UK merchants say online fraud is the greatest threat they face, according to an independent survey conducted for CyberSource's Sixth Annual UK Online Fraud Report.
On average, the survey found that merchants lost an average of 1.8% of online revenue to payment fraud in 2009. 1.6% of orders that were accepted proved to be fraudulent, the survey found, although rates under 1% were common.
The rate at which orders are rejected due to suspicion of fraud remains high at an average of 4.6%. This figure has been relatively consistent over the years, says CyberSource, and points to a continuing challenge for online merchants since some of the rejected orders are likely to be valid, resulting in lost revenue.
"Online fraud represents a significant revenue loss for merchants," says Dr Akif Khan, co-author of the Fraud Report and head of client and technical services at CyberSource. "It's not just the cost of fraudulent orders that needs to be considered, but also the additional costs of rejecting valid orders, administration of fraud claims and paying for the maintenance of internal systems."
The survey indicates that one of the most dramatic shifts in recent years has been the increased awareness and concern about the theft of customer data. In 2007, just 6% of merchants ranked it as a serious threat. Over the past two years this figure has jumped to over half of merchants. It now ranks second only to online fraud in importance.
The survey also found that merchants continue to rely on manual review. Over 70% of merchants surveyed manually check orders as part of their fraud management process and 5% manually review every order. Of manually checked orders 69% are ultimately accepted, with one-third of merchants accepting more than 91% of reviewed orders.
"These figures haven't changed significantly over the last year and it's a cause for concern that so many manually reviewed orders are actually accepted," Khan adds. "Manual review represents a critical area of profit leakage. If not managed effectively it can be expensive, limit scalability and impact customer satisfaction. Merchants should focus on improving the accuracy of their initial automated screening so that only truly suspicious orders are subject to this additional layer of authentication."
Readers can download a copy of the full report free of charge from CyberSource's website.