💡 A transaction is labelled fraudulent when a customer’s credit card information is used unlawfully. Although card fraud affects all online activities, some types of activity such as crowdfunding donations are more vulnerable than others.
A fraud is identified when the cardholder informs their bank that they’re not the originator of a transaction on their account statement, and therefore asks the bank to block the transaction (usually within 120 days). The cardholder's bank then begins a procedure to recover the unlawfully debited funds and reimburse the cardholder.
Card payments are intrinsically susceptible to fraud and it is important to take this into account when drawing up your business plan and establishing day-to-day operations.
Although you ultimately bear the responsibility for combating card fraud, Lemonway strives to minimise this risk and protect you from fraudulent behaviour as much as possible.
Lemonway’s Anti-fraud Policy
Learn more in our 👉 dedicated article
What is 3D Secure v2?
3D secure v2 is the latest iteration of the 3D secure protocol. It is a part of the finance industry’s drive to improve payment security, improve customer experience, as well as reduce fraud. In the European Union, this drive has been largely prompted by extensive financial regulation, known as Payment Services Directive (PSD2). This regulation requires merchants to apply SCA (Strong Customer Authentication) on transactions. This new version of 3D Secure addresses the deficiencies of the previous version. The main improvements include:
- Better experience for users across multiple devices
- Offers better improved security with emphasis on SCA with Two Factor Authentication (2FA) and biometric authentication
- Frictionless support where there is a low transaction risk
- Better risk analysis, meaning that security is vastly improved
- Non-Payment Authentication
Risk Based Authentication (RBA)
What is RBA? Risk authentication is applied by the card issuer to determine whether a transaction is associated with a certain level of risk. Risk levels are based on a set of criteria that include, but not limited to:
- The transaction value
- User/Card behavioural history
- Transaction history
- New or existing user
RBA permits the use of frictionless payments in some situations. What does frictionless exactly mean? For example, a customer that makes low-value transactions often, in the country where their card is issued, and on a device that is routinely authorized. The card issuer might determine this transaction as low-risk, therefore the card owner would not be subject to authentication.
What are the benefits of Frictionless Payments?
- Payment can be made quickly without customer verification, based on their risk assessment
- Greater user experience which leads to less abandonment during the payment process. A user is more likely to abandon a payment process the harder it is made for them to finalize a transaction.
Non-Payment Authentication using 3D Secure v2 protocol does more to prevent online fraud. Fraudsters continue to try to find ways to get access to credit and debit card data and hence there is still a significant online population that does not feel comfortable making online payments.
What commonly occurs is known as customer checkout drop off or transaction abandonment. Essentially a customer who is about to purchase an item is confronted with a payment pop-up screen that requires them to enter personal card information. This can be particularly stressful and lead to suspicion of fraud. Non-Payment Authentication reduces drop off, takes away the consumer stress and hesitation from the checkout stage of a purchase.This is done by shifting the 3D Secure verification away from the final payment stage to a different environment.
Managing and limiting the risk of fraud
Lemonway gives you a certain amount of information about transactions carried out on your platform. We recommend that you set up alerts (checks that can be performed manually from your dashboard or automated via the API) specific to your activity in order to detect potentially fraudulent behaviour.
Here are some indicators you can track:
- A sudden increase in the number or volume of incoming transactions
- A sudden drop in the card acceptance rate
- A significant or abnormal increase in your card chargeback rate
- A card chargeback rate in excess of 0.2% per payment account
- A refund rate in excess of 0.5% per payment account
- Significantly higher payments than the usual average basket
- Requests for cash disbursements less than 48 hours after receiving a payment
- Multiple disbursement requests in a very short period of time
- An increase in the number of transactions at unusual days/times
- Use of the same bank card for different purchases with different identities or on several different payment accounts
What should I do if I have any doubts?
If you think you have identified fraudulent behaviour on your platform, immediately freeze the suspicious wallets and 👉 contact Lemonway immediately providing us with as much information as you can (transaction ID, screenshots and so on.), so that our fraud experts can investigate and provide you with recommendations and solutions.
💡 As a general rule, we recommend that you do not inform the relevant customer/cardholder of your suspicions, in order not to jeopardise the investigation. You can always 🚫 block disbursement requests from this customer on the pretext of a technical error if questioned.