Managing E-Commerce Risk
Steps to Managing E-Commerce Risk - The following steps have been identified as those that are most important to managing e-commerce risk. These steps ( E-Commerce Start-Up, Web Site Utility, Fraud Prevention, Credit Card Acceptance, Cardholder Information Security Program, and Charge-back and Loss Recovery ) serve as a general framework for the best practices presented:
1- Know the risks and train your troops
Your exposure to e-commerce risk depends on your business policies, operational practices, fraud prevention and detection tools, security controls, and the type of goods or services you provide. Your entire organization should have a thorough understanding of the risks associated with any Internet transaction and should be well-versed in your unique risk management approach.
2- Select the right Acquirer and service provider(s)
If you have not yet launched an electronic storefront, you need to partner with a Credit card Acquirer that can provide effective risk management support and demonstrate a thorough understanding of Internet fraud risk and liability.
You also want to take a good, hard look at any service provider before you sign a contract. The bottom line is does the service provider have what it takes to keep your cardholder data safe and minimize fraud losses?
Web Site Utility
3- Develop essential Web site content
When designing your Web site, you should always keep operational needs and risk factors foremost in mind. Key areas to consider are privacy, reliability, refund policies, and customer service access.
4- Focus on risk reduction
Your sales order function can help you efficiently and securely address a number of risk concerns. You can capture essential Credit card and cardholder details through such actions as highlighting required transaction data fields and verifying Credit card and customer data that you receive through the Internet.
5- Build internal fraud prevention
By understanding the purchasing habits of your Web site visitors, you can protect your business from high-risk transactions. The profitability of your virtual storefront depends on the internal strategies and controls you use to minimize fraud. To avoid losses, you need to build a risk management infrastructure, robust internal fraud avoidance files, and intelligent transaction controls.
6- Use Credit card tools
To reduce your exposure to e-commerce risk, you need to select and use the right combination of fraud prevention tools. Today, there are a number of options available to help you differentiate between a good customer and an online thief.
7- Apply fraud screening
Fraud-screening methods can help you minimize fraud for large-purchase amounts and for high-risk transactions. By screening online Credit card transactions carefully, you can avoid fraud activity before it results in a loss for your business.
8- Protect your merchant account from intrusion
Using sophisticated computers and high-tech smarts,criminals are gaining access to shopping cart and payment gateway processor systems, attacking vulnerable e-commerce merchant accounts, and committing merchant deposit fraud. By taking proactive measures, you can effectively minimize this kind of cyber-attack and the associated fraud risks.
Credit Card Acceptance
9- Create a sound process for routing authorizations
Before you accept Credit cards for online payment, you must ensure that you have a secure and efficient process in place to submit authorization requests through the Internet.
10- Be prepared to handle transactions post-authorization
There are a number of steps you can take to deal effectively with approved and declined authorizations before you fulfill an order. The idea here is to apply appropriate actions that best serve your business and the customer.
Cardholder Information Security Program
11- Safeguard cardholder data through CISP compliance
Credit Cardholder Information Security Program (CISP) provides e-commerce merchants with standards,procedures, and tools for data protection. For maximum security, you need reliable encryption capabilities for transaction data transmissions, effective internal controls to safeguard stored card and cardholder information, and a rigorous review of your security measures on a regular basis. The CISP digital dozen requirements can help you protect the integrity of your operations and earn the trust of your customers.
Charge-back and Loss Recovery
12- Avoid unnecessary chargebacks and processing costs
For your business, a chargeback translates into extra processing time and cost, a narrower profit margin for the sale, and possibly a loss of revenue. It is important to carefully track and manage the chargebacks that you receive, take steps to avoid future chargebacks, and know your representment rights.
13- Use collection efforts to recover losses
You can often recover unwarranted chargeback losses through a well-thought through collections system.
References: E-Commerce Merchants’ Guide to Risk Management