Treasury News Network

Learn & Share the latest News & Analysis in Corporate Treasury

  1. Home
  2. Fraud Prevention
  3. Minimizing Payment Fraud

Ecommerce merchants subjected to more payment fraud attacks than in previous years

Ecommerce merchants are “Facing more fraud attacks than they have in prior years. The number of different types of fraud experienced by the average merchant this year rose from three to four”, according to the 2024 Global eCommerce Payments & Fraud Survey Report, produced by the Merchant Risk Council (MRC) along with Visa Acceptance Solutions and Verifi.

The 25th edition of this study polled over 1,100 merchants, encompassing a diverse array of small businesses (US$50,000 to <$5million), mid-market ($5 million to <$50 million) and enterprise merchants ($50 million+). These organizations are based in more than 35 countries spanning North America, Europe, Asia Pacific (APAC) and Latin America (LATAM).

As in previous years, the primary objective of this report is to present transparent and impartial research on global merchants’ perspectives on current ecommerce payments and fraud trends and issues. Here are the key takeaways:

Merchants correlate highest fraud rates with the most widely accepted payment methods

A key finding from this year’s survey is that eCommerce merchants perceive a clear and strong connection “Between how widely accepted and used a certain payment method is and how high the risk or rate of fraud is for that method.” This suggests that merchants believe the most popular payment methods are considered to have the highest rates of fraud.

Put simply, when queried about which of their accepted payment methods had the highest rates of fraud, merchants ranked cards and digital wallets as the top two, followed by mobile payments, buy now pay later (BNPL), debit transfers, and real-time payments.

                              Payment Method Acceptance Versus Fraud Rates

Source: 2024 Global eCommerce Payments & Fraud Survey (MRC, Visa, and Verifi)

The strong link between payment method acceptance and fraud rates, as depicted in the figure above, underscores the need for treasury, payment and fraud control professionals in the ecommerce realm to be mindful of this correlation and factor it into their future plans and strategies for both payment acceptance and fraud prevention.

Fraud on the rise, with first-party fraud (misuse) emerging as a growing challenge

Ecommerce merchants are encountering a wider variety of fraud attacks. In fact, as per the survey, the average merchant has experienced a marked increase in the number of different attacks, and several types of fraud have also risen notably in incidence, compared to last year.

Merchants, in particular, cited increased occurrences of first-party misuse (or first-party fraud), account takeover, loyalty fraud, triangulation schemes, and affiliate fraud, than those reported in 2022 and 2023.

                              Types of Fraud Experienced By Merchants (2022-2024)

Source: 2024 Global eCommerce Payments & Fraud Survey (MRC, Visa, and Verifi)

Topping the list of most prevalent forms of fraud, refund/policy abuse and first-party misuse now impact almost half of merchants, globally.

“These fraud threats are especially difficult to counter because they are not related to attacks stopped in real time; rather, they generally occur post-purchase as customers and/or fraudsters attempt to obtain merchant goods or services for free. Thwarting these forms of fraud requires merchants to apply multiple tools and tactics pre- and post-purchase”, advises the survey report.

Other types of fraud that persist as significant threats include Phishing, card testing, and identity theft, all of which continue to pose serious risks.

Payment fraud erodes merchants’ revenue and weakens partner and customer relationships

The survey findings reveal that merchants experienced substantial direct losses from ecommerce fraud, resulting in both lost revenues and fraudulently acquired goods and services. For example, as shown in the figure below, “Merchants estimate the share of total eCommerce revenue lost to payment fraud to be 3% annually, skewing higher in Europe and APAC as well as for small businesses (SMBs) and midsize merchants.”

An equivalent share of total ecommerce orders is found to be fraudulent, with the rate being particularly higher for North American merchants and SMBs.

                              Fraud Impact KPIs – Overall And By Region, Size Segment

Source: 2024 Global eCommerce Payments & Fraud Survey (MRC, Visa, and Verifi)

Furthermore, ecommerce merchants state they declined around 6% of annual orders due to suspected fraud, with this rate skewing higher for North American merchants. They also indicate achieving low win rates—below 20%—on fraud-coded chargebacks and disputes, with European merchants noting a much lower win rate of about 10%.

The survey goes on to elaborate that the impact of fraud extends to merchant relationships, causing strain and conflicts with customers and commercial partners, such as card issuers and fulfillment vendors, as well as damaging brand reputation.

An indicator of this trend is the frequency of “customer insults”, or false positives that merchants face with ecommerce orders. The survey report shows that while most merchants report false positive rates ranging from 2% to 10% of total ecommerce orders, one in five encounter rates greater than 10%, with enterprise merchants (enterprises) seeing a significantly higher incidence.

In conclusion, as payment methods and types of payment fraud proliferate, merchants are also striving to refine their strategies and tactics for mitigating payment fraud.

According to the survey report, nearly half of ecommerce merchants intend to ramp up their spending on fraud management tools and technologies over the next two years in an effort to reduce fraud and chargebacks. Specifically, the majority of merchants plan to enhance their use of AI and ML-powered fraud management tools within the next 12 months to prevent, detect, and combat payment fraud.

Of particular importance for ecommerce merchants is the need to provide specific and consistent payment fraud training (securetreasury.com) for their employees—training that is distinct from general cybersecurity training. This targeted approach will be crucial in minimising the impact of payment fraud losses in a world of real-time payments, geopolitical tensions, and economic uncertainty.

Like this item? Get our Weekly Update newsletter. Subscribe today

About the author

Also see

Add a comment

New comment submissions are moderated.