is a major vulnerability for e-commerce
platforms. While it’s easy to physically deal with a dodgy customer, it’s hard to keep bad customers
at bay when they’re hiding behind a screen. A report by analytics firm Payments states that 8.6 percent of sales globally were affected by fraud. That suggests that retailers in Q2 2016 could expect to lose $8 for every $100 to fraud, four times the value from 2015.
The anatomy of payment fraud
Fraud comes in many forms. As payment methods have evolved in the last decade, so have fraudsters’ methods. Some hackers
could use an online store as a front for phishers, using the platform’s legitimacy to obtain sensitive information. Others
set up fake payment sites mimicking real ones to collect financial information.
If a site is particularly vulnerable, it may even be subject to a man-in-the-middle attack. This occurs when an unauthorized third party positions itself between the sender of sensitive data and the recipient of the data. So while a payment platform is collecting information, a hacker sees the information being transferred.
may also resort to malicious redirection. So while visitors believe that they’re going to their favorite shopping site, they may be diverted to a fake site where they’re vulnerable to attack.
Once the information is obtained, hackers
can commit synthetic identity theft, in which the attacker impersonates someone using their personal information. Malicious attackers often target customers, but could also pose a threat to ecommerce merchants. If a fraudulent order is accepted, the merchant could stand to lose not only merchandise but also be slapped with a chargeback fee, which occurs when a purchase is forfeited.
This is an excerpt from an article published on TechInAsia. You can read the full story here