Vesta, an “end-to-end transaction guarantee platform” that is used for online purchases, has unveiled its first Global Card-Not-Present (CNP) Fraud Report. They analyzed millions of digital transactions between the first quarter of 2020 to the first quarter of 2021.
A CNP transaction takes place when a sale happens without the customer physically presenting their card to the merchant. If the CNP transaction is fraudulent, the merchant is stuck with the liability.
The findings were eye-opening, as they discovered that the overall percentage of global transactions identified as potentially fraudulent were in the range between 10 and 13 percent.
Striking The Perfect Balance
What makes tackling this growing problem so challenging is that you have to balance combating fraud while increasing approvals for legitimate transactions.
One solution that many merchants are turning to is the Address Verification System or (AVS). As a fraud prevention measure used for card-not-present transactions like e-Commerce and phone orders, AVS requires the cardholder to give the full billing address for the card, which also includes the address and the zip code. The Card Verification Value or (CVV) is also used to prove that the purchaser actually has the card in their possession.
When a customer enters a billing address at checkout that does not match with the address on file with the card-issuing bank or credit card company, this is known as an “AVS Mismatch Error.”
Merchants can automatically set up AVS mismatch filters to flag suspicious transactions well before they happen. AVS serves as a fraud prevention measure to help authenticate CNP transactions both online and on the phone.
With this system, the buyer has to provide personal information such as their address, zip code, and CVV code. This allows a cross-check system to verify if the cardholder actually has the card in their possession or if they are the real owner of that card. If any of these details do not match, this sends a signal to the issuer of the card that it has been stolen.
However, things are not always straightforward. Just because a merchant received an AVS mismatch alert, doesn’t mean that the transaction is fraudulent. With every order placed online, the payment processor issues a request for an AVS approval to determine whether or not there is an address match. If it is authorized, then the issuer will approve the processor to authorize that transaction.
Resolving An AVS Mismatch
Whenever a merchant receives an AVS mismatch, they can choose one of the following actions:
- Process the transaction again
- Override the payment system
- Approve the transaction, or simply cancel the transaction
When it comes to deciding which action to take, merchants must consider how well they can manage risk and how willing they are to trust their own customers. If the risk is higher and the merchant approves this transaction, they must be prepared to pay a higher transaction rate. Having to rerun the transaction also adds more risk since it can produce a pending charge. This can ultimately produce friction with a potential customer.
If there are any doubts related to a transaction, it is best to personally reach out to the customer to verify details and determine whether their information was entered incorrectly. It could simply mean that they have not updated their address on file.
By personally reaching out to your customer, you are demonstrating to them that you care about protecting both them and your business from fraud.
An Ongoing Challenge
The original purpose of AVS was to prevent CNP fraud. AVS filters work best if they are activated. Unfortunately, they fail to ensure whether a transaction is valid or fraudulent. AVS filters can be used as one of many tools within a comprehensive set of solutions to fight fraudulent transactions.