Five ways to detect online fraud

Now more than ever, you cannot afford to lose money to online fraudsters who purchase goods using stolen credit cards. Geolocation monitoring can help you detect fraudulent orders before you fall prey.

As Quova, a provider of geolocation services, explains it, the foundation for geolocation is the internet protocol (IP) address, a numeric string assigned to every device attached to the web. When someone surfs the web, his computer sends out this IP address to every website he visits. An IP address can provide information regarding the user’s country, region, city, postcode, and time zone, which can help you determine if the visitor to your site really is where he says he is. Equipped with this information, you can use geolocation to flag and address suspicious transactions.

Quova offers five ways to use geolocation to help you detect fraud:

1) Check for anonymous proxy servers and other location-masking systems. While not all proxy servers are bad, the use of an anonymous proxy that hides or masks a unique IP address can be a fraud indicator. Lists of anonymous proxies that are abusing the system are provided by a select few geolocation vendors that notify the etailer when an order comes from one of the proxy servers.

2) Check the distance between actual and expected user locations. It’s a rule of thumb that shoppers will be logging onto the internet within close proximity to their billing or shipping addresses. Many online merchants report that orders coming from 500 miles or more away from the expected location have a higher probability of being fraudulent. With geolocation, you can elect to decline, or flag for review, orders falling X miles or more away from the shipping or billing address.

3) Use domain information to assess risk. With access to domain information gathered from the shopper’s internet service provider, you can more easily determine whether an order should be declined, accepted, or flagged. You can also track user sessions so that you know if the customer frequently connects from work and from home.

4) Build user profiles. Once a profile is built, you can look for changes — differences between the observed behaviours you see online and what you have on file. Geolocation provides a simple way for merchants to expand their user profiles behind the scenes by assuming that most valid orders will follow the same pattern. If several domain extensions or ISPs are used by the holder of a credit card in one day, chances are those orders may be fraudulent.

5) Use time-zone information to track the transaction “velocity”. If a user is connecting to a website in relatively short periods of time and the log-ins are more then 1,000 miles away from each other, this is a major red flag for an online merchant. For each shopper, you can use geolocation data to enable business rules that a) request the current local time at the shopper’s location; b) alert you to potential “time-zone hopping”, where the same account is accessed from multiple geographic locations within a short period of time; and c) alert you to orders placed at times of the day that aren’t consistent with previous orders stored in the user’s profile.