Online fraud – the dark side of the customer journey

online-fraud-672x372

Sadly, fraudsters blight the internet.

It’s one of the less appealing by-products of the digital era. Open your e-mail and the chances are that at least once or twice a month there will be a phishing e-mail attempting to persuade you to part with personal account details. Run a search and you may find yourself on a site that exists only to harvest credit card numbers or deposit malware on your PC. And of course, if you operate an e-commerce website, your business will probably experience actual or attempted fraud on a daily basis.

The scale of the problem is enormous. According to a report published last year by the Cabinet Office, fraudsters netted £670m from unsuspecting Britons in the twelve months to August 2014. Meanwhile a Get Safe poll found 51% of Britons had direct experience of online crime.

Perhaps we shouldn’t be surprised. When a fraudster walks into a physical store and buys goods with a stolen credit card, the risks are quite high. Even if the scam succeeds, the chances are that he or she will be caught on CCTV or identified by a witness. Internet fraud, in contrast, is distant and anonymous. The criminal who sends a phishing e-mail from a far-off country or who breaks into an online account is almost impossible to track.

Fraudulent activity on an e-commerce website can take many forms. It may be as simple as a fraudster using a single stolen credit card to buy goods or services. A more professional criminal armed with hundreds of stolen cards may run through them all on a single website to ascertain which have yet to be reported missing (and are therefore still working) and which are protected by password security systems put in place by banks. In other cases, a fraudster might use incomplete information – such as a user name but no password – as the basis for an attempted break into a customer account.

The signs of fraudulent activity include:

  • Unusual activity, such as multiple login attempts. Everyone forgets their password from time to time, so a repeated attempt at logging in isn’t a cast iron signifier of fraud, but is an indication that something may be amiss.
  • Unusual patterns of behaviour. Such as several cards being used.
  • Unusual addresses.

The challenge for the merchant is to spot the signs (to prevent a fraud taking place) or failing that provide the police with the documentation they need to pursue a prosecution. In other words, it’s important to act quickly (if you can) to stop the fraud or collect evidence if the crime takes place.

The Fraudster’s Journey

UserReplay provides an effective tool to combat fraudsters. Although primarily designed to record and replay the journeys of legitimate customers -and in doing so provide a means to identify and remedy obstacles to conversion – UserReplay can also be deployed to identify unusual behaviour that might indicate fraud.

Think of it this way. Fraudsters are also on a “customer journey” of sorts and their movements can be recorded page-by-page and click-by-click. Thus if a fraudster attempts multiple logins to break into an account, his or her efforts will be captured and can be played back. This record facility can be linked to analytics configured to identify certain types of behaviour. So when the multiple login attempt takes place, managers are alerted and action is taken. 

Equally important, every page of the fraudster’s journey can be replayed, printed out and sent to the police as evidence that a fraud has taken place. This can play an important role in building a prosecution case.

UserReplay is there to help create a better experience for your legitimate customers. It can also make life a lot more difficult for fraudsters.


Photo: Don Hankins/flickr cc