Sumsub
The Sumsuber

Best practices for KYC/AML

How to
2019-12-19
3 min read

Ways to Fight Online Payment Fraud

Sumsub Team

All-star

Anti-fraud is important. Above all, it is important for AML, as fraudsters go out of their way to launder money, and businesses need to protect not only their finances but the reputation of the platform.

Here are some of the steps to prevent different types of payment fraud, make sure your business is running well and let your clients avoid malicious scams.

Cases of online payment fraud and what you can do about them

Fraud differs by its focus—it can be targeting a customer or company. However, in both of these cases, the company takes the hit. If you are a company and your user gets robbed, it is not only your reputation that gets damaged—you will also have to take responsibility and pay for the inflicted losses.

Here are the most typical fraud cases and how to avoid them.

1. Impersonation of trusted services

A user receives a call from an imposter who introduces himself as an internet provider and informs the user of a refund. To receive it, the user has to give over his card details, which he does. Later that evening the user realizes that money was stolen from his account.

What can a company do to prevent fraud:

  • Urge clients not to disclose their account details over the phone unless the contact is confirmed as legitimate.
  • Warn customers not to share sensitive information via social media.
  • Provide clients with guidance to the most common fraud cases.

2. Stolen card details

A user orders a bunch of Christmas decorations off of AliExpress and a week later receives a notification of a big purchase allegedly made by her in China. She, of course, knows nothing about it.

What can a company do to prevent fraud:

  • Validate that the purchaser is the cardholder via card security codes, address verification service (AVS) or other anti-fraud systems.
  • Make sure IP location matches credit card address, track unusual purchase geolocations.
  • Verify the payment method. Ask users to add a payment card to their user accounts, submit personal data and a selfie of them with the card itself. Services like Sumsub can automatically scan the photo for traces of editors, put the data through existing fraud databases and verify the identity.
  • Contact cardholders directly to authenticate an order or transaction.

3. Unprotected bank transfers

A user wants to buy an iPhone 8 for £400 through an online marketplace. The seller asks for a bank transfer instead of the website’s payment channel. The seller ensures Paul it would be quicker and there won’t be any fees to pay. The user paid, the phone hasn’t arrived.

What can a company do to prevent fraud:

  • Use an anti-fraud system to track payment card numbers, IP addresses and email addresses associated with fraudulent transactions.
  • Encourage customers to make payments only through trusted services.
  • Flag orders with quantities or transaction values beyond the norm.

4. Chargeback fraud

A user calls his credit card company to request a chargeback on a TV he says he never ordered. The merchant apologizes without suspecting a scam and transfers the money back. The fraudster gets both, the purchase and the money.

What can a company do to prevent fraud:

  • Analyze each charge for fraudulent patterns and suspicious payment history.
  • Demand users to confirm their payment method by a selfie with a relevant document as a part of general onboarding or activate a letter per transaction mailout, confirming each transfer with your electronic signature. Sumsub team will be happy to show and explain the flow.
  • Screen data against leaked to the Dark market documents, compromised email addresses, phone numbers and the internal databases of blocklisted users.
  • Document transactions with copies of emailed receipts, that can help prove customers’ authorized charges.

To safeguard your company, its budget and reputation, it is better to have multiple security layers by using sophisticated automated tools. Sumsub fights real cases of payment fraud for years, in fintech, gaming, trading and e-commerce.

Multilayered fraud defense starts here. Take action.

Share

Keep reading

Logo

© Sum and Substance Ltd (UK), 2015-2022. All rights reserved. Privacy noticeCookie policyTerms of useCCPA Privacy Notification

Data Protection Registration Number: ZA222205. Company Registration Number: 09688671. Address: 30 St. Mary Axe, London, England, EC3A 8BF.

We use cookies to improve the functionality of our site, while personalizing content and ads. You can enable or disable optional cookies as desired. For more detailed information about the cookies we use, see our Cookie Policy

Manage Cookies
Required cookies are always on.

  • Required cookies are key to the operation of our site. They enable you to navigate our website and use its features. They cannot be turned off. Without these cookies, the website cannot function properly. Please be aware that these don’t collect information that can identify you.
  • These cookies help to improve our website by collecting information about your interactions with it. They show us which pages are most frequently visited and help us to record the difficulties that you may have while using our website.
  • These cookies are used to enhance the performance and functionality of our website but are non-essential. However, without these cookies, certain functionalities like videos may become unavailable, or you would be required to enter your login details every time you visit our website as we would not be able to remember that you had logged in previously.
  • These cookies collect information about your online activities over time, in order to personalize advertisements. They also allow us to limit the number of times you see our ads across your devices and measure the effectiveness of our marketing campaigns.