Review: Software to detect online fraud
By Ellen Messmer
(IDG) -- CyberSource has unveiled Java-based software that lets online retailers filter out fraudulent credit cards from Web-based orders and transfer alerts about those cards directly to customer service representatives using customer relationship management systems from PeopleSoft, Siebel Systems or SAP.
The CyberSource Enterprise Risk Management Solution expands the earlier CyberSource fraud-screening software that ran a 2-second risk analysis of credit cards directly on the Web or application server, but required customized programming to share the risk data with call center CRM systems. CyberSource works by making an "accept, reject or review" determination based on 150 factors, including shipping address, phone number, IP address and product amount.
"Some orders that fall into the gray area on our scale can now be fed to the customer service representative," says Jeff King, CyberSource's director of risk product management. "You don't want to blindly turn away orders." The call center representative can be prepared to interact by phone with people when they submit an order online with a credit card number flagged as risky by CyberSource.
Experience has shown that certain parts of the country -- New York and California in particular -- are high risk in terms of chargebacks (the cost that merchants have to swallow when they accept phony credit cards for goods). The two main card associations, Visa and MasterCard, hold the merchants liable for the costs and fine them, too.
It's hard for smaller retailers to get permission from banks to accept online credit cards because of the high risk. Often the banks print the merchant's toll-free number on credit card bills so that if a consumer opens his bill to discover his credit card was used fraudulently, he can take up the matter with the merchant rather than the credit card companies, King says.
The CyberSource software, which costs about $100,000, runs on the Web or application server.
The software pushes an online order's credit card number, product purchase and other information through the CyberSource rules-based analysis on the server.
Then it makes a final check with a remote database that CyberSource keeps on the Internet, which includes an updated "hot list" of "bad" credit cards, to deliver the final verdict on the card.
If an online merchant prefers to build his own rules-based engine to screen cards, CyberSource will make use of the hot-list information for 17 cents or less per transaction.
According to Visa, which helped develop the CyberSource fraud-prevention software, credit card fraud on the Web is three times as high as it is for all other card use. CyberSource claims some big-name retailers are using its software, such as Wal-Mart, Kmart, Nike.com, General Motors and The Home Depot. Nevertheless, most online retailers seem to use homegrown systems or none at all.
According to research firm Current Analysis, there are only a few fraud-detection software packages or services, with HNC, ClearCommerce and CreditView offering competition to CyberSource, which screens debit cards, corporate procurement cards and electronic checks in addition to credit cards.
None of the fraud-screening software packages and services are 100% accurate, maintains Joe Marino, principal analyst at Current Analysis.
"These are decision-support tools based on patterns and analysis, and every quarter you have to redefine the algorithms because patterns change," he says.
|Back to the top|