Guide to preventing fraud on ecommerce sites

Last Updated Mar 12, 2021
Emma Jagger

Engineer, maker, Google alumna, CMU grad

You run an eCommerce website, sell products or services, and are concerned about fraud? This article will guide you through understanding the existing fraud detection mechanisms and how you can improve them.

Fraud detection provided by your payment platform

Most payment systems provide reliable fraud protection systems and are likely to reject a payment considered at risk.

Their detection algorithms are based on multiple signals, including analyzing your customer's device's characteristics to detect payments made by bots, the speed with which the customer moves from page to page, or the mouse movements.

The most advanced algorithms are improving daily thanks to Machine Learning and have become very efficient.

How to improve my payment platform fraud detection?

Even if the payment platforms are putting lots of resources into tightening their fraud detection systems, there are a few things you can implement in your website to increase safety even more.

Detection of the geographical location of your visitors.

For sale made over the phone for local delivery, and if the person on the other end of the phone seems to be on the other side of the world, you would be entitled to ask them a few questions to determine if you are being scammed.

On the contrary, most websites do not consider the geographical location of their users and would automatically accept any sale. Any buyer can make purchases on your site by specifying local shipping and billing addresses, regardless of their real location. Unless, of course, you do implement location detection.

Location detection on the web is a process called IP Geolocation. Based on your visitors' IP address and using the free and real-time Abstract IP Geolocation service, you will be able to obtain the geographic location information of your visitors in milliseconds. If they are not located where they are supposed to be, now you will detect it and can act accordingly by refusing the sale, for example.

Detection of the use of disposable email addresses

In your eCommerce site, you likely ask your customers for personal information during the purchase process, including their email addresses. It is essential to verify their email address to make sure it exists and that it is not a disposable address that would make it impossible to identify the person.

Abstract also provides an email address analysis and detection service, which is also free and works in real-time. It instantly detects whether the email address provided is legit or from a disposable email service.

Setting up Abstract services

Like most API services, you will need to obtain your key before you can use them. The abstract process has been dramatically simplified, as all you need to do is create an account with your email address and a password of your choice to obtain it. No credit card is required. Then the APIs can be called with a simple HTTP request, which can be made from your server or the browser of your website visitors.

Related articles