The importance of embedding fraud protection in eCommerce

As online business continues to grow, it’s vital for businesses to ensure they have robust security and anti-fraud measures in place. Fraud is growing and cyber criminals are constantly looking for opportunities, such as through fraudulent card not present (CNP) transactions. According to UK Finance, 15,000 impersonation scams took place during the first six months of 2020, resulting in the theft of £58m¹.

For consumer-facing companies where online purchases represent a major proportion of their business, maintaining robust security measures needs to be a top priority. For every kind of business, it’s essential to provide a safe and secure service that customers can trust.

With the number of CNP transactions set to rise as more customers transact remotely, the need for robust security measures only increases.  To achieve this for your business, you should start off by asking these questions:

Can you be completely confident that the customer wanting to do business with you is who they say they are?

Can your systems recognise unusual transaction patterns?

Are they also able to recognise frequent/recurring purchases and, where appropriate, safely remove the need for the customer to re-identify themselves each time?

To support our business customers and help answer these questions, we launched our payment gateway, Smartpay Fuse. It securely captures and encrypts transactions made online, in app, by phone or by mail order, and passes the necessary information between the customer, the merchant and the acquiring bank.

Inbuilt fraud tools give instant decisions on transactions, helping to reduce chargebacks and false positives*. Tokenisation replaces the customer’s card information with a token while the payment is processed.

Smartpay Fuse is compliant with all the latest security regulations, including:

The European Union’s second Payment Services Directive (PSD2), which was introduced in 2019 to bolster consumer protection in a world where an increasing number of European citizens use their phones to bank and make everyday payments.

PSD2 mandated Strong Customer Authentication (SCA), which is a form of two-factor authentication designed to prove that customers are who they say they are, with specific rules around what constitutes ‘authentication’. It requires two forms of validation out of three available categories.

Within SCA is 3D Secure, where customers must input a password or code on a redirected web page to verify their purchase.

This is being updated under 3DS2, which will create an optimised user payment experience through minimal impact on the authentication process for low-risk card payments.

Payment handlers must also meet the Payment Card Industry’s Data Security Standard (PCI DSS).

If you’d like to know more about the potential impact of PSD2, read our help and support page.

It’s vitally important that businesses understand these security issues. However, this can be a daunting task, especially if you’re a mid-sized or smaller business without an in-house team to combat online fraud or you’re unable to work closely with your gateway provider to improve protection.

Wherever possible, drawing on the expertise of partners in these areas makes strong commercial sense. That’s why we offer a comprehensive range of solutions to support our customers, such as our payment gateways, tailored to the needs of small, mid- and large-sized business.
 

Like you, we have ambitious plans – and this is an ongoing journey. We’ll continue to enhance the functionality and capabilities of the service in order to provide a payments solution that fully meets the needs of businesses, today and tomorrow.

*Barclaycard Transact is available as an additional service and additional costs apply.

¹ UK Finance, Sept 2020