Going beyond the plug-ins: why you need an advanced Magento fraud protection solution

Featured article by Debbie Fletcher, Independent Technology Author

Online retailers are constantly on the front line of a revolution in retail and at the fulcrum of a balancing act between giving their customers a great online shopping experience and preventing fraud. This is no easy task, mainly because the chip and pin credit cards mandated by the new EMV standard are clamping down on Card Present Fraud (in person transactions), forcing criminals to move to Card Not Present (CNP) transactions.

Fighting fraud is a tricky business

In light of this growing threat, it’s interesting to discover that Magento, despite its capabilities and popularity among retailers worldwide, doesn’t have any built-in fraud prevention features. While Magento is in fact extensible by third-party plugins and provides users with at least some basic defense they need in order to protect their revenue, it just isn’t enough.

Remember that streamlined experience? As the fear of fraud catches hold of online retailers, many respond by panicking – adding more verification steps to the checkout process, cluttering the interface and frustrating the user, and even declining transactions that might seem suspicious yet are completely legitimate. Declining purchases that should have been approved will result not only in losing the order amount itself, but also in losing the customer who is just plain annoyed about being falsely accused of fraudulent activity.

The challenge, therefore, is to accurately detect and prevent fraud, keep customers happy throughout the process, and make sure legitimate customers aren’t mistakenly turned away because of suspected fraud.

For Magento-based ecommerce websites there are companies such as Riskified, a Magento Silver Industry Partner, which offer advanced Magento fraud protection that can make all of this a reality.

Protecting Magento-based ecommerce Sites

The Riskified fraud detection system gathers order data in real time (including browsing patterns) and makes a quick “accept” or “decline” decision after checkout. The reason that Riskified renders its verdict after checkout and not during it is that this screening process itself – happening behind the scenes and only after the customer is all set and done – doesn’t add any delay or unnecessary frustration to the user’s experience. Normally, it takes less than a second for the system to decide whether or not to process the order, but in some close calls the system can give an order extra scrutiny. Still, the whole process at most takes a few seconds, but they are seconds the customer never has to see. If Riskified approves the transaction, then the order proceeds directly to fulfillment.

Riskified uses a few types of data to make its decision. For instance:

– Whether or not a web proxy is being used: Fraudsters use proxies to hide their true location, thus the use of one at the ordering stage could be a sign that the order should be declined.

– Device fingerprinting: Recognizing the same device across multiple orders is very useful for identifying legitimate return customers, who are very unlikely to place fraudulent orders.

– Social media data: Social media profiles on Facebook, Twitter, Instagram, Google+, and others can be very useful for verifying info provided at ordering time, helping to verify the identity of the customer.

Riskified’s Magento extension is just one example of software that’s available today which is simple to integrate, can protect your online storefront, and give you the confidence to expand into markets across the globe while at the same time drastically reducing your costs due to chargebacks. Best of all, this protection is transparent to your customers, who will continue to enjoy a smooth experience – and continue to come back for more.