Blog / fraud analytics
How does online payment fraud affect the UK's economy?
Our first deep-dive on how fraud affects regions around the world. The UK is the world's second largest ecommerce market and will be worth $314 billion by 2021. We took a closer look at the size of the market, how much fraud is growing and how UK sellers can stop it.
In the UK, online businesses is booming
Right now, UK shoppers spend more money in physical stores than online, but this is changing fast. In 2017, online-only sales increased by 16%, in comparison to just 2% growth of store sales. A massive 86% of Brits are Amazon shoppers and one in every five pounds spent in the UK is spent online.
The UK is already the third largest ecommerce market in the world and will grow to $314 billion by 2021. Over half of UK businesses sell online through company websites, and this is predicted to rise in the next year.
Selling online opens doors to new markets
UK online sellers expect triple the revenue growth and double the jobs growth compared to those that don’t. This may be because selling online allows businesses to reach new markets. Almost 70% of UK online retailers sell overseas, most commonly to Europe (80%) and the USA (35%).
Online merchants make room for new players in payments
The UK fintech sector is also growing quickly. Ecommerce growth and policy change has made room for new entrants to the market to improve services for merchants and customers. Most new fintech businesses focus on payments. The Second Payment Services Directive (PSD2) introduces new models of third-party providers, so it’s likely this will increase further.
Most online purchases use cards
Although a growing proportion of payments use alternative methods, most UK online purchases use cards:
- 32% debit card
- 18% by credit card
- 6% by deferred debit/charge card.
Online payments attract fraudsters
With so many customers storing card details and making payments online, fraudsters can’t resist taking advantage. A string of customer data breaches against large corporations hit the headlines in 2018, with British Airways, Marriott Hotels, TicketMaster, Facebook, Google and many more companies falling victim. Billions of customer credentials have been stolen and leaked online since 2013, including details like names, addresses, credit cards, account logins and passwords.
Hackers sell the stolen details and compromised cards on the dark web, and are very likely to sell these details to more than one buyer. Because the cards could be fake or blocked, individual fraudsters tend to buy payment details in bulk. Fraudsters use the compromised details to make fraudulent purchases online. This is known as online card not present (CNP) fraud, which made up 59% of all card fraud in the UK in 2018.
Fraud’s impact on the UK economy
The true cost of online fraud is hard to pinpoint, as it often goes unreported. Trade body UK Finance reported that in 2018 online payment fraud for UK-issued cards increased by 27% from 2017. The fraud on UK retailer websites cost over $400 million (£251 million).
Brits represent a disproportionate amount of cybercrime victims - despite making up just 1% of the global population, the UK accounts for 2% of the 978 million global victims of cybercrime and almost 4% of the global losses.
The individual cost of online payment fraud varies, with the average amount estimated at around $215 (£166) per person. However, victims also report losing an average of two working days’ productivity when dealing with the aftermath of fraud - read more about this here.
Fraud's impact on UK businesses
Barclays research reveals that fraud costs UK businesses up to $56,000 (£35,000) per incident. Fraud has resulted in the loss of 50,000 UK jobs because companies were forced to make redundancies to recover costs.
Online payment fraud cost mainly takes the form of chargebacks. When a customer sees a purchase on their bank statement which they don't recognise, they call their bank and get the charge reversed. Usually, the bank will immediately refund the customer and collect the money from the business’ bank account.
As well as losing the payment, businesses have to pay a fee for incurring a chargeback. Fees can be as high as $150+ depending on the chosen acquirer or payment provider. On top of this, the business also has to cover the loss of stock. Chargebacks and chargeback management is costing merchants an average of 8% of revenue. For businesses operating on tight margins these costs can be the difference between survival and failure.
New regulation aims to curb online fraud
PSD2 aims to reduce online fraud through Strong Customer Authentication, this is two-factor authentication for payee-initiated purchases. This is at odds with sellers' need to make it easy for their customers to buy from them. 75% of businesses want advanced authentication and security measures that have little or no impact on the digital customer experience. Many online sellers choose not to use 3D Secure to avoid adding friction to the buyer journey.
Under, PDS2, payment providers will be more responsible for fraud management. The law sets maximum fraud levels for payment providers entire portfolio of merchants.
Risk-based authentication is a top priority for online sellers
Online businesses rank 3D Secure (3DS) as one of the top five most effective tools for fraud management. Authenticating a payment using 3DS shifts liability for fraud from the retailer to the cardholder’s bank.
However, there is a trade-off. Any extra steps in the checkout flow, even necessary ones, carry the risk of higher rates of declined payments and shoppers abandoning the trolley. Business Insider looked at the stages when shoppers drop off from checkout:
- 46% drop out at the payment stage
- 37% drop out at checkout login
- 36% drop out once the shoppers sees shipping costs
- 21% occur when the user needs to enter their billing address
- 20% occur when the user needs to enter their shipping or delivery address
We looked at millions of 3DS payments to understand how far the 3DS stage really affects acceptance rates. In the UK, 75% of 3DS payments are accepted, so one in four payments are lost through 3DS.
Sending all your customers to 3DS could cause a huge drop in conversion. When mandatory 3DS was implemented in India in 2014 some businesses saw sales fall 25% overnight. Leading merchants use risk-based authentication to give genuine customers a smooth buying journey and keep barriers up against fraudsters.