How To Protect Your Business From Fraud With Megan Blissick of Signifyd

Google Podcast

Megan Blissick

Megan Blissick is the Head of Global Agency Partnerships at Signifyd, the leader in ecommerce protection. Megan’s background includes a widespread ecommerce experience, ranging from brand management to digital marketing and advertising, in addition to building partnerships throughout the SaaS ecosystem.

Signifyd provides an end-to-end commerce protection platform that leverages its commerce network to maximize conversion, automate customer experience, and eliminate fraud and customer abuse for retailers. Signifyd uses big data and machine learning to provide a 100% financial guarantee against fraud and chargebacks on approved orders. This effectively shifts the liability for fraud away from ecommerce merchants, allowing them to increase sales and open new markets while reducing risk.

Signifyd counts among its customers many companies on the Fortune 1000 and Internet Retailer Top 500 lists. Signifyd is headquartered in San Jose, CA, with locations in Denver, New York, Mexico City, Belfast, and London.

Here’s a glimpse of what you’ll learn:

  • The most common frauds in ecommerce
  • How return frauds can be circumvented
  • Creating a more sophisticated fraud prevention system
  • Why companies need more protection from fraud and losses
  • Navigating the difficult landscape of subscription fraud
  • Best practices for ecommerce businesses
  • Preventing bot-based attacks in larger companies
  • The difficulty of returns and how to handle them

Like what you see?

We'd love to hear from you! Contact us to get your Magento project started.

In this episode of the Ecommerce Wizards Podcast

Fraud is an unfortunate reality for ecommerce businesses, but what if it could be effectively and consistently prevented?

Both fraud and fraud protection are in a constant game of cat and mouse, with new issues and solutions being introduced every day. Most companies can’t afford to stay on top of these trends, so they only treat the symptoms rather than the underlying causes. The best solution is to have a dedicated service specializing in ecommerce fraud. A few of these exist, and Signifyd is leading the charge with its knowledgeable staff. So while fraud can never be fully prevented, now you can stay one step ahead.

Guillaume Le Tual joins Megan Blissick, the Head of Global Agency Partnerships at Signifyd, on the Ecommerce Wizards Podcast to discuss fraud in ecommerce and the best preventions. They start with the common issues in the current ecommerce landscape and what measures are being taken to deal with them. They also get into returns, subscriptions, and bot-based attacks and the unique challenges each one brings.

Resources Mentioned in this episode

Sponsor for this episode...

This episode is brought to you by MageMontreal.

MageMontreal is a Magento-certified ecommerce agency based in Montreal, Canada. MageMontreal specializes in and works exclusively with the Adobe Magento ecommerce platform, and is among only a handful of certified Adobe Magento companies in Canada.

Why Magento? Mage Montreal wholeheartedly believes that Magento is the best open source ecommerce platform on the market–whether you are looking to tweak your current website or build an entirely new website from scratch.

MageMontreal offers a wide range of services, including Magento website design and development, Magento maintenance and support, integration of Magento with third-party software, and so much more! They have been creating and maintaining top-notch ecommerce stores for over a decade — so you know you can trust their robust expertise, involved support, and efficient methodology.

So, if your business wants to create a powerful ecommerce store that will boost sales, move dormant inventory to free up cash reserves, or automate business processes to gain efficiency and reduce human processing errors, MageMontreal is here to help!

What are you waiting for? Contact MageMontreal today! Visit or call 450.628.0690 to chat with the MageMontreal team about creating your dream ecommerce store and transforming your business.

Interested in our content?

Subscribe to our newsletter to get notified when we release a new podcast episode or new blog post.

Episode Transcript

Guillaume: Hello everyone. Guillaume Le Tual here, host of the e-commerce Wizards Podcast where I feature leaders in e-commerce and business. Today’s guest is Megan Blissick. She’s the head of Global Agency Partnerships at Signifyd and today we’ll be talking about fraud, especially e-commerce frauds, shipping frauds and so on. It’s a very annoying topic for merchants, but it’s really worth the time to learn about.

Before we get started we have two things; firstly, a shout out to Robert Rand JetRails hosting. Thank you Robert, this episode would not exist today because Robert connected us like a knife. We also have a sponsorship message, this episode is brought to you by MageMontreal. If a business wants a powerful e-commerce online store to increase their sales, or to move piled up dormant inventory to free up cash reserves or to automate business processes to gain efficiency and reduce human processing errors, our company MajorMontreal can do that. We’ve been helping e-commerce stores for over a decade. Here’s the catch. We’re specialized in and only work on the Adobe Magento e-commerce platform. We do everything Magento-related. If you know someone who needs design, development, maintenance, training, debugging, we got their back. Email our team, [email protected].

So Megan, thank you for being here today.

Megan: Thanks for having me.

Guillaume: Can you tell us a little bit about yourself and your background in the e-commerce front?

Megan: Yeah, absolutely. As you mentioned, I’m currently the head of Global Agency Partnerships at Signifyd, so I oversee our relationships with all of our system integrators. Prior to this, I was head of client success at a digital marketing agency. Before that I was actually all the way on the brand side. So I’ve really seen my way around the e-commerce ecosystem.

Guillaume: Thank you Megan. So let’s dive right into the topic, fraud. I will let you lead. You’ve seen a lot of e-commerce fraud in your current company, you know a lot about this. So what are the frauds that are trending the most right now?

Megan: Yeah, absolutely. So before I joined Signifyd I really didn’t know much about fraud in e-commerce. Working in digital marketing my goal was to get people to hit the buy button. What you don’t realize is, for one, how many of those people that hit the buy button aren’t people, they’re bots, they’re fake, they’ve got a stolen identity or a stolen credit card. And how many of those are legitimate customers that are hitting the buy button and being told that they can’t transact because of fear of fraud. So we’ll definitely go into both of these topics.

Starting off on your question, there’s actually a lot of different types of fraud that can hit a website. If we look all the way back to I would say it’s kind of a fraud 1.0, a stolen credit card is probably the one that we’re most familiar with. You might have seen that transaction show up on your credit statement and you’re like, ‘Oh, that wasn’t me’. So this is the fraud that I think we’re all pretty familiar with, but fraud takes many different shapes and forms. One of the more recent trends that we saw in fraud especially when pandemic hit, was actually romance fraud. Romance fraud is when someone poses as a partner on online dating sites, something like that. They essentially build a relationship with another person and then utilize that relationship to defraud that person.

Guillaume: That is so horrible.

Megan: I know. It’s pretty tough. This is a long standing play, it has been around for a while. The proliferation of lockdown really accelerated romance fraud. A lot of people got stuck in different countries, a lot of people got stuck without everything that they needed when we first hit a lockdown. So it was pretty easy for someone to say, I’m stuck in X country. I need $1,000 to get a laptop and a plane ticket, will you send that to me? We saw this happening across the board. That really ends up showing someone that’s getting scammed out of 1000s and 1000s of dollars.

Guillaume: I guess through Signifyd you sort of saw that unfortunately happen. The victim or the merchant had some claim because it was a fraud scheme through romance where they had to ship merchandise to their supposedly loved one, then you guys had to investigate all that fraud stuff.

Megan: Exactly. We got a lot of these different fraudlence because the patterns are pretty similar when they start happening across the board. So that kind of gives you a little bit of how Signifyd works, is that we sit right at that payment gateway within 1000s of merchants around the world. So we’re able to see the transaction level data happening in real time with those merchants. When we see someone pinging at six different stores within 30-40 seconds that can be a pretty quick indicator that something’s amiss, a lot of people don’t usually shop that way. So we’re really able to capture things at the point of sale, identify that erroneous behavior and stop that across our entire network. So we’re able to protect merchants because they’re part of that Signifyd commerce protection platform.

Guillaume: It’s interesting because if you’re talking about e-commerce fraud I would not even have thought about romance fraud because to me it was a totally different category that they will fool people before it happens, but that’s not related to any commerce merchant. Actually it can be the merchant that’s shifting your merchandise to that kind of scheme, then you have a chargeback or some kind of system like that. That’s an interesting one. Which other ones do you have? We hear about shipping problems, I guess return problems.

Megan: Yeah, absolutely. Another type of fraud that we’ve seen, really, really strongly take off is of ‘item not received’. That’s when a customer will get their product delivered to them, they will claim that they did not receive the item. We actually ran a survey on this in the UK, and we found that 30% of our survey respondents said that at some point they claim that they’ve not received an item that they actually had gotten delivered to them. That’s the people that said that they did it, so we’ve got some very honest people on these surveys.

Guillaume: That is surprising. Anyway, what can a merchant do to protect himself or herself from that kind of fraud?

Megan: The tricky part of fraud is that every merchant has to balance fraud with what we call in the industry an insult rate. So we’ll take for example, have you had any packages that you’ve gotten stolen in the past?

Guillaume: Not me. I’m in a good neighborhood but have many employees who had stuff shipped to them and clearly it was getting stolen off the porch.

Megan: Exactly. So put yourself in those shoes. It’s happened to me before. You order something, you’re very excited about it but the supply chain is a mess. It takes four weeks to get there, you get home and the item is not there. FedEx says that they shipped it, they delivered it, it landed there. You check with your neighbors, you check everywhere and it’s not there. So you go to the website and say, hey, I didn’t get my product, I’d like you to ship me another one or refund my order. And they say, ‘We think you’re lying, we’re not giving you your money back and we don’t have your product’. That’s probably the worst thing you can do to a legitimate customer, and that’s a great way to guarantee they will never shop with you again.

So we have to balance that insult rate because you can really kill lifetime value. Also, you know, ratings and reviews exist for a reason that customers will go and make themselves heard, I can promise you that. So we have to balance that with actual fraudulent customers, people that are taking advantage of a store that they know they can order 1,2,3 times and say that they never got their product and just get another one back or get a refund. So when merchants work with Signifyd we have ‘items not received coverage’. We’ll actually have our team go in and investigate each and every one of those claims. They’ll go back and determine whether or not that was a legitimate customer or not, whether or not they actually received their product, and then work to have that chargeback claim reversed if it is fraudulent.

Guillaume: Yeah, because let’s be clear, the credit card company protects the consumer. So it’s not like it’s the merchant’s word versus the consumer’s, where the consumer is always right and the merchant is guilty until proven otherwise. So that’s how the credit card company works. For sure for a merchant, the first step is to ask for a photo of the delivery, whether that is technically possible with your shipping system. And that reminds me, I did have a package that they claimed was delivered to me and then I was happy they had a picture of it. So then I said, what’s the address written on your picture? I was like, but that’s not my home. So that was sort of funny as a music consumer. Every merchant, when possible, should have pictures of the delivery when it is doable. So that’s the ideal part of it, sure protection, especially if it’s a more expensive package.

Megan: Yeah. That was hard as well because you know a signature upon delivery used to be something for high value products, for age restricted products. But of course, when we have to enforce social distancing rules a lot of those signature requirements get removed. So when you ask your customer to show that they didn’t get their order, all they’re sending you is an empty hand. So you have this very challenging paper trail that you have to find and a lot of merchants just don’t have the time or resources to do that. So they have to balance whether they should insult this customer or should they eat this cost so that they are not going to lose this customer in the future, without really understanding if that is a customer that they want to keep. That’s a really interesting challenge a lot of merchants have had to face. And that’s another example of the many different faces of fraud that exist.

Guillaume: There’s also a lot of orders from before where merchants were more restrictive. If the shipping address and the billing address were not the same then there’s more risk and they will check. So if that shipping is close, maybe in the same city or the next city, then they might allow it. But if this shipping is much further away they would decline or do calls and try to really investigate if it’s worthwhile to ship this order. Or if it’s likely, they’ll just get a chargeback because it’s a fraud case. But now with COVID, a lot and a lot of billing and shipping address mismatches aren’t shipping now because people don’t go to the office. If I’m not going to the office on that day and I need to ship something, guess what? It’s going to get shipped to my home, but it’s the business address that’s on the credit card, so there’s going to be a mismatch there. So there’s a lot of that going on right now. That’s one of the big shifts with COVID, and a lot of those orders are legitimate.

Megan: And that’s a challenge that existed before COVID in terms of fraud prevention. As e-commerce has become more sophisticated so has fraud prevention, because what you’re describing is what we would call kind of a fraud 1.0. There’s manual rules that are in place, the if then equation, if the billing and shipping address mismatch, reject the order, if the CVV code is incorrect, reject the order. This catches some bad orders, of course, but how many of us have wanted to buy something on our personal card and then ship it to our office? How many times have you bought a gift online? The average consumer sends 14 gifts a year, so that’s 14 billing shipping mismatches. And they can be across the country especially when people are restricted on travel. Those can be two different countries, those can be cross border.

The rate of cross border shipments that are denied due to fear of fraud is three times that of domestic shipments. So a lot of merchants for a long time have been leaving money on the table out of fear of fraud. We find that 3% of transactions are declined due to fear of fraud, not fraud itself. And that goes back to that insult rate, you’re not going to keep a customer that you can tell is fraudulent. And even with some of the stopgaps that we put in place, you know, calling that customer and verifying their identity, that’s something that we would call manual review, it takes working hours on your merchants. It also takes a customer service team to make those phone calls and do those investigations on their own, when they could be helping good customers rather than asking their customers if they’re trying to steal from that company or not. These are all really challenging things that merchants face. Again, after the buy button, these are your highest intent customers, these are people that are saying I want to buy this product and they’re the ones that were given the most scrutiny along the way. So you’re just looking at fraud in the overall landscape. Those manual rules like they did, they did part of their job but very, very heavy handed, and of course, fraudsters can find their way around a manual rule. Those rules are static and fraud is dynamic.

We had a merchant a while ago that found that a lot of fraud was happening with red couches that were being shipped to Florida. So their solution was that if someone ordered a red couch and was shipping to Florida then they would deny the order. Yeah, it’s laughable at this point. But that was their solution and what happened is that the fraudster started ordering blue couches.

Guillaume: The value of a blue and the red couch doesn’t change much.

Megan: It really doesn’t. But these are the types of things that when we looked at we were like, oh, this is way too heavy handed and it’s not doing what we need. Then the next iteration of fraud protection for e-commerce came out in the form of scoring. That was when we started using, oh, we have this same customer shopping across different e-commerce sites. So let’s pull that data together to have a better idea of how that customer shops, do they spend five minutes on the website? Do they go directly to the PDP or do they browse around a lot? What billing and shipping addresses have they used before? What email addresses have been used before? So gathering more information about that customer themselves, looking at that in a little bit wider scope and using a bigger network to identify that consumer behavior.

But the limitation with the score is that it still leaves a lot of room for questions and that still leaves, the buck ends with that merchant. So like we said, the credit cards are out there to protect the customers but no one’s really looking out for the actual merchant. So at the end of the day, you can give them a score and you can say this is how good we think this customer is, but if we’re wrong it’s still your fault. If it is fraud that’s still on you, but we’re just giving you more data to make that decision. So that has still left that manual review in place, has still left a lot of questions, and has still left this big gap for that fear of fraud where someone could look on the line, on the fringe. You don’t have enough resources to review those orders on your own, you don’t want to take that loss, so you reject that customer. So you get that, ‘Sorry, your order couldn’t go through’. And then that customer is not going to just not buy that product they’ll just buy it somewhere else, or they’ll buy it from Amazon and you’ll take the margin hit there.

So that’s where Signifyd realized at one point, because we used to do scoring and we used to help our customers to that degree. They started asking us, can you guarantee this? Can you put your money where your mouth is? And we said, ‘Yeah, we believe in our product enough to say that if we’re wrong, and if it is fraud that we’re letting through we’ll pay you back’. So the full costs of the product shipping, taxes, fees, and everything associated with that. And we’d buy that data and feed that into our system, make better decisions in the future, and help protect our customers better.

Guillaume: So on top of the scoring system, you added the insurance system, basically on it. For companies like Signifyd and a few others, it’s a very smart product. There was a clear need in the world for this product and your company and a few others created this. It’s very smart to have a network like this, that these users sort of identified. Say, this is a valid shipping address, that customer has already shipped to that address before and was buying from Walmart, because you guys are on Walmart and as well as on their anti-fraud system. So you’ll say, we know this user from Walmart orders and it was not contested as fraud because they did ship to that address before, so it’s a safe address to ship to. So some kind of authentification system. You’ll still have the issue of, is it a new address that this customer is trying to ship to? Did he get his credit card stolen in the last 24 hours? Who knows? There’s always a risk factor, but it adds a lot of certainty and safety to know better who’s a customer because that customer is across a network of sites and it’s a known customer.

Megan: Yeah, it also lets us identify a good customer, and in case they make a mistake. I don’t know about you, but I fast finger my CVV code all the time, I type way too fast and I mess things up. The autocorrect hits a lot of words but doesn’t really get the numbers. I’ll put in the wrong CVV code and I’m too lazy to walk across the room and go read my credit card and make sure that it’s right. So I try to check out and if Signifyd has enough information to say, Megan is calling from her IP address using an email she’s had for 20 years, shipping to an address that you just shipped something to three days ago with the same billing address, but that CVV code is wrong. We’re still confident enough that it’s her and we’ll ship that order. We do think it’s Meghan even if there is this one mistake or these two mistakes here.

I moved recently, that’s another great one. You are at your new address but they’re still able to say everything else looks right, but now we have this new address on file, we’ll let it through. So that’s also where that revenue optimization started coming into play, when we realized that that fear of fraud was still what was holding our customers back, taking that liability on for them, and you shouldering that decision. The outcome of that decision allowed a lot of our merchants to start really seeing a huge revenue lift, there were a lot of good customers that were being kicked out because of the fear of fraud itself. So by changing and doing that liability shift, we’re actually able to increase our customers’ conversion rates by four to 6% on the back end.

Guillaume: Interesting average. So basically, for most of those merchants they could expect, especially if they have enough volume for it like if they already had a few million dollars of new volume, say 5 million and up, they could look at all the orders that they’ve declined in the past as potential fraud. A percentage of this we’re sure is real fraud, but there is also some lost revenue there, you say on average is like one third of those, are just like we’re not fraud, but we’re at risk of fraud. So they will be inclined to be safe and not to lose. Let’s say shipping a TV for $1,000 and the merchant losing that $1,000. There’s a potential of increasing your revenue by having a better fraud detection system that allows you to ship a few extra orders that normally you would have declined. Because anyway, if it’s wrong when the system tells you that it is safe to ship, you’re fully insured, because it’s the insurance system that says it’s safe enough to ship. But if we’re wrong we’re just going to pay you back your TV.

Megan: Exactly. Once we started offering that we started seeing a lot of growth, we started seeing a lot of our customers declining much more than they needed to. But then that’s when those other types of fraud came up. So after a few years, we started offering items not received coverage. We would actually take those cases and investigate them on our own but pay our merchants back first. First and foremost, we make sure that they’re taken care of, and then we go and try and figure out if that was a good or bad customer. This is for two reasons; one, we can recover that revenue, and second, we can better feed our systems to decide on that person in the future, and decide on those behavior patterns.

So we’ve talked about a couple of the different ways that this happens, but the ways that it’s caught can actually get pretty entertaining. We have a chargeback recovery team that goes in and investigates these claims. So going back to the shippers and saying, did someone sign for this? Did you get that photo? Did you get that address? But then we’ll also look at the full scope of a customer purchase. I think one of my favorite ones was someone that purchased a Rolex for $5,000 from one of our brands and said that they never got it. The shipping company actually got a signature on file. They also got the time and date of delivery, the signature matched the buyer. We did some of our homework on that front, but then we also did a social media profile check. And sure enough, he had taken a mirror selfie with the said watch on. So we printed that photo out and sent that to the credit card company, and they reversed the charge back.

Guillaume: Did he actually have a fine for doing that? That’s my own view on it.

Megan: I think the fine was that they had to pay up.

Guillaume: But no, because they purchased, so they had to pay up. But they tried to get away with it and it created a lot of work for other businesses. It’s actually an attempt at fraud. An attempt to steal from another company to get a Rolex because they’re big, they’re rich. But still, it’s attempting to defraud another company and to steal from them, which is just morally wrong. It makes no sense here in this society. It’s not a survival thing. It’s an attempt to steal just like stealing other kinds of jewelry or gold or whatever. There should be something like that, it should not be without consequences. Not just because you paid your credit card bill, it’s good. There should be something more.

Megan: Yeah. Absolutely.

Guillaume: Not a criminal case because that would be going too far. It could be an honest mistake somewhere to some degree, and you know, you don’t want to punish someone who’s some once in a while. It’s better to let go of one guy who’s guilty than punish the innocent. But there should be some kind of fine because you involve so many people who need to work and prove that you actually did receive it, and you’re wearing your Rolex in your social media.

Megan: Yeah, absolutely. There are cases that can be mistaken. One of the challenging ones that we found for a lot of merchants is subscriptions. So have you ever gotten an online e-commerce subscription?

Guillaume: Yeah, some are hard to unsubscribe to. I was like, oh, yeah.

Megan: Some of them you miss that renewal email, and then you check on your card and you say, Oh, what is this charge? That certainly happened to me before. So, I went and contacted them to say I didn’t want this renewed shipment. Please cancel this order, please remove this charge. But what happens with some e-commerce sites, unfortunately, is that one arm doesn’t speak to the other. For example, you can have that charge canceled but then still receive that product because shipping and fulfillment is not attached to payment. So merchants can actually lose out on the product and the money because of an accident, because of someone that didn’t mean to renew their subscription, they contacted it, they asked not to. But that can be a challenge for merchants as well as losing money in their subscription pieces, losing money on that item not received and then also significantly not as described as something we started finding with our marketplace merchants.

Think of eBay, Wish, Etsy, they can’t really control everything sold on their site. There are thousands and thousands of sellers but when a chargeback comes back, it goes back to the company. So really looking at a product and saying I ordered a red couch and it’s a blue couch or something a lot simpler. I ordered something that you promised to be this high-quality product and it wasn’t, it’s falling apart. It’s ripping at the seams. The customer is not wrong there but the merchant is also not wrong. They’re not the ones actually selling that product itself. So going in and covering those significantly not subscribed claims really helped a lot of our marketplace merchants really take off and grow their business.

Guillaume: So, in addition to implementing some kind of anti-fraud system there, are there other best practices that people should implement in terms of reducing fraud? For example, we said, if it’s possible with your fulfillment and shipping carriers to have a picture of the delivery on the porch. So then you say, maybe there was a test case on the porch, but at least you have the proof of delivery on the porch. It’s a good start that will protect you as a merchant, in many cases. Are there other good practices that they should try to implement when possible?

Megan: Yeah, I think just looking at good e-commerce practices. Post-purchase account creation is one that I think is a great way because pre-purchase account creation can cause too much friction. But having an account allows your customers to track their orders, and it allows them to access their previous orders, which can also increase the chance that they’ll order something again, or they’ll renew. It’s frictionless, and it can offer a lot of benefits at the end of that funnel, where you say, create an order to track your product or to gain points from this purchase that you already made, a lot of those things. And then you also can collect that customer’s information in that first party manner, third party cookies are out. So having your customers volunteer that information directly to you, and then keeping them within your own space, that’s something that’s really valuable. They can also update their billing or shipping addresses there, they can update their forms of payments, and you can have autofill, which makes it a lot easier for them to check out on your site. Creating that ecosystem that really cares about your customer, while also getting the information necessary to identify and validate their behavior, and see any patterns within that specifically, I think that’s a really important thing that going into this era of e-commerce that we should all be paying attention to.

Guillaume: Pretty good. And are there any kinds of different industries that are more at risk? Or that you had more increases of fraud, especially recently with COVID?

Megan: Yeah, absolutely. So when we evaluate a merchant, we look at a couple of different items. Number one, I think is actually a pretty funny one, but brand recognition, you can’t steal from someone you don’t know. So if that brand is not well known, it can experience less fraud in that exact point. Of course, there are certain niches that can really get hit, but our Walmarts and Targets of the world are going to see a lot more. And there’s also this interesting social pressure of it. Stealing $2,000 from Walmart does not feel the same as stealing $2,000 from the mom and pop shop down the street. So really looking at how much name recognition goes into a product or into a brand, can be a huge indicator of the potential fraud that they’ll experience.

Guillaume: So the more famous the brand, the more fraud it typically has. And it’s not just about the business volume, it actually grows in person.

Megan: Exactly and then the other one would be the second-hand value. I live right across the street from an Apple Store. If I grabbed a credit card that I found on the street, walked into that Apple Store, and bought myself 10 iPads, I could probably go right outside that store and flip those within 10 minutes, make myself look cool for $5,000 and be done with my day and then I wouldn’t have to work anymore.

Guillaume: Yeah, for a certain amount of time, you’ll be rich, you’ll need to repeat that scheme and not get caught.

Megan: I certainly would and I’m much happier on the anti-fraud side of the coastline, but you can’t really go to the grocery store, buy $5,000 worth of bananas and make your profit back that quickly. So you’re really looking at the second-hand market, which is going to be a huge indicator, luxury products, electronics, jewelry, those are the types of things that have a huge second-hand market. So there’s going to be a lot more attacks because that merchandise can be resold at a very similar value. And then the order value itself again, if $10,000 exists in this little space, and it’s a new computer or an electronic or a diamond ring or a tennis bracelet. That’s just quite frankly, simpler to ship, to resell, to send somewhere else. It’s definitely a lot harder to do that with large merchandise. Not to say that our large merchants don’t experience that. We’ve worked with a lot of home goods companies, couches, chairs, swimming pools even. That was actually a very funny item that received a story that ended in a Google Maps image of the pool in the backyard.

Guillaume: Really?

Megan: Really. I will say it’s quite hard to steal a swimming pool.

Guillaume: That’s funny.

Megan: People will still try, they certainly will. The high order value is a huge indicator.

Guillaume: A swimming pool?

Megan: I know, someone stole a swimming pool, I was honestly quite impressed. Our team did catch it, find it, reversed that chargeback. But someone really did try to steal a swimming pool.

Guillaume: Did they put it in their own backyard?

Megan: It was in the backyard.

Guillaume: That’s not smart. That’s just like taking people for dummies. There will be no process in place to verify. Maybe they would have at least put it at some other address or something. A two person fraud at least, it’s fun when they are not too sophisticated. We don’t want them to get any better.

Megan: So yeah, high order value, high secondary market value, and brand recognition. Those are the three things that get the most, like, if you hit that kind of pinnacle of that, that’s where you’re going to have the most fraud attempts. So that’s what we have to look out for some of those merchants, and that can span across a lot of different categories. Fashion can always get huge hits because there is a certain brand name or recognition or there’s seasonal value. One of the things we tend to see is bot attacks on any seasonal drops, think of Supreme, Yeezy, things like that, that have like a limited edition drop, get scooped up by bots, and in a few minutes, they all show up on eBay for three times as much the price. So we really look across the board because those three items do span many different categories. We work with merchants in I would say 20, 30 different e-commerce categories. And we make sure that we’re providing good protection for all.

Guillaume: But then the question was the bot attack, is it pure fraud? Or is that actually just a bot attack that they actually pay and will honor that payment, and then they just resell it at three times the price? There’s that question too. But of course, if somebody’s using bots to buy, they’re already admitted into the shady market, for sure.

Megan: Yeah. So that I think would fall into, as we’ve talked about item not received abuse, significantly, not subscribed abuse, I would say policy abuse is where you can say a bot attack is. So if the policy is to per customer, and someone’s using a bot and different fake identities to scoop up more of those products, then that’s abusing the policy of a merchant. So we’ll work with merchants on determining what their policies are, and how we can identify those customers. So even if they’re using a different email address, or a different IP address, we can identify that same consumer, based on the over 80 different data points that we use when we’re looking at consumer behavior. So being able to identify and stop velocity attacks, bot attacks, pre-off the tax as well. We start setting pre-off with a lot of our merchants, so that if someone’s doing a carding attack, they’re running 10,000 different cards through a website to see which ones work because they can buy a list of compromised credit cards from the dark web. Every single one of those even if we’re able to stop the fraud attempt, that transaction fee can end up racking up.

Guillaume: On a 10,000 list there could be maybe like two or three that will work or something like that.

Megan: Absolutely. But you’re paying that credit card processing fee for all of this, even if they’re not working or going through. So that’s another thing to look at.

Guillaume: If you have protection against that kind of flooding attack, then that would be great. It can be put in place. Unless they are a large brand, it’s rare that it’s put in place in a proactive way, it’s pretty much always, oh, we got hit by this, then it’s a reaction. And then Okay, now let’s protect ourselves against that kind of flood attack of 10,000 carding attacks.

Megan: So it can be really challenging for a merchant to prepare themselves for all of these different things. Because at the end of the day, they’re trying to stop these bad actors from getting onto their site. While at the same time, they’re trying to let all those good buyers and good repeat customers through. And those good first-time customers, they want to make sure those people are having a great experience. So it can be really hard for a merchant to handle all this on their own. And that’s why we really look at that network-based approach saying, hey, let’s look at where else this person is. Because no one exists in a space, none of us shop on just one website. So let’s utilize the information we have as a commerce network, and really approach this from a broader view.

Guillaume: Also some technical solutions like content delivery networks and various other scripts you can put in place to defend your e-commerce store against carding attacks or a massive attack like this, which you can talk to your web agency to put in place if they have the expertise or some specific security firm. And you talking about bot attacks reminds me of eBay, haven’t been there for a really long time. But you used to see auctions taking off like nuts in the last five seconds. It was just like bots fighting against bots.

Megan: And it was driving that price straight up.

Guillaume: Exactly. Because how those software used to work is they would wait let’s say 10 seconds, 5 seconds before the end of the auction. And then you would write what is your real final prize if you’re willing to bet, but you don’t want to lose money. You want to win it for as low as you can. So the bot would just like spam bids for the last 10 seconds to try to increase, increase, increase to your max that you’re willing to pay to buy it. So you can get it for as low as possible and sort of like steal the bid at the last second against other users.

Megan: Yeah, it can be really hard for merchants out there, and that’s why we’ve really looked at the entire funnel, trying to make sure that our customers can get through and that our merchants are protected. And I think since we have a few more minutes, we can go into that final step that I think everyone has been looking at. The big scary monster that is, returns.

Guillaume: Yeah. Okay, let’s go with returns.

Megan: So you’ve done all this work, you’ve stopped all the bots. So you’ve let through all the good customers, but returns happen. And returns happen a lot more on e-commerce than they do in person. So as e-commerce has grown, you still have returns.

Guillaume: You don’t see the product, you have a photo, maybe a video, but you still haven’t touched it. It’s not the same as a shoe, you haven’t tried it on. So for sure, there’s more return.

Megan: Yeah, returns are a $40 billion issue. And there’s 30% of purchases made online. So I’m sure these stories have made their way to you of people trying to return things after the holiday season and being told, keep the product and your money. Because the reverse logistics can be up to 25%, or not more of the actual retail value of a product. So looking at margins, it can be too expensive, like too cost prohibitive for merchants to accept returns. So they just leave the product with the customer and give them their money back. So a couple of people caught on to this. And then there are other things that happen too. When you’re processing this huge value of returns, there’s different ways that returns get processed and fraudsters caught on to these, it can be weighing the shipment. Taking it back to FedEx to weigh the shipment, if the weight matches, then the return is issued immediately.

So that means that so long as it’s the same weight, that return will get issued. And by the time it actually gets back to the merchant who’s maybe inspecting the product, then that’s when they’ll find that the product is illegitimate, that it was just the same weight of return, not the actual product. And unfortunately, the fraudsters made off with the product and the money at that point. The one that we always bring up is someone put a potato in an iPhone box and shipped that back, they sealed it back up and it wasn’t down for months until it started sprouting. Which is crazy but that’s $1,000 right there and a brand new iPhone that that person was able to get. So, this is the challenge that merchants face. And of course, we’ve had this one size fits all policy.

Guillaume: It’s sort of sad to see that intelligence put to use in such a petty way, like, Okay, you got $1000 and then what?

Megan: It’s become full businesses. There are people that are resealing TV boxes with rocks and they’re really figuring out how to steal these items. I hope I’m not inspiring anyone in this segment, but it’s a lot of work that’s put into this and merchants are catching on. And they’re kind of making it worse for everyone because we all have expectations of free returns now. Some merchants are saying that now we’re only doing free in-store returns so that they can inspect the goods in person. And that they’re also not paying for those reverse logistics. There are companies popping up that do returns in different ways, that are trying to make the returns process easier and smoother, as well as more protected for merchants.

Guillaume: The RMA, Return Merchandise Authorization code and all that, but it’s a whole industry. As I said, it’s a big problem, too. And you can also see that Amazon is trying to be super competitive on this sub-perfect experience. But when you try to return on Amazon here in Canada, they offer to pick it up for free at your door and that’s convenient.

Megan: Yeah, that’s convenient, but how do you compete with that without the p&l of something that can quite frankly, lose money every year?

Guillaume: Yeah, exactly. Because they think that’s just a big scale as long as the whole equation bounces at the end, they’re okay with it. So for small merchants, it’s near impossible unless you have unbelievable margins like designated beauty products or high-end products, fashion products, they don’t have the normal margins and have like above 50% margins and stuff like that, then they could afford that stuff. Or a super crazy loyal fan base of maybe like the Patagonias of this world, but it’s hard to pull off.

Megan: Yeah, it can be really challenging. So the way that we’ve approached it is, rather than trying to make the returns process easier, let’s try and figure out returns before they happen. So we’ve rolled out a return of use API product so we can really segment those customers based on their behaviors. Has this person returned in the past few months? How many orders have they returned throughout the signified network in the past six months? So really using that information across the board to better determine, did this product just not fit or is this a serial pattern with this person? And policies are different. As we said, some people are okay with bots buying their products and reselling them but some people don’t want that to happen. Wardrobing is something that happens in fashion a lot where people buy a product, tuck in the tags, wear it once, ship it back. Maybe a brand wants to see their name out there a lot and they’re okay with that because they don’t have seasonal products, but then you have someone else that’s got a six-week turnaround on their season. So by the time that product gets back, it’s deeply discounted, potentially damaged.

Guillaume: That was the Microsoft Windows and the Photoshop approach back in the day a long time ago. It’s like, it’s easy to crack on purpose, we just want to flood the market.

Megan: Exactly. So we’ve created a product that every merchant can tailor to what their customers are, and what their tolerance is. So they can say if someone has returned more than half their products in the past six months, then only issue them a store credit, instead of a full cash refund.

Guillaume: Which is always better from a business point of view, a store credit, than cash.

Megan: If you’ve got your really preferred customer, like someone that constantly buys from you all the time, then the moment that they request a refund, or they request to return an item, send their refund immediately, and then send the packaging and the label because you know that if they have a great experience, they’re already a loyal customer. And they’re going to come back and shop threefold. So really treating our customers as individuals has become a huge piece of e-commerce, personalization is very important. So why not personalize that returns process because it’s inevitable rather than trying to prevent it from happening, let’s handle it in the best way.

So those worst customers, those ones that you see on there that have returned 90% of the things in the past, or they file chargebacks, everything’s final sale for them. Of course, you can purchase, checkout all you want, but you’re keeping this product, we’re not going to take it back. So we’ve created this product to really approach returns in a different manner and stop going with a one size fits all for different customers, because customers aren’t the same. And they’re not the same on different websites, they’re not the same in different spaces. So we’re really excited to have this, we unrolled it last year. And it’s a really interesting way to look at returns fraud before it happens, rather than try and find more ways to return different products.

Guillaume: Putting in place that kind of insurance fraud and all those detection tools, what kind of cost could the merchant look at?

Megan: In terms of?

Guillaume: I guess it’s some kind of percentage of the top line that is getting charged or something like that. Or is there any guideline as to when they should go into calling companies such as yours or others that I have a fraud problem. But how much of fraud do I need to have for it to be worth putting in place all that stuff?

Megan: That’s a great question. Everyone has different tolerance and everyone’s going to have different fraud pressure, because of those categories that we covered because of the brand recognition, the secondary market for their products, as well as the average order value. So when a merchant starts seeing disproportionate time going towards manual review, when they’re starting to see a lot of chargebacks. But also, what happens quite often is when they’re not seeing many chargebacks at all, there tends to be a problem with how many orders they’re actually approving. So one of the things that we tend to look at is that order approval rate. Are 80% of people checking out? Are 90% of people checking out? How many people are hitting the buy button to actually get their product along the way? And that can be a huge, scary factor for merchants.

With Signifyd, we see 98%, 99% order approval rates. So I would say if your order approval is below that, then there’s probably space for a conversation. If it’s above that, that’s incredible and we love to see that. But then on the other side, if you’re chargeback rates are above half of a percent, above 0.5%, then there’s definitely some space to fix that as well. So those are the two things that we tend to look at. And sometimes it’s hard to find those exact numbers. So anytime that we talk to a customer, we’ll look at that, we’ll share that information with them, we’ll showcase what their system looks like, what we think we can make happen, and then the difference that that would cause for their business.

Guillaume: So basically, if your fraud or chargeback is more than 0.5% of your top line. And/or if your order approval rate, if you decline more than 2% of orders by risk and fear of fraud, there’s probably an opening that the product would sort of pay for itself.

Megan: Yeah, absolutely.

Guillaume: Pretty good. Megan, we’re coming to the top of the hour here. So thank you for being here today. If people want to get in touch with you, what’s the best way to contact you?

Megan: Yeah, you can find me at [email protected] You can also find me on LinkedIn, always around to chat, always around to help our customers and the rest of the partner ecosystem.

Guillaume: All right. Thank you, Megan.

Megan: Thank you.

Related Posts

Interested in our content?

Subscribe to our newsletter to get notified when we release a new podcast episode or new blog post.