For decades, maybe centuries, groups of neighbors have rallied together to form community watchdog groups. Through their combined strength, these watch groups have found success stopping criminals that might otherwise hit them close to home.
The sense of security we get from a community is palpable. Online, communities have found their own purpose, especially in the world of ecommerce.
At 3dcart, our customer community helps drive product development. Some happy customers go as far as becoming evangelists of sorts, spreading the word about our solution to other merchants and aspiring storeowners. Read More!
4 Common Elements of Fraudulent Orders
Fraud can follow an online merchant around for a long time. It’s a huge hassle to correct and an even bigger drain on your pocketbook.
Fortunately for online storeowners, today’s technology makes fraud easier to identify. We’re now equipped with tools that simplify the process of identifying and outing a fraudster. Some of these tools also make it easier to share your experience with other merchants in your community.
3dcart recently launched FraudWatch, a new security add-on. It combines data points into an algorithm that calculates the likelihood of fraud for each purchase in your store. It also leverages the experiences of other 3dcart merchants into a Community Score.
Merchants on other platforms can still dole out their own brand of street justice. Here are four elements you should look for in a fraudulent order. (TIP: A fraudster typically fulfills more than one of these.)
A foreign or proxy IP address could belong to a fraudster.
IP addresses are major identifiers for Internet users. These days, they can help marketers locate where in the world their customers come from, among other benefits.
Because IP addresses are easy to trace, a fraudster usually makes sure his is invisible. By using a proxy IP address, a thief can block you from identifying his location.
In some cases, foreign IP addresses are equally as dangerous. It’s too difficult to take legal action against a thief in Europe, for instance, when you’re based in North America.
Location plays a role in fraud identification in other ways, too.
Billing addresses and shipping addresses that don’t match are suspect.
Not every shopper who comes through your store will have matching billing and shipping addresses. In many situations, this happens when a customer sends a gift. In others, it could be that your shopper has more than one address.
The truth is that there are plenty of reasons why a shopper might give different addresses. But if the purchase fulfills other potential fraud conditions, it might be worth a closer look.
Why a fraudster might use different billing and shipping addresses is pretty simple to figure out. Just make sure you do your due diligence before you cancel a purchase.
One final location-specific data point is crucial for fraud detection.
Double-check phone numbers with area codes that differ from the shipping address.
For many of the same reasons as above, this is another data point that might identify a fraudulent purchase.
Online identity theft is a regular occurrence. A fraudster could very easily pull credit card and address information. Then, he might give a fake phone number. If you’re worried that they don’t match, it’s usually a good idea to look at some of the other data points in this list. As always, you’ll want to build a comprehensive case before you decide to block a purchase.
Be wary of above-average order amounts from first-time customers.
Large orders can be exciting for an online store. But they aren’t very likely, especially with new customers who want to try out your store before they make any big purchases.
A large order, however, can be a sign of a fraudster trying to get a one-time purchase in before the victim cancels his or her credit card. Today’s real-time alert system for credit card fraud helps consumers identify issues quicker. As a result, fraudsters typically understand that they get one chance to use the card, so they’ll maximize that purchase.
Conduct safe business.
As always, make sure you’ve identified multiple data points that might be fraud before you block a purchase. You don’t want to risk alienating a customer. But you do want to protect your store.
Read more about FraudWatch for a low-hassle way to stop fraud before it happens.
Fight Ecommerce Fraud With An Army Of Security Features
In North America, online fraud accounts for 1 percent of ecommerce transactions. That may not seem like a whole lot, but when you consider the costs to the merchant every time a fraudulent transaction happens, it adds up.
That cost includes:
- The cost of the purchase (to the owner of the stolen credentials)
- The lost product
- A penalty from the bank
- Major fees from credit card companies
Fraud is a common and devastating problem for online merchants across the globe. And the onus is on you to stop it before it starts.
Fortunately, 3dcart makes it easier than ever before to stay proactive in the fight against fraud. We’ve spent the last several months bolstering your options for fraud protection. Check out four features that can help protect your store against fraud before it occurs.
Monitor possible fraud proactively with FraudWatch.
Released earlier this year, FraudWatch is an add-on for 3dcart that takes into account a variety of fraud-related factors whenever a shopper makes a purchase.
The add-on scores purchases based on 12 indicators, including data points like IP address, mailing address, and bank identification. Each of these points of data feed into an algorithm that calculates the risk level in every transaction that feeds through your system. The feature spits out a risk score between 1 and 10, along with one of three color-coded warnings based on the risk level.
FraudWatch also includes a unique feature that makes fraud protection even more powerful…
Learn from other 3dcart customers with Community Alert.
A piece of the FraudWatch puzzle, the Community Alert feature is an add-on powered by 3dcart’s network of 16,000+ merchants. Merchants who are already onboard band together to offer feedback on potentially harmful purchases.
The first service of its kind, Community Alert empowers 3dcart merchants with a database of reported fraudulent orders. Based on those reports, the feature generates a Community Score that demonstrates the risk involved in the purchase. Coupled with the FraudWatch score, merchants can make better decisions on processing orders on the fly.
Alerts are a great start, but there’s another bastion of defense against fraud that includes extra benefits…
Avoid shipping errors with Address Verification.
We wanted to include the Address Verification add-on here because it’s another way to make sure an order is legitimate. But Address Verification is so much more than that.
In fact, it’s a proactive tool that stops shoppers from making costly mistakes, like a typo, missing suite number or bad zip code. You’ve experienced these mistakes before, and you eat the cost, unfortunately. With Address Verification, you can stop those mistakes from happening.
The feature scans the UPS database for known addresses that match and makes related suggestions if the address isn’t already known. Shoppers are prompted to confirm either the original address or the suggested one.
Thus far, we’ve discussed 3dcart add-ons. One final step in completing your army of security features takes us outside of the shopping cart…
Get third-party fraud protection with Kount.
Just recently, we announced a new third-party integration with Kount, a company dedicated to fraud protection. They offer merchants their own algorithmic approach to calculating fraud risk.
Think of our new partnership with Kount as more than just a way to reduce cost. It’s also great security detail if you want to expand into new, riskier international markets, extending the reach of your store and the volume of your sales.
Check out our recent press release for more details on our partnership with Kount.
What fraud protection features would you like to see us add?
Hearing about new security features making their way to the web? Share them with us in the comments or visit the ecommerce feature suggestion page of the 3dcart forums.
Fraud cost merchants more than $102 billion in 2011. It was the third year in a row with more than 300,000 online fraud complaints filed — a 3.4-percent increase. The adjusted dollar loss of internet fraud complaints last year was $485.3 million.
The fact is, online merchants everywhere are at risk of fraud. But falling victim to fraud doesn’t have to happen to your store because 3dcart merchants now have the ability to evaluate orders as they come in and curb fraud before it happens, potentially saving your store lost revenue.
Introducing FraudWatch, an easy way to:
- Identify potential fraud before you process orders
- Minimize risk and loss by assessing the threat level of transactions
- Display positive or negative fraud history based on reported information
- Report suspicious transactions to warn other vendors
How do we do it? Well, FraudWatch scores purchases based on 12 indicators, including reviews based on experiences within the 3dcart community.
Additionally, FraudWatch categorizes and scores risk to gain a better view of your purchases and keep your store safe.
Data points associated with each purchase like the IP address, mailing address, bank identification, etc., are measured in real-time based on past usage, and using an algorithm that weighs this data, FraudWatch calculates a risk score.
Scores that pass muster on the FraudWatch chart are identified as “green” transactions and are considered safe. “Yellow” scores show that some data points are potentially fraudulent but the transaction may otherwise be safe.
A “red” classification represents a high-risk purchase and suggests careful consideration before fulfilling the order.
Scores then are posted in your 3dcart order management dashboard next to each specific order. Opening a score also shows you if a store manager within the 3dcart community has flagged the customer.
3dcart customers get 10 free scores per month through FraudWatch but you can use your store manager to upgrade your FraudWatch account to a premium service level for additional fraud checks per month.
Sign up today to get up to 10 free fraud checks per month. Just log in to your 3dcart Store Manager now to get started.
@joepalko is the CMO of 3dcart. Prior to joining 3dcart in 2011, Joe was a true internet pioneer co-founding his first e-commerce website in 1994 which later sold to America's largest mail order pet supply retailer in 2007. Joe also co-founded Solid Cactus in 2001, which was later sold to the Web.com Group in 2009.
The 3dcart team has been hard at work and is excited to announce the launch of ‘Community Alert’— a free service that calculates risk based on the experience of other 3dcart merchants in the community. Community Alert is the first service of its kind in the ecommerce industry and currently in beta to current merchants.
HOW IT WORKS: Each 3dcart merchant has the ability to contribute to the Community Alert by reporting fraudulent orders to a community database. Based on these reports, retailers taking part in the program receive a free Community Score that rates the risk of accepting the transaction. Scores are generated in real-time as orders enter the merchant’s system so retailers can make decisions on the fly.
SCORING: Scores are rated based on three color-coded levels of risk and a 10-point number scale, making them simple to read and react to quickly and efficiently. The score for each customer also lists the number of transactions associated with them across the community.
PRIVACY: 3dcart guarantees complete privacy for each merchant that takes part in the program. Even though fraud statuses and scores are shared with the community, no information from stores or shoppers is compromised, ensuring total anonymity and protection of other sensitive data.“Community Alert strengthens the bonds of 3dcart’s merchant community while offering a free way to improve security and minimize risk,” said 3dcart CEO Gonzalo Gil. “We added the feature based on two major differentiators: proactive recognition of potential fraud and the power of experienced human intervention to help measure the actual risk.”
Below is a guest blog post by Jodi Florence, VP Marketing at IDology, Inc.
While the Internet has made it easier to grow a business, it has also introduced new security challenges for small and big businesses alike. As the techniques of fraudsters grow more sophisticated so must the solutions businesses use to detect and prevent fraud from occurring.
The heart of successfully stopping fraud in a consumer-not-present channel is having assurance you are interacting with customers, not thieves. Verifying a customer’s identity is important for anyone doing business online.
With identity theft continuing to be one of the fastest growing crimes in the United States, using identity verification helps reduce the risks for both your business and your customers from becoming a victim of fraud. The key is to automate your identity verification process so that you are able to verify consumers in a way that will keep business moving and without sacrificing customer satisfaction.
So what exactly is identity verification? Simply put, identity verification solutions help uncover if you are dealing with legitimate, real people. And depending on the level of verification your business requires, you can also find out if someone is who they say they are even though you can’t see or check their ID in person.
At its lowest level an automated identity and age verification solution allows you to verify information provided by someone, such as name, address, and date of birth, with information that can be found on that person while searching thousands of trusted data sources. If there is something suspicious associated with the identity, like the address doesn’t match or the person is actually deceased, you will know instantly. And depending on the level of assurance needed, you can incorporate a set of multiple-choice questions that are dynamically generated based off of the personal history information found on each individual consumer. These questions are sophisticated and designed specifically so that the true identity owner will know the answer but not someone attempting to be that person. The end result provides an automated process that helps businesses make more informed decisions about how interactions with consumers are handled while also preventing fraud.
If you are still on the fence about using an identity verification solution, here are some of the benefits our customers see:
- Increased Revenue- Using technology to identify your consumers-not-present keeps business moving forward in a timely manner. As a result, orders are approved and processed faster thus increasing the opportunity to capture more revenue.
- Decreased Cost of Business- Electronic identity verification decreases the amount of manual review needed to evaluate and legitimize questionable activity freeing up your employees time to focus on other areas of the business
- Improved Fraud Protection- Identity verification gives better insight into potentially fraudulent activity so that businesses can deal with suspicious activity accordingly. Being able to validate someone’s identity quickly reduces the amount of fraud loss. And by decreasing the amount of data that is shared within a company, it protects sensitive consumer information from being overexposed and limits the potential of an employee misusing a consumer’s information.
- Fulfilled Compliance Regulations – some businesses, such as financial companies and age restricted products and services, have compliance regulations they must follow. Incorporating an automated identity and age verification solution gives you the resources to quickly comply with legal obligations while providing an audit trail to prove you performed your due diligence on your customers.
About the Author:Jodi Florence is the VP of Marketing at IDology, an identity and age verification solution provider helping businesses of all sizes in multiple industries drive revenue, lower costs, prevent fraud and meet compliance regulations. For more information about IDology and its identity verification solutions visit www.idology.com
5 Trust and Security Techniques to Improve Ecommerce Conversions
Consumers are apprehensive and cautious regarding online security, and with reason. The number of reported scams, hackings and credit card fraud is increasing every day. For small online business owners, it can be a struggle to keep up with regulations and security needed to create trust in their brand; trust that will help turn their store visitors into customers.
Recently, we here at 3dcart conducted A/B testing for three months on 5,000 of our supported online stores. This experiment proved that the visibility of trusted security seals and certifications on the sites boosted sales and conversion rates exponentially.
Based on our research – and just in time for the holiday season – here are five tools that can help you build trust in your brand and increasing sales.
1) Visible Contact Information
As simple as it sounds, customers feel better being able to put a “face” to a business, rather than just an e-mail. Displaying a phone number at the top of the page or in the “about” section of your site – along with an address linked to Google Maps – helps boost the visitor’s confidence and makes your online business feel more personable and real to the shopper instead of a possible scam.
By listing the company’s contact information, your customer’s will know they have an immediate form of communication should questions or concerns arise about the order and transaction. Even if the phone number you list is your mobile, people will subconsciously feel more secure with an older and familiar form of communication.
2) Customer’s Testimonials and Reviews
Showing that other customers have had good experiences with your site and your products not only makes your site more reputable but also increases sales. Services like PowerReviews will generate “tag-based” reviews that will connect with your target market. Though it is one thing to connect with customers as a company, user reviews are an element on your store that connects customer to customer – reviews prove that online shoppers have had an experience with your company and product. This community-like structure is known to be fairly honest and affective throughout social media and e-commerce due to the customer’s ability to relate to the reviewer.
3) Dedicated SSL Certificate
When placing an online transaction securely, a browser will access your site through a Secure Socket Layer connection (SSL). In order to ensure the connection is secure, the web browser will access the site’s SSL certificate.
When using 3dcart’s services, you are given access to a free shared SSL certificate that uses your base *.3dcartstores.com URL for its authentication. Please note however, that the use of a shared SSL certificate changes the domain name displayed during checkout.
Obtaining a Dedicated SSL Certificate from security companies such as Geotrust, Verisign or Comodo will further bring your customer some peace of mind while checking-out. If possible, get an EVSSL (Extended Validation SSL) since it is the maximum level of security. The Dedicated SSL Certificate not only verifies your identity as a company and proves that the customer’s information is encrypted during the process of transmitting sensitive information to complete an online transaction, but it will also be assigned specifically to your domain name. Thereby keeping your base URL the same throughout the whole transaction process.
TRUSTe is one of the most recognized privacy organizations, used by top retailers like eBay, Microsoft and Apple. The presence of their seal has been proven to increase order value by at least $10 and sales by over 29%!
5) Security Seals from Reputable Companies
Displaying a reputable security seal like McAfee Secure or VeriSign TrustSeal conveys the message that your business has gone through a validation process and establishes an association with the entity providing the seal.
Some seals illustrate that your company has passed an identity verification process while other may show that a specific, trusted company is handling the payments for your business,
In a way, these seals help provide some assurance to first time visitors who are eager to place an order, but may still have doubts regarding the background of the business.
There are also security seals show that your store is scanned periodically for security vulnerabilities and malware. For example, a service like Verisign’s TrustSeal will perform daily scans of your site and alert you if there are any compromises in the integrity of your site.
Though most of these seals and verifications cost money, their respective companies will usually have plans and options that cater to small and medium size business owners.
Make no mistake; online security is on every shopper’s mind.
Our research has shown that these five elements, implemented on your 3dcart supported sites, will help increase conversation rates and sales by easing any concerns your visitors may have about your business.
About the Autor:
Gonzalo Gil is the President, Owner and CEO of 3dcart. Gil oversees all aspects of the company’s operations. Gonzalo Gil’s background includes a B.S. in Computer Science with a focus in e-Commerce Infrastructure, with over 12 years of experience as an e-Commerce Engineer and Business Manager. He is considered a leader in the e-commerce industry by thousands of merchants, and has successfully guided 3dcart to a position as one of the top hosted e-commerce solutions in the market.
Joins Short List of Approved e-Commerce Solution Providers for Outstanding Adherence to Security Standards
TAMARAC, Fla., June 3 /PRNewswire/ — Shopping cart software leader 3DCart today announced its inclusion in Visa’s Global List of PCI DSS Validated Service Providers, a comprehensive list of Visa-certified service providers named for passing a rigorous security screening process. Inclusion on Visa’s short and exclusive list helps further validate security measures to protect credit card data and other personal information put in place by 3DCart for local and international online merchants of all sizes. 3DCart was officially validated by Visa as of March 31, 2010.
“Instances of online fraud have pushed stricter regulations on financial transactions that take place on the web,” said Jimmy Rodriguez, chief technical officer for 3DCart. “General PCI DSS compliance is crucial, and verification by Visa serves as a validation that online storefronts are doing everything in their power to protect the personal information of their customers, in turn adding value and increasing brand credibility. Online stores with Visa-approved e-commerce platforms position themselves as cutting-edge within their niches.”
PCI DSS compliance is now required for any service provider that collects sensitive financial information over the internet. The Payment Card Industry (PCI) Data Security Standard (DSS) is crucial for all service providers that collect payment by credit card.
3DCart was officially named PCI DSS compliant by the PCI Security Standards Council on February 26, 2009 following rigorous testing by third-party PCI DSS compliance experts SecurityMetrics. In order to gain compliant standing, twelve stringent requirements must be met or exceeded to help build and maintain a secure network, protect cardholder data, maintain a vulnerability management program, implement strong access control measures, regularly monitor and test networks and maintain an information security policy.
To view the complete Visa Global List of PCI DSS Validated Service Providers, visit http://usa.visa.com/download/merchants/cisp-list-of-pcidss-compliant-service-providers.pdf.
3DCart (www.3DCart.com) is a complete e-commerce solution for new or existing websites. The company’s services include the tools, advice, support, and technology to manage an entire online operation, so clients can focus on managing their orders. 3DCart is able to design and implement innovative web solutions to meet a company’s specific requirements. Whether clients are looking to update their existing web store or develop a completely new design, 3DCart maintains a flexible approach to ensure they provide the right solution for the company. One monthly fee pays for the store setup, security, design, and maintenance.