Fraud is a persistent, expanding problem for retailers. They’re contending with criminals who grow in sophistication and inflict greater losses every year.
Retail fraud has been evolving. It’s often no longer the work of an individual opportunistic criminal (say, someone who steals a credit card and uses it at the point of sale) but more the work of syndicates, sometimes global networks with many hackers at their disposal.
The National Retail Federation’s 2017 National Retail Security Survey found that the average cost of return fraud was $1,766 per retailer. In apparel, the average cost of return fraud was nearly as high as that of shoplifting.
Retailers can reduce their chances of being hit by retail fraud by investing in top-level identification software. This allows them to thoroughly verify any customer’s identity and set up “red flag” systems to alert them to any indications of suspicious activity.
Whenever they have concerns about a customer, retailers can swiftly run searches that could turn up a potential fraudster’s associates, locations, and past histories with law enforcement.
Verify at the point of sale (POS)
Whether it’s a cash register in a store or an online payment process, the POS is a retailer’s first line of defense. Having address verification service (AVS) within the payment service ensures the address the credit card user enters matches the billing address. Any discrepancy, and the payment process is suspended until the issue is resolved.
Follow through on suspicions
Many e-commerce platforms have security protocols to automatically flag suspicious IP addresses or discrepancies. In “click and collect” fraud, a criminal acquires credit card numbers and then logs on to a company’s site to order products. These items are mailed to a different address than that of the customer whose account they’re using.
Retailers need to follow through when discovering discrepancies; for example, if the customer entered a phone number or an address inconsistent with past purchases, or if the billing address doesn’t match the IP location of the person entering the order. These red flags should automatically trigger enhanced identification verification procedures, such as making the customer answer a series of additional verification questions.
Know your customers
When a retailer has suspicions about a particular customer – for example, someone who makes multiple orders in a short period – identification software helps them determine if their hunch is correct.
Searches can turn up a customer’s past criminal records and, in particular, any previous incidences of retail fraud. A retailer could also discover that a customer is using a phone number associated with fraudulent activity.
Sometimes fraudsters use friends or family members as contacts for a “click and collect” scam. Running a search on a potential suspect’s relatives, neighbors, and associates helps retailers unearth notable links. If the suspect lives near a verified customer, it could suggest that the suspect has stolen their neighbor’s credit card information or that the neighbor is in on the scam.
Make record keeping a priority
The best way to stay ahead of fraudsters is to have reliable and extensive record-keeping procedures. Systems should collect and compile receipts, and protected databases should contain your customers’ purchase histories.
Most of all, retailers should maintain up-to-date accounts of customers’ addresses and contact information. It’s harder to detect a fraudulent account if the retailer has low confidence in the accuracy of customer information.
Thomson Reuters is not a consumer reporting agency and none of its services or the data contained therein constitute a ‘consumer report’ as such term is defined in the Federal Fair Credit Reporting Act (FCRA), 15 U.S.C. sec. 1681 et seq. The data provided to you may not be used as a factor in consumer debt collection decisioning, establishing a consumer’s eligibility for credit, insurance, employment, government benefits, or housing, or for any other purpose authorized under the FCRA. By accessing one of our services, you agree not to use the service or data for any purpose authorized under the FCRA or in relation to taking an adverse action relating to a consumer application.