Protect your online store from fraud

Fraud: Online retailers have to be alert to the ways of scammers.

Online electronics retailer Eljo gets about $50,000 worth of attempted fraudulent transactions on its website each month.

For a business that only cracked the $1 million revenue mark in the last financial year, that is a dangerous statistic. Fortunately, founders Elliot Ramler and Jonathon Green have systems in place to stop most of the dodgy transactions getting through but it wasn’t always the case.

“In our first year of business we lost $15,000 to fraudulent customers, which for a young business almost ended us before we even began,” Ramler says.

“We very quickly learnt not only which [technical] systems to put in
place to stop this but also how to spot the ones that do get through our systems.”

Last week in BRW we gave advice on how entrepreneurs could set up an online store in what is a booming sector. Ramler has another tip: “Everyone considering running an online store should get advice on how to spot fraud and what internal system they should have in place to make sure it doesn’t happen to them.”

Usually with online fraud, stolen credit card details are used to make a purchase before the owner realises their details are stolen. Once the actual credit card owner discovers the charge, they contact their bank, which can perform “a charge back, which means the money is taken out of the retailer’s account even though they have sent the goods,” Ramler says. “The only loser in this situation is the retailer and currently no insurance company will cover retailers for this kind of fraud.”

Online stores can use software that pauses orders that don’t pass certain tests (see list). The software then sends an alert and a staff member can check the order manually.

One of Eljo’s most effective anti-fraud mechanisms has been a form that appears after an order has been placed. The customer is required to enter the bank from which their credit card was issued. If the information does not match a database, the order is flagged.

“This one idea alone cut back fraud significantly and amazingly we don’t know of anyone else who is doing this,” Ramler says. “This could also be done simply as a piece of information in the checkout process rather than a form after the sale.”

Fraudulent activity is not as much of a problem for Mooo.com.au, a manufacturer and retailer of personalised children’s goods based in Victoria. Chief operating officer Ben Hare says the personalised products act as a deterrent. “You can’t buy it and sell it to someone else,” he says.

Nonetheless, a couple of potential fraudulent transactions are flagged by the store’s software each week. “One thing we do is there are certain regions [such as countries in Africa] that we don’t ship to for fraud reasons,” Hare says. “The level of sales [to those regions] doesn’t justify the risk attached.”

Paul Wallbank, author of the book, eBu$iness, Seven Steps to Online Success suggests companies could also refuse to deliver to post office boxes. “You’ve got no guarantee that that’s an actual person,” Wallbank says. “Particularly with identification fraud, if a person has stolen somebody’s driver’s licence they can easily open up a post office box.”

He also says it is worth paying a shipping company that has a proper tracking system to avoid customers claiming they haven’t received goods when they have.

As well as flags and technical systems, Ramler says the next best thing is staff training. “We have given our staff intensive training in how to spot online fraud . . . they are our front line and the ones our automatic software don’t pick up. We rely on our staff to do so,” he says.

“If we didn’t have these systems in place, we would be out of business, simple as that. The banks won’t protect online retailers as we don’t have physical signatures – impossible when running an online business – and insurance companies won’t insure you against this kind of fraud. It’s a serious issue for all online retailers and one where there is better protection needed.”

BRW

Comments (0)