12 Best Practices for Fighting eGift Card Fraud
It’s easier than ever for fraudsters to obtain and use stolen credit card account information, with hacked accounts available on the Dark Web for just a few dollars. And that’s just one avenue.
This credit card fraudster told a local TV station the nefarious means he’d use to get stolen account data:
“I had a bartender or a waitress or a waiter on my payroll -- somebody that I can pay a couple hundred dollars to every week. If they had what we call a ‘Big Fish’ -- somebody that comes in wearing fancy clothes, pulls up in a fancy car or looks like they have money -- you know when they pay their tab, the waitress or the bartender will take a quick picture of the front and back of their credit card.”
“[Or] we could get an entire list of names and addresses and all that – [from] corrupt county workers, corrupt DMV workers, people that we paid off.”
With the holidays coming up, eGift cards are likely to be prime targets of fraudsters. Why?
- Sales of eGift cards accelerate during the holidays, making it easier for fraudsters to blend in with the increased online transaction flow.
- Criminals can hide their true identity by buying and selling eGift cards online using stolen accounts and forged credentials.
- eGift cards are easy to convert to cash using secondary gift card resale marketplaces. In just a few hours, a fraudster can make thousands and thousands of dollars.
What can you do to thwart them?
Here are 12 best practices to protect against the double whammy of eGift card fraud.
(Whammy #1: chargebacks on the fraudulent transactions, and Whammy #2: having to honor the fraudulently purchased eGift cards when redeemed by consumers who bought them from secondary gift card resale marketplaces)
- MULTIPLE, ADVANCED SCREENING TECHNOLOGIES. A single tool like Device ID can be circumvented fairly easily by fraudsters. The more technologies you deploy, the harder it is for fraudsters to defeat fraud screening.
- MULTIPLE STAGES. Put checks in place before authorization (e.g., velocity checks), at authorization (e.g., risk scoring), and post-authorization (e.g., Dynamic Monitoring).
- REQUIRE ACCOUNT REGISTRATION. Create additional friction for fraudsters and force them to look elsewhere for easier targets.
- Block and/or detect bots by using CAPTCHA and other biometric solutions that reveal non-human conduct.
- TWO-FACTOR AUTHENTICATION (TFA). Require confirmation by SMS text message, for example, to thwart criminals that have taken over accounts using stolen user names and passwords.
- ALL PAYMENT TYPES. Don’t limit growth by using a fraud solution that makes it harder or riskier for you to enter new markets or channels.
- DEVICE NEUTRAL. Make sure you can apply the same multi-layered approach and multiple screening technologies no matter how or where a transaction originates.
- STANDARDIZED POLICIES. Publicize policies for customer refunds, chargebacks, and “stolen” eGift cards and train customer service reps on them.
- REAL-TIME DATA ORCHESTRATION. Get additional insight on borderline transactions by accessing third-party data sources.
- ADVANCED AI & MACHINE LEARNING TECHNOLOGY. Use the extraordinary power of technology and Big Data to better assess fraud threats in low-information scenarios like first-time fraud.
- EXPERIENCED HUMAN INTELLIGENCE. Make sure your fraud prevention solution is developed by a provider with deep and broad antifraud expertise in the eCommerce world.
- INTEGRATED, COMPREHENSIVE FRAUD PREVENTION SYSTEM. Avoid standalone or ad hoc tools that can leave you vulnerable in certain areas or that create isolated silos of data that restrict your ability to respond to fraud attacks in a comprehensive manner.
Get the full story on eGift card fraud. Download the eBook “eGift Card Fraud: The Gift That Keeps On Taking” and find out how you can boost sales this holiday season—including eGift cards—while protecting against the multiple fraud techniques that target this fast-growing segment in online sales.