We live in a world where the 7.3 billion people on the planet now have an estimated 3.4 billion smartphones. 70% of the U.S. population has a smartphone - and Forrester estimated that retail sales on smartphones and tablets total $115 billion in 2015. And each one of those devices possesses greater and faster processing power than the computers used in the Apollo missions, which NASA used to put humans on the moon.
Moving into Mobile Commerce
For online retailers, the key takeaway from this is simply that consumer expectations of mobile commerce are understandably high. Phones are our constant companions, and we expect to be able to pull them out to get almost anything - information, lunch, shopping of all kinds. We expect it to be smooth, and we expect it to be easy. That sets the bar high if you're a merchant moving into mobile commerce.
And retailers are increasingly investing in mobile commerce. According to the State of Retailing Online 2016 study, conducted by Shop.org, Forrester Research, and Bizrate Insights, one-third of retailers surveyed plan to grow their smartphone investments more than 20% in 2016, and another 34% will grow their investments between 1% and 20%. That makes sense when the same study found that sales from smartphone devices grew 53% over the previous year, and sales from tablet devices grew 32%.
Conversion rates, however, remain low. To combat that trend, merchants try to speed and streamline mobile shopping wherever possible. There's just one problem with that drive: fraud prevention isn't necessarily on board.
More Mobile, More Mobile Fraud
If you know anything about fraud, you won't be surprised to learn that when a retail channel takes off, that channel becomes more attractive to criminals looking to make a quick buck. That's just what's happening with mobile.
The challenge for retailers is twofold. On the one hand, it's essential to optimize for (or rather against) mobile fraud - otherwise you leave yourself open to losses from fraudsters who have been faster to realize the potential of this channel than you have been: the nature of their game means that they're always looking for new opportunities.
On the other hand, the last thing a retailer wants to do is add friction to the mobile purchase process. Making your customers jump through hoops isn't a great way to encourage them to complete the sale - especially on mobile, where screen "real estate" is limited, it's hard to be precise and there's always a good chance that the customer is on the go.
The Challenges of Mobile Fraud Prevention
There are certain things that make mobile fraud prevention particularly challenging for retailers who are used to dealing with e-commerce. This selection gives a sense of the kinds of things merchants have to consider:
- A lot of data just isn't available from a mobile device. Browser information, plug-in info, Flash cookies... It's suddenly irrelevant and won't help catch fraud.
- Relying on static IP addresses? Stop. Mobile devices are, well, mobile. They move around a lot - changing IP addresses as they do so.
- Customers are often careless with their devices - yet they often have passwords, account details and even payment data stored in easy-to-find ways on their mobiles. And many apps are already tied to a payment source already.
- Stolen payment data can be used via a mobile wallet - something many retailers aren't primed to suspect.
- "Emulators" allow fraudsters to ape mobile appearance when they're really on their laptop, making scaling mobile fraud easier and faster.
- Phones can be jailbroken or rooted to allow the user to perform actions never intended by the manufacturer. Can your system idenfity a jailbroken phone? Forter's can.
- 3D Secure redirects and passwords are badly suited to the more dynamic mobile environment.
- Behavioral data is great - but customers behave differently when they're on their mobiles. Do you know the differences?
- Mobile fraud can be pricey. According to Lexis Nexis, in 2014 mobile fraud cost merchants $3.34 for every $1 dollar of fraud loss — compared to e-commerce's $2.69.
Don't Give Up: Optimize
What's above is just a short list of some of the factors that play into mobile fraud and which Forter's system takes into account. When you start to think of all the implications, it can start to feel completely overwhelming.
But it doesn't need to be that way. Yes, mobile is different, and yet, it's important to adapt to that. But it's not a whole new world. Just like making sure your website was mobile friendly before Mobilegeddon hit didn't involve relearning and rethinking everything, so optimizing for mobile fraud can build off what you know and have.
The best place to start is research. Make sure that you're tracking fraud by channel, so that you know which chargebacks were from mobile transactions. Analyze those bad orders, and compare them to good ones. Start learning the ways your customers act on mobile.
Turn your technical beam on mobile as well. There are ways to distinguish between an emulator and a true mobile user: find them and make sure your system is using them. Similarly, focus on finding ways of dealing with mobile fraud that don't add friction for your customers.
It can be done! To see how delivery.com successfully adapted to serve the 50% of their customer base who prefer mobile without increasing friction or fraud, check out this video.