Online fraud is a complex, hard to detect, and constantly evolving type of crime with serious business consequences. While many e-commerce merchants are looking for new ways to engage with customers, fraudsters are also looking for new ways to exploit them. In a way, every touchpoint you create – from buy online/pick up in store options to social click-to-buy ads, mobile shopping to loyalty rewards programs – is another opportunity for cybercriminals to bypass your fraud screening.
Thexyz, a Canadian company, provides a secure email service. This paid platform gives customers an email address that is secure and private while keeping the user experience ad-free.
Introducing the minFraud service had a dramatic effect on their chargeback rate. Here’s their story.
Just like good customers, fraudsters must provide a shipping address in order to receive merchandise. But fraudsters, who need to evade detection and efficiently resell stolen goods, leave traces in the shipping addresses they use. The minFraud Network collects data on shipping addresses and uses it to identify any high risk shipping addresses associated with the transactions you submit for review.
This blog post investigates some high risk shipping addresses known to MaxMind, as well as provides some general fraud review tips for identifying them.
As a merchant, you’ll frequently see cases where multiple orders with different billing addresses and payment methods are placed from the same IP address, and it’s not clear whether or not this indicates fraud.
Such activity could be a sign of fraud, with a fraudster testing multiple compromised credit cards. It could also be a sign that a fraudster is using a proxy to obscure his identity. There are times though when such activity is expected and flagging such transactions as fraudulent would mean denying good orders and frustrating customers. Continue reading
Thus far, our Best Practices Series has discussed how you can use the data provided by the minFraud service for better decision making during manual review.
But actionable data from minFraud starts with the inputs you include with each query.
The minFraud service requires that each query include the IP address associated with the transaction at a minimum; as best practices, MaxMind recommends you send as many data points as possible.
The more data points you provide, the better the riskScore and the more information you make available to your fraud analysts as part of the manual review process. Continue reading
In this blog post, we continue our discussion of best practices for manual review. Today’s topic is assessing IP address risk.
A fraudster (or indeed, anyone) placing an order on a website uses a device (computer, mobile phone or tablet) and this device is associated with an IP address.
In our last blog post, we discussed how the physical location of the IP address can be matched against other location information to see if anything looks suspicious. For example, it’s best to closely scrutinize orders where the location of an IP address is in one country and the billing address in another.
Fraudsters recognize the power of geolocation in identifying fraud, so they act to hide their actual IP address and, by extension, their geographic location. The best way for them to take cover is to connect to the Internet using a proxy server. Popular hiding places include open proxies, hosting providers and VPNs. Continue reading
Welcome to a new installment of MaxMind’s Best Practices Blog Series!
In discussing best practices, our focus is on efficient fraud screening methods which stop fraud while providing a positive customer experience.
Key to efficient fraud screening is automating as many decisions as possible.
In this post, we discuss the crucial role of minFraud’s riskScore to automated decision making. Continue reading
MaxMind, the industry-leading provider of IP intelligence and online fraud detection tools, has been invited to present at the 2015 Merchant Risk Council (MRC) eCommerce Payments & Risk Conference in Las Vegas. Our co-presenters will include two of the world’s most prominent eCommerce companies: Orbitz, a leader in the online travel industry, and Western Union, a global money transfer giant. MRC’s own Global Director of Programs and Marketing will bring his extensive industry experience to the presentation as well. Whitepages Pro, one of the major providers of contact information in North America, will moderate our lively presentation.
Manual Review Best Practices
Learnings from Peak Buying Times in 2014
We invite you to attend this panel discussion to learn more about best practices for preparing for, executing and evaluating your manual review processes. You’ll benefit by hearing specific examples of unique situations and fraud trends that caused online merchants to alter their tools or procedures. You’ll also have the chance to review some questionable transactions and engage in discussion about whether to approve or reject them.
Mark Your Calendar!
March 24, 2015
1:30 p.m. – 2:15 p.m. PT
Aria Resort, Las Vegas
We hope to see you at the Presentation or just stop by booth #422 and say, “Hello!”
Contact us today at email@example.com to schedule a meeting during the event. We look forward to seeing you at MRC’s 2015 eCommerce Payments & Risk Conference – the largest professional development and networking event for eCommerce payments and fraud professionals in the Americas.
When it comes to fraud detection, finding proxies is a big topic. But why? Fraud detection begins with thinking intelligently about the IP address associated with a transaction. Where is that IP address, and how does that location relate to other transaction data? Whereas most IP addresses inspire confidence, those associated with a proxy generate suspicion.
Let’s take a closer look at proxy detection. Continue reading
Welcome to our first installment of MaxMind’s Best Practices Blog Series!
In this post, we discuss using the minFraud Service in conjunction with your AVS and CVV declined transactions in order to help you increase your conversion rate and stop more fraud.