A DATA-CENTRIC APPROACH TO AUTHORISING CUSTOMERS’ ONLINE TRANSACTIONS

Shagun Varshney, Signifyd Senior Product Manager, Payment Solutions

 

As online shopping continues to grow, so too does the level of fraudulent orders. But often, the most costly and damaging part of fraud for merchants is not the fraud itself, but the valid customer orders that are mistaken for fraud and are rejected by the merchant or bank – research suggests around 30% of declined orders are false declines.

Merchants are constantly battling a double-edged sword between allowing orders to be processed that run the risk of being fraudulent, or declining orders that seem suspicious and end up damaging relationships with genuine customers. In the peak season, this becomes even more challenging as order volumes increase, along with fraudulent activity.

Against a backdrop of upcoming SCA regulation changes, supply chain issues and increasing customer demand in the lead up to Christmas, retailers can’t afford to lose transactions and damage relationships with customers.

This perfect storm calls for a new approach to risk management, where retail fraud teams focus on optimising business. For instance, bringing value by maximising the number of orders approved and facilitating the newer ecommerce channels, such as click-and-collect.

 

How the payment ecosystem works

Online payments have become so lightning-quick and seamless (for the most part) that it can be surprising to learn how many hoops a transaction has to jump through in order to be authorised and settled. As soon as a customer clicks “buy,”  a whole series of digital cogs begin to turn, each of which can put the brakes on a transaction. It begins with the payment gateway:

Payment gateway: Payment gateways are the card machines of the internet: when a customer clicks “buy” in your online store, they are taken to a payment gateway to enter their payment details. The payment gateway moves the cardholder and transaction information among the different players. And it lets the customer know whether the purchase has been authorised.

Acquirer: A bank that works for the merchant, processing credit card transactions by routing them through the networks run by card companies such as Mastercard or Visa to the cardholder’s bank, or issuer. Acquirers sometimes look to third parties to help with processing payments.

Credit card network: The acquiring bank and issuing bank communicate with one another via a credit card network. Visa and Mastercard are examples of credit card networks.

During a transaction, the credit card network will relay authorisation and settlement messages between the acquiring and issuing banks, charging a small fee to each. Some credit card networks are also issuing banks (e.g. American Express) but most are not.

Issuer: The issuing bank is the financial institution which provides the customer’s bank account or credit card. An issuing processor sits in front of the issuing bank and handles authorisation requests from the credit card network on its behalf. It then authorises and settles the transaction.

 

Why false declines occur

Banks and payment companies decline payments for a host of reasons, some of them quite reasonable. Most often a payment is turned down because a card’s credit limit isn’t sufficient to make the purchase. Transactions are also scotched if card information is entered incorrectly — say the CVV code offered is wrong — or if the card or information provided is outdated.

Payments are also declined to protect both the consumer and the merchant. If a bank believes a lost or stolen card is being used it will decline the transaction. Technical hiccups, such as an outage at the issuing banks can also cause a decline.

While protecting customers and merchants is all well and good, problems arise when banks mistake a good order for a fraudulent one. These payment rejections are referred to as false declines.

The good news is the majority of declines are not due to nefarious activity and are therefore recoverable. But maximising your authorisation rate – i.e. the percentage of customer payments you take which are approved and settled – can still be a real balancing act.

 

A data-centric approach to improving authorisation rates

  1. Provide more data. Large issuers such as Capital One and Amex have reported that submitting additional data from the merchant-side led to a 1% to 3% increase in authorisation rates and significantly reduced false declines. Providing more merchant-side data to issuer banks and payments companies gives them more evidence a transaction is legitimate.
  2. Use quality fraud tools. Effectively managing online fraud carries benefits beyond the obvious. Yes, merchants lose less revenue through bad orders and are able to confidently ship more good orders. And they also build a reputation with the financial institutions. Retailers that turn to highly effective machine learning and artificial intelligence driven solutions send cleaner traffic to the banks reinforcing the idea that their orders are highly likely to be legitimate. Conversely, retailers that send a relatively high percentage of fraudulent transactions to banks, will find those banks broadening the set of transactions they decline. It becomes something of a death spiral for revenue.
  3. Authenticate payments when required. Besides deploying innovative fraud solutions, European merchants need to be deliberate in the ways they authenticate customers in the era of PSD2 and strong customer authentication (SCA). The key to success rests in intelligently managing exemptions and exclusions when deciding the most efficient route meeting new payment regulations. Wisely relying on exemptions will allow a significant percentage of transactions to be exempted from SCA and will ensure that each individual customer is receiving the best customer experience available. Properly deploying exemptions and exclusion — which apply, for instance, based on the order value, the origin of the transaction, and a merchant’s fraud history — is a complicated prospect, but an ecosystem of providers has grown up to help with the challenge. Adding intelligent exemption tools goes hand-in-hand with relying on robust fraud protection solutions. Establishing a record of sending clean transactions to the banks will encourage them to become less conservative in authorising orders. High authorisation rates begetting high authorisation rates becomes a virtuous cycle.
  4. Accept digital wallets. Be discerning when selecting a payment service provider. For instance, be sure you’re able to accept Apple Pay, Google Pay and other digital wallets, as they require two-factor authentication and are more likely to pass fraud filters.
  5. Enable card account updater. Many payment processors can automatically update your customer’s card details if they expire or are renewed. Check with your processor to make sure they offer an account updater, and that it’s enabled.
  6. Payment Routing. Payment routing solutions analyse your particular payment ecosystem and use historical data to determine the transaction route which is most likely to result in a successful authorisation. This can be especially useful if your customers are from all over the world, and not based in just one country.

Being deliberate and thoughtful when it comes to building your authorisation optimisation strategy can make a real difference in the conversions you see every day. As importantly, taking the steps to increase authorisation provides your customers with a better shopping experience and a bigger incentive to visit your ecommerce store again and again.

 

spot_img

Explore more