While sending a confirmation email and opening a line of communication with the customer started as a great method for customer service in the early days of the Internet, the growing ecommerce market has thrown email into the spotlight as a necessary and unique transaction identifier as part of a layered solution for identity verification. As such, email data has turned into a great asset for fighting online fraud.
During a fraud attempt, there are many identity elements a fraudster might steal to complete a seemingly positive transaction (address, email, CC number, SSN, and phone information included). However, a correct email is tougher to defraud. Instead, fraudsters will opt to sign up for a readily available disposable email (i.e. Guerrilla Mail, Mailnator, or ThrowAwayMail.com) or a more common auto-generated generic email address (firstname.lastname@example.org look familiar?). By using a new email, the true customer (the real John Smith) doesn’t get an order confirmation email in his inbox with the details of the express-shipped new GoPro camera some fraudster just bought with John’s credit card.
This fraud strategy provides both a unique challenge and opportunity in fighting card not present fraud. The challenge for merchants is that fraudsters can easily create an email that looks real and passes basic validity tests (domain exists and inbox is deliverable, for instance). However, merchants now have access to additional email data and are able to use the fraudster’s strategy against them as an effective fraud-fighting tool. The global requirement of email on CNP orders has proven to be a uniquely powerful addition to rules-based fraud platforms.
Merchants have a finite amount of data to use in their defense to fight chargeback fraud. Think about it – when I place an order I typically give my credit card information, name, billing address, shipping address (if it’s a physical good), email, and phone number. Though I may not realize it, my IP, device information, and patterns of shopping behavior are also collected. All of these data elements can have a strong correlation to fraud (or signal that the order is good), but none perform quite like email as a layer within the greater identity proofing waterfall.
In recent tests with a top 40 US retailer, we found that the Email First Seen data point reduced fraud by 2.8%. This won’t happen on its own, though; merchants need the right data elements in the right layer on which to base transaction decisions.
Whitepages Pro returns a number of email data points from our Identity Graph. One of the strongest transaction signals that we see consistently is Email First Seen Date, a measurement of when we first saw an email in our network of data providers and proprietary services. When we see longer history of the email being established, it helps to provide confirmation of legitimacy. We typically look at email history in five buckets
- Never Seen Before – Very Risky
- Very New Emails (1-30 days) = Risky
- New Emails (31 – 180 days) = Neutral
- Established (181 – 720 days) = Safe
- Well Established (720+ days) = Safest
Additional email risk signals that will fine-tune any merchant’s model include:
- Registered name match – returns the name we have on file for the supplied email
- Valid/Invalid flag – Indicates whether the email is valid and email deliverable
- Auto generated flag – Indicates whether the email is potentially auto generated
- Disposable email flag – Indicates whether the email domain is disposable
- Domain creation date – Date when the email domain was created
Ecommerce has been growing steadily for the past decade. According to Internet Retailer, ecommerce growth has been near or exceeding 15% for the last six years in a row. While this is exciting news for the economy and our businesses, it comes with a huge asterisk – fraud. It is true that fraud rates have been on a decline for the last few years – only hitting .8% in online sales in 2015 (.5% in mobile and telephone sales). But reject rates are gaining ground. On average, about 2.8% of all orders are outright rejected as companies try to keep chargeback fraud to a minimum. The bottom line is that there is still room for improvement to serve good customers quickly.
There is no single silver bullet for complete identity verification and email data is just one trick in the bag for merchants to fine-tune their fraud review and stop chargeback fraud. Whitepages Pro offers free data evaluations to help you understand how individual data elements and compound rules can help you automate decisioning, fight fraud, and speed good orders to clear. Contact us today to brainstorm how this and the rest of our Identity Data can help improve your bottom line.