Top three cardholder not present (CNP) fraud methods

Shopping online is the new norm. While before the pandemic e-commerce sales made up only a single-digit percentage of revenue for many retailers, online sales are now generating a revenue of 33% of retail sales, according to Signifyd’s e-commerce data report.

But the surge in e-commerce sales also gave rise to innovative fraud rings. With that, card-not-present fraud (CNP), where a cardholder does not present a card to a merchant in person, evolved into more sophisticated methods than ever before. In 2020, annual losses on card-not present fraud on UK-issued debit and credit cards reached £452.6mn.

Today, we explore the most popular CNP fraud methods that are hurting the e-commerce ecosystem to help up your game and catch fraudsters earlier.

Unauthorised reselling

One of the biggest fraud threats of our time is unauthorised reselling. Fraudsters become retailers themselves by reselling highly desirable products without consent, which are in short supply due to the strangled supply chains.

Recently, fraudsters have added a new twist to the method. They use bots to take control of the limited inventory and cash in on the scarcity. This practice is not necessarily illegal, but it is a violation of the retailer’s policies.

During the 2020 holiday season, the PlayStation 5 was a hot buy, and fraudsters decided to take advantage of that. With the use of bots, they quickly bought thousands of PS5 units and advertised the haul on social media with prices ten times as high as the original one.

Similarly, one single cardholder bought £14,302's worth of Air Jordan sneakers and filed multiple chargebacks, claiming it wasn’t him who made the purchase. However, he boasted on social media about the big buy, and that got him caught.

You can minimise return fraud by deploying a fraud prevention tool that uses machine learning and automation to stop fraudulent purchases and help you approve more good orders, thus optimising your revenue.

Item not received         

In their attempts to offer a seamless customer experience and choose a delivery method based on costs and speed, retailers often opt for delivery policies that leave a lot of room for fraudulent attacks. That’s especially true for retail giants, such as Amazon, because fraudulent orders can easily remain unnoticed. Moreover, such retail giants often have a set budget that takes into account losses due to fraud. Nevertheless, some small businesses also have easily exploitable delivery policies.

Some policies can fall foul of item not received fraud (INR). Both professional fraudsters and typical customers can file a false claim that an ordered item was not received, resulting in a refund.

In a recent Signifyd survey, more than 30% of UK respondents admitted to having filed a false INR claim, with the number being higher than in a previous survey that was carried out shortly before the start of the pandemic.

In order to reduce INR fraud, retailers can work with delivery companies to obtain proof of receipt, make the act of making a claim more difficult, and disable automated refund requests.

Return fraud

Another post checkout fraud that’s been on the rise is return fraud, and it’s affecting online stores much more than physical ones. In fact, returns to brick-and-mortar stores usually run in the single-digit percentages, while online returns can run between 25% and 40%.

In 2019, return fraud worldwide was costing £72mn. With the added associated costs, such as shipping, inspecting, and disposing of fake returns, this number is even higher.

There are various types of return fraud. The most widespread type of friendly return fraud is wardrobing. The customers would purchase expensive items of clothing and accessories, wear them, and then return them with the tags still on.

But other professional fraudsters are becoming more innovative in their return fraud methods and making use of the fact that retailers are offering a refund as soon as the package is scanned for shipment. They started filling the packages with items of the same weight as the original product – from a potato for an iPhone to toys and candies for high-end electronics, fraudsters’ imaginations run wild.

Today’s e-commerce fraud landscape is looking more elaborate than ever. However, that’s not a reason for dismay. Retailers are equipped with modern tools that use automation and can catch fraud in its footsteps in order to provide a frictionless customer experience and reduce losses for the merchant.

About the author: Ed Whitehead is Managing Director EMEA for Signifyd, an e-commerce fraud protection platform. He leads a team dedicated to the expansion and support of Signifyd's European client base.