While credit card companies have consistently maintained that credit card fraud is no more prevalent online than in traditional forms of commerce, a number of experts are disputing the notion.
According to Alvin Cameron, Credit/Loss Prevention Manager for online fulfillment house Digital River (Nasdaq: DRIV), an estimated 20 to 40 percent of online purchases are fraud attempts. Accordingly, Cameron says, e-tailers are now facing a do-or-die proposition.
“Merchants who cannot control the flood of fraudulent purchase attempts will soon be out of business,” he said.
Merchants Shoulder the Risk
Contrary to popular belief, Cameron says, it is the merchant — not the consumer — that has the most to lose from credit card fraud. While federal laws limit consumer liability to $50 (US$), credit card companies force e-tailers to eat the entire loss.
When a consumer indicates an instance of fraud, the disputed amount is removed from the merchant’s account and credited back to the customer. This “chargeback” comes with a standard fee of $15 per instance.
In an effort to minimize its exposure, MasterCard will now fine merchants if chargebacks are one percent or higher of total sales transactions, or 2.5 percent or higher of total sales volume for more than two consecutive months.
One merchant told the E-Commerce Times that these rules could well force smaller e-tailers off the Web. However, many observers believe that MasterCard is merely trying to punish large merchants that the company sees as having lax credit card authorization policies.
Sophisticated Security Required
According to Cameron, online merchants have been forced to develop sophisticated security protections that go far beyond the normal security approval process by the credit card companies. At present, credit card companies only verify if a credit card number is correct and then match the number against the customer’s billing address.
“Doing business on the Internet is the equivalent of having someone walk into your store wearing a ski mask without any ID and offering a bank counter check to purchase a $2,000 stereo system,” said Cameron. “While no brick-and-mortar store would make such sale, Internet merchants have to do it all the time.”
When Will it Bottom Out?
Cybercrime in all forms shows no signs of letting up any time soon. Late last week, for example, MSNBC reported that Visa quietly informed select merchants that 485,000 credit card numbers were stolen from a major e-tailer in January 1999. According to the report, the company covered up the issue.
MSNBC also reported that the file was stored on a prominent government computer and that the perpetrator was thought to have been traced to an Eastern European country.
By all accounts, e-tailers now find themselves in an ironic position. If consumer fears about online security dampen enthusiasm for e-commerce, merchants will find themselves being squeezed on both ends.
Is There a Solution?
While there do not appear to be any simple solutions, Cameron believes that potential cyber-criminals should now think twice before committing credit card fraud. This type of activity has long been considered too small to bother with, but Cameron points out that using credit cards fraudulently is quickly becoming “identity theft” — which was recently defined as a serious federal felony.
He added that he is now working with more than 100 different federal and state police agencies to prosecute cyber-criminals. “No matter what they think,” he said, “they leave digital fingerprints and can get caught.”
Likewise, FBI special agent Charles Neal suggested in a recent E-Commerce Times interview that cyber-criminals should bear in mind that society is demanding that these criminals be punished.
“We are planning to add more resources to do that,” Neal said.