherwise it's fined or could lose their services.
He evaluates a new rule based on how it would affect the last 30 days of transactions. If the majority of legitimate transactions would still have made it through, he says he knows the rule is specific enough that he's not catching too many false positives.
PC Game Supply has gone from manually reviewing 100% of transactions two years ago to just 6% today, Letendre says. He's been able to save about $8,000 in payroll per month because he requires fewer employees to complete the checks. When he needs more help, he outsources excess work to India.
In that time, business also doubled for the retailer, he says. Without manually reviewing every order, transactions go through much quicker than before—a few minutes rather than 30 or 60, he says. "That's a big deal for customers purchasing digital products," he says. "The fact that they know they will get it right away has absolutely increased our sales."
E-retailers may be doing their best to arm themselves like Fort Knox, but crafty thieves still find ways to get around their defenses.
On Aug. 14, 30 transactions from 30 new fake accounts got past PC Game Supply's defenses, resulting in total losses of $1,800. All were traced to computers in Australia, Letendre says. A similar attack originating in China hit the retailer in July.
"It's not huge scale, but it could be a couple thousand dollars if you don't catch it right away," he says. And because PC Game Supply sells digital goods, once a product is redeemed it's gone forever.
Whenever a group of criminals attacks this way, Letendre immediately holds a conference call with his staff and experts from ThreatMetrix to figure out how to plug security holes. For example, they found a commonality in not only location but software with the Australian criminals upon which to base a rule, he says.
Like panning for gold, automated technologies to detect fraud help retailers sieve bad transactions out of the good.