Credit Card Processing, Scams and Fraud

The Rise of Friendly Fraud – and What You Can Do to Prevent It

by

July 11, 2018

There is nothing friendly about fraud – it is criminal. “Friendly fraud” refers to apparently legitimate customers using their own names, addresses and credit card numbers to make an online purchase but later disputing the charge with the credit card company. A more accurate term for this behavior is “cyber-shoplifting.”

While credit card theft and other common types of fraud are decreasing because of EMV chip cards and new security technology, low-tech friendly fraud is on the rise. Remember, EMV cards don’t provide any additional protection for you or customers in ecommerce transactions. If you run an ecommerce website, it’s worth knowing about the tools to protect yourself.


The Cost of Fraud

In a typical friendly fraud scenario, a business ends up in the red to the tune of $3.08 for every $1.00 in chargebacks, according to the 2014 Lexis-Nexis True Cost of Fraud Study. How is that possible? Remember, a chargeback doesn’t just include refunding the amount of money that was paid. It also includes chargeback fees, shipping costs, processing fees, penalties, and employee time, all of which were calculated into the Lexis-Nexis study’s number.

Friendly Fraud ExplainedFraud infographic

It’s possible that a family member made a purchase and the primary cardholder doesn’t recognize the charge. That’s an honest mistake, and one that’s easily rectified by an honest consumer. Cyber-shoplifters engaging in friendly fraud are no more honest than in-store thieves. People commit friendly fraud to get merchandise for free or because they can’t pay their minimum balances with a particular charge on the bill. Others falsely claim goods were damaged, and the merchant may ship a replacement without demanding return of the allegedly impaired items.

Recognizing Potential Friendly Fraud

As with any economic crime, there are certain types of transactions more vulnerable to friendly fraud then others. Carefully scrutinize the following:

  • International orders – friendly fraud occurs three times more frequently on foreign than domestic orders.
  • Unusually large orders – also unusually attractive to fraudsters. These large orders pertain either to a large dollar amount or an extremely large number of items.
  • Order risk – for small businesses, certain orders don’t make sense. It may vary according to retailer, but if the scope or type appears fishy, it merits further verification.

Be sure to familiarize yourself with zip codes that are more fraud prone, and check those orders carefully.
This infographic from Experian gives some of the zip codes associated with high fraud levels. Click image to enlarge.

You can also download Experian’s list of the 100 zipcodes most prone to fraud:

Download list of shipping zip codes.
Download list of billing zip codes.

Serial Offenders

While some friendly fraud perpetrators may only attempt a phony chargeback once or twice, many are serial offenders, meaning they repeatedly defraud online businesses. If it’s legal in your jurisdiction – certain consumer protection laws forbid their use – obtain lists of serial offenders through data-sharing services. Your processor may be able to block transactions made with cards previously used in friendly fraud situations.

Chargebacks

Several types of purchase reversals are lumped under the general term “chargeback”, including purchases from lost or stolen cards and friendly fraud purchases. However, in December 2014, CBS News reported that a whopping 86 percent of chargebacks are fraudulent. Think about it – only 14 percent of chargebacks, less than one in six, are legitimate. You may have become resigned to not fighting chargebacks, instead calculating them as part of the “cost of doing business.”

There’s no question the odds are stacked against you. The business bears the burden of proof in what often devolves into a “he said, she said” situation. Even if you prevail, the chargeback is still part of your overall chargeback rate.

Too many chargebacks not only affect your bottom line as criminals steal your merchandise, but lead to:

  • High fines and fees
  • Damage to your reputation with banks and processors
  • More administrative work
  • Cash flow problems

In the worst-case scenario, your processing account may be closed, leaving you unable to process credit card orders. In e-commerce, that’s tantamount to going out of business.

Protecting Your Business

There are relatively simple ways to protect your e-commerce business from friendly fraud, whether preventing it in the first place or prevailing in a chargeback representation. There are tools you can use at each step of the purchase, described in order below:

Send Confirmations

Send a confirmation email to every client. Go a step further and use an electronic signature page. These pages make the terms of the purchase and customer agreement clear.

Require CVV2

Always require the card verification value, or CVV2 number at the time of purchase. That security number on the actual card proves the person making the purchase has possession of the card, not just the card’s number. The presence of the CVV2 on your receipt can aid you in chargeback disputes.

Utilize 3-D Secure

Consider participating in 3-D secure payer authentication services such as Verified by Visa and MasterCard SecureCode. Depending on the participants in each transaction, your liability for chargebacks may be minimized. There’s a possible downside – some customers hate having to use the necessary passwords. On the plus side, those who hesitate to shop online because of identity theft or fraud fears welcome this protection.

Use AVS

Address Verification Service () is an anti-fraud tool that when combined with delivery signatures can significantly increase your chances of winning a chargeback. Visa notes that requiring signature upon delivery for items sent to a customer after the business receives an AVS code indicating an address and zip code match at the time of checkout is a great way to protect against chargebacks.

Related Article: How to Use AVS.


Record IP Addresses

Keep a record of the IP address used to make transactions. This information will reveal the geographic area where a computer accessed the internet. If a cardholder uses their computer to initiate a chargeback, and the IP address used points to the same location the computer was used to make the order in question, there’s a chance the cardholder is attempting friendly fraud (especially if the mailing address matches as well). Claiming a charge was unauthorized does not hold up as well when the cardholder’s correct billing address, and more importantly, his IP address, was involved in the process.

Require Signatures for Delivery

If feasible, use a delivery service that requires the recipient’s signature, along with real-time tracking and delivery. That may not be practical for every order, but consider setting a monetary threshold that makes sense for your business, and require a signature. It’s hard for a customer to claim they didn’t receive an item when their signature is on the delivery receipt.

Make Contact Easy

This step is more important for general chargeback prevention, but is worth noting. Most customers who don’t receive their merchandise or experience a damaged delivery don’t contact the business, but notify the card issuer. Make it easy for customers with genuine issues to get in touch with you 24/7, and give detailed instructions to your customer service team for handling these complaints. Deliberate fraudsters will still initiate the chargeback process with the card issuer, but providing and publicizing good customer service lowers the chargeback rate for misunderstandings.

Review Your Chargebacks

Review each chargeback carefully, and not only for fraud potential. Do the codes indicate that consumers don’t recognize your business, especially if you utilize a third-party billing service? Make sure that information is clear on your website and on the customer receipt. Work with your processor on descriptor clarification for your customer’s statements, perhaps adding a phone number so puzzled cardholders can contact you directly.

Consult Your Processor

Consult your processor regularly for advice on security updates and current best practices. All parties involved in transactions – businesses, banks and card issuers, and processors – must stay one step ahead of cybercriminals.

While friendly fraud is the bane of Card Not Present merchants, taking proactive measures can lessen the threat to your business and significantly reduce the incidence of customer scams.

TwitterFacebookLinkedIn
Jane Meggitt

BY Jane Meggitt

A graduate of New York University, Jane Meggitt is a former staff writer for a major New Jersey newspaper chain. Her work has appeared in dozens of publications, including LegalZoom, USA Today, Zack’s and The Motley Fool.

FOUND THIS USEFUL? SHARE THIS!
 

Credit Card Processing exposed

Use the secrets that credit card processors don't want
you to know to drastically lower your credit card
processing fees.

Read Now!
 

You might also like…

PCI Compliance
PCI Qualified Security Assessors

View all articles

Please join the conversation

Your email address will not be published.

8 COMMENTS

  1. from ben, on December 3, 2017

    A customer bought a 15k vehicle with a credit card in person and signed. Nothing promised or implied statement. I did not promise anything and they understood all the things that can go wrong with a used car.

    They have been harassing us and pushed the go button on the fraud report for a car not being as described.
    What will happen?
    Can anyone claim fraud even thought I have a STACK of paperwork where the customer acknowledges that its a used car with 135k miles on it?

    • from Ellen, on December 6, 2017

      They can claim fraud, but whether or not they’re successful depends on the investigation that the bank will do. You’ll need to work with your credit card processor to submit proof about the transaction. Good luck!

  2. from David, on June 22, 2017

    We have recently received few chargeback letters. For these chargebacks, we believe it is either an identity theft or a chargeback fraud. Before the transaction, we verified the card holder and collected the following from the card holder when the charges were completed:
    1. The front and back credit card picture for the charge
    2. Credit card authorization with the card holder signature
    3. Verified credit card number, card holder’s name and address with the card holder over the phone
    4. Called and verified with our credit card processor’s credit card authorization line, and the credit card number, card holder name, and address all matched

    On the chargeback advice letter, the card holder is one of the family members rather than the card holder we dealt with. The card holder even told us the card was lost after she authorized the charge. Based on all the verification works we did and the chargeback name is different from the card holder of our customer but with the same credit card number, do you think we have a good chance to win the chargeback?

    • from Ellen, on June 23, 2017

      Hi David,
      There’s really no way to tell, unfortunately. Work with your processor and provide as much evidence as possible to support your case. Good luck!

  3. from Kyle Hebbron, on February 13, 2017

    Your article is interesting, but does not really answer how to protect oneself from “Friendly” Fraud. Most of the suggestions relate more to fraud involving using a card illegally. How does one protect from the user that simply buys something, uses their credit card and then claims something is wrong with the item? I would have no problem in refunding a buyer for a claim of non-working item, but they should be required to ship the item back (at seller’s expense) before they can be refunded. This would put an end to this type of fraud. I am so frustrated with this type of fraud.

  4. from Sid, on January 25, 2017

    Hi,
    I think I am a victim of a friendly fraud. I recently did a freight job for someone, once the goods delivered they did a chargeback. I was still in possession of some freight so i could hold that at ransom.
    They paid me again and then once I released their freight they pulled the same stunt.
    I feel like a fool in trusting them twice. I have their address and contact details but they are in Perth and I am in Sydney. What can I do? Can I go to the police?
    Thanks,
    Sid

    • from Ellen, on January 25, 2017

      Hi Sid,
      Unfortunately, we can’t assist with Australian issues. It might be worth contacting local authorities for assistance. Good luck!

  5. from Linda, on May 2, 2016

    I was recently told by another business owner of a mostly e-commerce nature that chargebacks can be initiated up to 5 years after the purchase when the charge receipt is not signed because the card holder does not physically come to the seller’s place of business. Is this true? That would let fraudsters send through a chargeback after having used a product for it’s normal life expectancy and then get their money back even though the product was received and performed as described. Please tell me this is not true!