Harness the power of your data
Support and investigations
Support services for Ravelin
Online payment fraud
Deep dives on fraud & payments topics
API & developer docs
APIs, glossary, guides, libraries and SDKs
Global Payment Regulation Map
Track PSD2 & more with a full report
The latest fraud & payments updates
In-depth guides to fraud, payments &
Discover the story about Ravelin
Join our dynamic team
Read more about our happy customers
Get the latest Ravelin news
Support & investigations
Accept more payments securely
Protect your customer accounts
Stop policy abuse to protect your bottom line
Ravelin for marketplace fraud
Ravelin 3DS & SDKs
Global Payment regulation map
In-depth guides to fraud, payments & security
Read more about our happy custmomers
How much do you actually know about CNP fraud?
Please select one of the options above.
Payment fraud is already a billion dollar business, and it’s growing. According to Juniper Research (2018), online sellers will lose $130 Billion to fraud between 2018-2023. Did you know that online payment fraud also costs global businesses 1.8% of their entire revenue on average?
1 / 10
Our 2016 customer survey revealed that only 20% of consumers understand that the retailers are actually the ones who bear the costs of fraud. Often, customers incorrectly believe their bank or card provider will bear these costs. This is another example to show it’s not only about the financial cost - fraud also impacts brand and customer loyalty. Because general consumers aren’t aware of how fraud works, they often blame the online seller and are less likely to buy from their site again.
2 / 10
Card-not-Present fraud, also known as 'Identity Theft' is the most common form of e-commerce fraud, comprising a tremendous 71% of all attacks. Identity fraud is often one of the methods used by cybercriminals, either as the end goal or the precursor to another attack.
3 / 10
When a customer has been defrauded on an online seller’s website, they notify their bank and the seller will receive a chargeback. As well as refunding the cardholder, the seller also has to pay chargeback fees to their payment provider. Chargeback fees can be as high as $50 and are payable even if the chargeback is not upheld. On top of these fees, the card schemes put a limit on the amount of chargebacks an online seller receives before they get even heavier fines for breaking limits.
4 / 10
Buy from dark web
Please select at least one of the options above.
There are a few different ways fraudsters can get into an account, with different levels of effort and time required. Malware or phishing are the most targeted and sophisticated methods. These both require a lot of effort, so they are more common in takeovers of bank accounts or corporate accounts with a much higher potential payoff. Fraudsters can buy credentials in bulk on the dark web for relatively low cost. Once they have a set of logins to try, they are more likely to use credential stuffing against multiple platforms to find out if any of these logins work on any site.
5 / 10
Chargebacks and other fees
Lost customer loyalty & retention
Strain on operations team
Brand reputation damage
These are all major risks of a significant account takeover attack. Unfortunately, when a customer's account on a merchant platform has been compromised, even though the source of the breach is often not from the merchant platform itself, the customer may often believes the merchant has poor security. This impacts customer loyalty and retention as well as brand reputation. Mass account takeovers create mass requests for refunds and chargebacks, putting strain on the operational team and causing customers to feel frustrated if they can't get through to customer service quickly.
6 / 10
Mass account email changes
Multiple accounts linked to one device
One account having multiple IP addresses
Increase in transactions using alternative payment methods
The same thing that makes account takeover so successful is also what makes it so hard to detect. A fraudster poses as a real customer with a trustworthy purchasing history and no indicators of fraud - making it more difficult for systems to spot abnormal behaviour and prevent the attack. However, an increase in transactions using alternative payment methods is unlikely to be a sign of account takeover - in fact methods such as ApplePay often have two-factor authentication, which makes account takeover less likely.
7 / 10
Social engineering is the art of manipulating people so they give up confidential information. The criminals usually try to trick you into giving them your passwords or bank information, or access your computer to secretly install malicious software. Examples of social engineering attacks are: an email from a friend containing a link/download, an email from another trusted source, baiting scenarios (eg. an amazingly great deal on classified sites, auction sites etc) and responding to a question you never had (eg. an email about your computer’s operating system).
8 / 10
Arbitrage is the practice of taking advantage of a price difference between two or more markets, striking a deal that capitalize upon the imbalance. In this case, it could cost the the pizza restaurant $5 to make the pizza, but they collect $6.50 when they sell it through the app.
9 / 10
This network shows multiple customer accounts all connected to the same device at the centre - a clear sign of an account takeover attack. Large networks with few shared devices can often alert investigators to an account takeover, but fraudsters are increasingly using sophisticated methods to disguise their device ID which can make it more difficult to detect.
10 / 10
You'll receive the full quiz and correct answers in your inbox shortly. In the meantime, check out our blog for the latest insights on fraud and payments.