By Jeff Domansky

A 15-month research study by global payments provider Vesta shows that from 10% to as many as 13% of card-not-present (CNP), online transactions may be fraudulent.

Vesta CNP fraud report

Coupled with annual e-commerce growth of 32.4% in the US and 27.6% globally, the result is tens of millions of dollars of lost revenue by fraud, the cost of chargebacks, and impact on company reputation and future consumer business.

Balancing fraud prevention with maximum transaction approvals

Between January 1, 2020, and March 31, 2021, Vesta tracked transactions globally by merchants on its platform. The resulting picture from millions of transactions and billions of dollars is the growing impact caused by card-not-present fraud.

CNP fraud risk

“If you’re an eCommerce business doing 5 million transactions per year and 13% of those are fraudulent, you’re looking at 650,000 bad transactions, and if each one of those comes with a $25 chargeback fee, you’re now looking at more than $16 million in fees,” said Ron Hynes, CEO of Vesta. “On the other hand, if you decline too many legitimate transactions in an effort to fight fraud, you end up with significant losses.”

It’s a demanding business balancing act.

He compared the same merchant doing 5 million transactions per year with an average order value of $125 and blocking 30% of all transactions when only 13% were fraudulent.

“They’re now losing more than $100 million in annual revenue. That’s what makes CNP fraud such a challenging problem to deal with – you have to strike the perfect balance between fighting fraud while maximizing approvals of legitimate transactions,” Hynes said.

Fraud incidents down slightly, total average cost jumped

Vesta’s research showed a wide range of fraudulent attacks on individual merchants ranged from 0.8% to more than 35%, depending on the merchant, industry vertical, and location.

Fraudsters target some products/verticals more than others. “Products that are cash equivalent (such as e-gift cards, e-wallet transfers, or gambling purchases) or have high resale value (such as jewelry or collectible items) are often specifically targeted, although the particular products can vary by geography,” Hynes noted.

Vesta global fraud overview
CNP fraud via Vesta

In Q2 2020, when online sales jumped with the onset of the pandemic, the percentage of CNP fraud dropped to 12% of transactions, compared with 13% in Q1 2020. Unfortunately, the average fraudulent transaction rose 10% from $126 to $139 per transaction in Q2 2020.

In Q4 2020, fraudulent transactions decreased to 10% during the heavy holiday sales season. However, aggressive fraudsters pushed the average dollar amount of fraudulent transactions to $155, a substantial overall increased impact given the more significant number of total holiday transactions in Q4.

Regional fraud raises concerns

Fraud varies considerably by geography, industry, and the maturity of e-commerce in regional markets.

fraudulent Mexican CNP transactions

The US showed fraudulent transactions ranging between 2% and 4% and average fraudulent transactions between $149 and $180 depending on the time of year.

By contrast, Mexico suffered fraud ranging from 18% to 26% over the same timeframe (Q1 2020 through Q1 2021). The average value of fraudulent Mexican transactions ranged from $98 in Q3 2020 to $155 in Q4 2020.

Hynes explained Mexico’s e-commerce market is still developing compared to the US. “Countries with low credit card penetration, such as Mexico, typically have less mature processes at both the merchant and the banks for fraud mitigation and so tend to be somewhat higher risk than countries like the US or most of Europe that have a long history of heavy spending by consumers with credit cards.”

Data signals fraud warning signs

What can merchants look for in tracking CNP fraud?

Vesta highlights two types of CNP fraud to watch out for.

CNP fraud maze

Direct links are easier to spot, such as five orders coming in for the same item from the same email address.

Indirect CNP fraud links show no obvious patterns among a more complex web of elements such as email addresses, payment devices, and phone numbers. As a result, they’re more difficult for merchants to identify without the help of sophisticated, effective tracking tools built on signals based on big data and AI.

The average fraudulent transactions for direct links ranged from $100-$122 during the research timeframe. By contrast, indirect links ranged from $114-$207, presenting a much larger and more expensive CNP fraud impact.

Covid drives e-commerce growth & CNP fraud

Digital Commerce 360 reported US consumers spent more than $861 billion online in 2020, a 44% increase over 2019. That represents nearly three times the 15.1% growth in 2019 in the US. In addition, global 2020 e-commerce sales grew 27.6%, reaching more than $4.28 trillion, and online sales are on a fast-rising growth trajectory.

There’s increased CNP fraud growth on the horizon, too, according to Vesta’s research. For example, the average fraud transaction reached $134 in Q1 2021 compared to $126 in Q1 2020.

As fraudsters get more sophisticated and ingenious in their cybercrime, their future appears bright.

Businesses face the challenge of striking the right balance between real-time fraud prevention and maximizing transaction approvals using better data tools and local payment preferences. “There’s no one-size-fits-all solution for preventing CNP fraud, so merchants need to look carefully at where the fraud is taking place and adjust their approach as needed,” Hynes cautions.

Portland-headquartered Vesta processes billions of dollars in transactions annually and provides merchants with fraud prevention solutions based on machine learning from more than 26 years of transactional data. You can download Vesta’s free Analyzing the Evolution of Card-Not-Present Fraud Q1 2020 through Q1 2021 report here.

Recent PaymentsNEXT fraud coverage:

Stunning rise of CNP fraud and how merchants can fight back
Global payment fraud jumped 69% in the past year