How to combat mobile commerce fraud

Your fraud checklist

"When businesses discover that their mobile fraud rate is higher than they'd like, their first instinct may be to react quickly, with 'blunt' rules that cause them to review or reject more mobile orders," says CyberSource. "This approach may enable more fraudulent orders to be identified, but there's a significant risk of catching genuine orders in the same net."

Follow these steps to protect your mobile business:

1. Distinguish your channels

As retail now uses multiple channels, it's important to track and differentiate orders from mobile channels and your business' wider e-commerce activity. These insights will enable you to see whether mobile fraud is actually increasing.

The percentage of retailers that use e-commerce tools to detect and manage mobile fraud

The percentage of retailers that use e-commerce tools to detect and manage mobile fraud (Image: CyberSource)

2. Choose the right tools

To detect and prevent mobile fraud, using the right detection tools is vital. However, many retailers simply use the same fraud prevention tools they have for their e-commerce sites for their mobile channel.

3. Analyse your chargeback channels

Fraud can be one of the main causes of chargebacks. According to a Chase Payments survey, chargebacks are highest from a PC website (36%), from mobile-enabled websites (21%) or from mobile apps (15%).

4. Use a layered approach

Fraudsters use many channels to attack their victims, so it makes sense to also have a number of security layers to protect your customers. Look at every piece of personal information and where this is stored and exposed. Ensure all Card Not Present transactions are protected at every customer facing point.

5. Pay attention to EMV

This new system is now live, which means your business must be more vigilant about potential fraud. Always use several fraud protection mechanisms to detect potential card misuse such as 3-D Secure.

6. Check your PCI compliance

The Payment Card Industry Data Security Standard (PCI DSS) has a minimum level of security that all merchants should adhere to. Check the PCI website for updates to this guidance.

7. Analyse in-app purchases

If your business uses apps, paying close attention to the analytics of your apps will reveal patterns of usage that could mean fraud. Fraud scanning services such as Maxmind can also help you identify potential fraud accounts and orders.


Stuart Reed, senior director of Global Product Marketing at NTT Com Security, concludes: "Have a well-defined and well-communicated incident response plan should a security breach occur in order to minimise the impact and cost of incidents – our own Global Threat Intelligence Report indicates that 74% of companies do not have an incident response plan in place."

Fraud is a fact of life for all online businesses. With m-commerce set to become even more popular than e-commerce, having strong fraud protection and prevention systems in place is a must for all businesses.