Let’s start by showing how big the problem of false rejections and fraud is. What is the current state of affairs on this matter?
The problem of false rejections is increasing massively as it keeps pace with the growth of e-commerce and the emergence of different payment methods in the market. Just how serious this problem is is highlighted by a study by Edgar, Dunn & Company, which found that more than $700 billion would be lost to payment declines by 2022, and much of that would be attributed to failed transactions by good customers. That data aside, the consequences of false rejections are even more worrying, as rejecting a legitimate buyer means losing both that customer’s current sale and future value.
What are the biggest challenges merchants face when accepting or rejecting orders?
It is obviously a problem not having enough information about a transaction and not being able to send it to the issuer. Another major challenge is that traders do not always know which issuer accepts what type of additional data, or what type of data each issuer wants to see. Furthermore, there can be different ways to send the data to the downstream issuers – this can be done for example via direct API endpoints or via 3DS-Rails – and most of the time the traders do not fully understand these methods.
How can data analysis be used in the pre-authorization phase of a transaction to prevent fraud and improve the customer experience?
Much more information about the transaction itself is available on the merchant side than in the authorization phase of the transaction. During the purchase process, merchants have access to data such as behavioral analytics, device ID, user time spent on the site, etc., but this information is not available to the issuer. If the information could be communicated from the merchant side to the issuer in the pre-authorization phase, it would improve optimization rates and prevent false rejections.
How can merchants work directly with issuers to optimize their authorization rates and master the risk versus fraud strategy?
As mentioned, some issuers are exploring direct API endpoints outside of the network rails, and others prefer to receive decision improvement data on the traditional rails. Keeping up with all issuer rules can be a tedious task for merchants, especially when multiple integration and testing process agreements exist. Traders essentially have two options here. You can directly use any publicly available integrations the issuers have to send them the additional information to get more accurate authorization decisions.
Or they can leverage partners like Signifyd who are connected to issuers and know how best to send data to an issuer – the data elements to send that will result in the best outcome.
Sometimes denials occur due to the issuer misinterpreting an SCA exemption. How can this problem be solved?
This is actually not a question of misinterpretation, but of the issuer’s willingness to accept or reject the exemption. If the exception is properly tagged with the correct code, there shouldn’t be any problems. On the other hand, if the initial decision is submitted on behalf of the merchant, all relevant variables must be considered, including the issuer’s past experience with that particular type of exemption. To better address all related challenges, Signifyd has developed an exemption management solution that determines which exemptions to use based on transaction risk analysis.
Friendly fraud and refund abuse are also increasingly impacting the payments ecosystem, and both merchants and issuers have their own role to play here. How to improve the relationship between these two parties to reduce the rate of fraud of this kind?
Friendly fraud is growing at a disproportionate rate compared to normal e-commerce growth, so it continues to be a real problem in the ecosystem. The sad truth is that 3DS friendly fraud cannot be prevented, as this issue by definition affects a consumer’s real identity, so any security check is basically passed by the cardholder. Hence, data sharing is the answer here. Efficient collaboration within the industry means that the stakeholders involved share past experiences and events. In addition, our company is able to centralize the information of thousands of traders and, if necessary, connect the dots to identify specific fraud patterns.
For example, we have information based on multiple transaction attributes that a consumer has committed friendly fraud with a particular card in the past, and if that consumer attempts to do the same with a different card, we may report that situation and subsequent ones prevent attempted fraud.
How do Signifyd services fit into all of these topics discussed above? How can you bridge the gap between traders and issuers?
The manner in which issuers obtain additional decision-making information from a trader follows different routes. Signifyd takes a comprehensive approach. Depending on the circumstances and needs, we use either our direct API connection method or the 3DS rails and we believe this is the most future-proof solution for merchants to tackle authorization extension.
This editorial is part of the Fraud Prevention in Ecommerce Report 2021/2022, the ultimate knowledge resource that delves into the evolution of the payment fraud ecosystem and reveals the most effective security methods for businesses to win the battle against bad actors.
About Okan Özaltin
Okan Ozaltin is GM for Payments Solutions at Signifyd. He is focused on developing solutions for the payments ecosystem that offer higher authorization rates and less friction for customers. Prior to joining Signifyd, he was Product Manager at Fiserv after having held various positions at JP Morgan.