In this article, we're exploring one of the biggest threats to businesses trading online: chargebacks.
So, what is a chargeback exactly? You likely know how card processing works, so we won't go into detail here. When the process is complete, chargebacks are essentially disputed transactions between a customer and a merchant. If the chargeback is successful, the transaction is reversed and the customer has the money returned to his or her account.
Chargebacks were originally created to protect consumers from fraudulent usage of their cards so the onus is then on you, as the merchant, to prove the transaction was bona fide.
While chargebacks were originally created to protect the consumer from fraud, they can, and are, misused by people who simply do not want to pay for something. This is called friendly fraud and it poses a serious threat to legitimate businesses.
A study from Global Risk Technologies estimated that 86% of chargebacks are placed fraudulently.
However, even though fraud is the most commonly cited reason for chargebacks, they can also stem from genuine reasons like processing errors, issues with goods or services and incorrect authorisation.
How Can I Limit Chargebacks?
A chargeback prevention plan doesn’t have to be super complicated nor does it have to take up days of your time.
Below are five simple steps you can take to protect your business from chargebacks.
#1: Choose a recognisable name
There is a US tech company called 37signals that sells a range of digital products. Their most famous is a project management tool called Basecamp.
Pre-2009, when a customer bought a subscription to Basecamp, their bank statement would include a charge for 37signals LLC rather than Basecamp.
This left a lot of people scratching their heads and wondering what the mysterious charge actually was. Instead of researching the company's name, many customers decided the charge wasn't legitimate and submitted a chargeback.
37signals bore the brunt of their confusion and received a high number of chargebacks.
In 2009, the company began experimenting with their statements and, after a bit of trial and error, opted to use a URL — 37signals-charge.com — as their statement descriptor. This URL directed customers to a page explaining what 37signals is and detailing all the products they sold.
The impact was immediate. Chargebacks fell by 30% overnight, saving 37signals a huge amount of time and money.
The takeaway tip here is clear: Choose a statement descriptor that your customers will actually recognise!
#2: Clearly offer refunds
The refund process for a bricks-and-mortar shop is pretty straightforward. If you decide you don't like a t-shirt, you take it back to the store, walk up to the customer service desk, hand it over and request a refund.
For online purchases, however, it's a lot more difficult. Common concerns for online merchants include:
- Who pays for the return shipping?
- Who organises the pickup?
- When does the merchant actually pay the refund?
However, no matter how a refund is handled, it typically takes up a lot of time and causes a fair bit of stress for both merchant and customer.
So, if a customer sees a hassle free way to get their money back, they’re probably going to use it.
Rightly or wrongly, some people see chargebacks as that hassle free method. After all, why would someone slog through a long refund process when they can demand the money back right now?
Your refund process has to compete with the appeal of chargebacks so you better make it as streamlined and friction-free as possible.
Don’t ask customers to jump through hoops, don’t ask them to fill out reams of paperwork and don’t employee frontline service staff who can’t actually deal with problems.
Once your customers know that you offer stress-free refunds, they will start using it instead of chargebacks.
Some online clothes retailers have actually started shipping packages with jiffy bags with prepaid postage included. If a customer doesn't like something, they stick it in the jiffy and mail it right back! Now that's what you call a great refund policy!
#3: Keep communicating
Think back to the last time you had to deal with poor customer service. Remember all the canned responses and generic replies. Remember the frustration it caused and irritation it provoked.
Well, when a customer experiences that sort of awful service, can you really blame them for resorting to chargebacks? I certainly wouldn't.
Do the simple things like responding to emails, phone calls and social media posts and do them well. Get back to people as soon as you can and provide genuine answers to their queries. You’ll be amazed how compliant a customer will be if they think you’re working for them rather than against them.
#4: Prevent fraudulent transactions
Unfortunately, when it comes to remote purchase fraud, the liability falls on you as the merchant. Whether you manage an established multinational or a cash-strapped startup, dealing with fraud is exceptionally disruptive to your operation.
To deal with this, all businesses require a solid online fraud prevention plan to block as many dodgy transactions as possible and set processes to address with any cases that slip through the cracks.
If you don’t already have a fraud prevention plan, you should set in one place!
#5: Dispute the chargeback
If all else fails, you can still dispute a chargeback. While the process is typically fairly time-consuming, it means you can recoup your losses, which might be worth your time.
Once the cardholder has contacted their issuer to dispute a transaction, the issuer will contact your acquirer. You will then receive written notification detailing the reason for the chargeback. This may include a request for information from the issuer to help determine the authenticity of the chargeback.
It's this point when you get to argue your corner and present a rock solid defence to the chargeback.
All acquirers will ask for different information so ensure you read their requirements to the letter and provide exactly what they're asking for.
Average Chargeback Rates
Accurate chargeback statistics are difficult to pin down as rates vary to a huge degree between industries. Below are figures from Ingenico.
|Average Chargeback Rate
|Media & eContent
How does your business perform against the industry standards? Let us know in the comments.
How Can I Stop Card Fraud?
Online payments are classed as remote purchase or card not present (CNP) transactions because you cannot physically look at and check the card or cardholder.
The anonymity of remote purchases means they are significantly more susceptible to fraud and, while online security is getting better, remote purchase fraud is steadily increasing as online sales continue to balloon.
Since online retailers are liable for losses from fraudulent activity, this trend is especially worrying.
Remote purchase losses on UK-issued cards [Source]
Year-on-year remote purchase fraud increase [Source]
Of all card fraud is remote [Source]
Whether you manage an established multinational or a cash-strapped startup, card fraud is a disruptive waste of your time and money.
Unfortunately, when it comes to remote purchase fraud, the liability falls on you, the seller. It’s up to you to prevent as much fraud as possible and deal with any cases that slip through the cracks.
#1: Compare the billing address and delivery address
One of the most common fraud red flags is a disparity between billing address and delivery address.
While there are legitimate reasons for those addresses to be different, it’s pretty unusual to have something delivered to Botswana when your customer's card is registered in Brighton.
There are several commercial anti-fraud services that automatically compare billing and delivery addresses and warn you of dubious orders as they come in. Alternatively, if you would rather not shell out for a third-party service, you can compare the details on orders details manually and hold back suspect dispatches.
If you suspect an order is not legitimate, contact the buyer directly and have them confirm key details like items purchased, their name and the shipping addresses.
#2: Consider using 3-D Secure checks
Originally pioneered by Visa under the name Verified by Visa, 3-D Secure is a security protocol that sits on top of online card payments. Most networks offer a similar protocol, for example, MasterCard's SecureCode and American Express' SafeKey.
A study from Ingenico showed just 29 percent of EUR transactions in the UK used 3-D authentication.
3-D Secure automatically runs after a user has entered their card details and typically require the user to enter in another password to authenticate their card. If the password entered is wrong, the order is rejected.
When introduced, 3-D Secure got a bad reputation for high levels of shopping cart abandonment as customers were frustrated with too much security and often couldn’t remember their own password. Nowadays, the card issuing bank decides which transactions will be asked to provide the 3-D Secure password based on the risk profile of the transaction. Factors such as the value of goods, is it from a merchant the cardholder has purchased from before and time of transaction (does it fit with cardholder’s normal shopping habits) are all taken into account. In the UK, less than 5% of transactions where 3-D Secure could be applied are actually subjected to 3-D Secure checks. This refinement has led to abandonment rates dropping significantly. In certain countries 3-D Secure has been proven to actually improve abandonment rates because it increases user trust in your website.
Nowadays, the card issuing bank decides which transactions will be asked to provide the 3-D Secure password based on the risk profile of the transaction. Factors such as the value of goods, is it from a merchant the cardholder has purchased from before and time of transaction (does it fit with cardholder’s normal shopping habits) are all taken into account. In the UK, less than 5% of transactions where 3-D Secure could be applied are actually subjected to 3-D Secure checks.This refinement has led to abandonment rates dropping significantly. In certain countries 3-D Secure has been proven to actually improve abandonment rates because it increases user trust in your website.
This refinement has led to abandonment rates dropping significantly. In certain countries 3-D Secure has been proven to actually improve abandonment rates because it increases user trust in your website.
#3: Restrict declined transactions
While it is relatively inefficient, brute-force fraud tactics will eventually succeed if they have enough time. Malicious fraud software can run every minute of every hour of every day, tediously trying out every credit card number in existence.
These tactics will eventually chance upon a successful match of card number and details.
The easiest way to block this type of fraud is to limit the number of declined transactions before you ban the user.
#4: Check IP address geolocation
Geolocation services usually work alongside address comparison tools. Unlike address comparison tools, these services use each user's IP address to identify their exact location and compares that information with the registered address of the cardholder.
Once it's got that information, the services can work in one of two ways.
One, it draws a radius around the registered address of the cardholder. If an order is placed from outwith the radius, it flags the transaction for you to check. Two, it blocks orders placed in ‘high risk’ countries or countries that you do not ship to.
#5: Challenge chargeback
Some chargebacks are lodged legitimately to challenge transactions. However, many are filed fraudulently by customers who have received goods or services but simply don't want to pay.
This is also known as friendly fraud.
A whitepaper from Global Risk Technologies suggested 86 percent of all chargebacks were placed fraudulently.
Once a customer initiates a chargeback, the issuing bank forwards the disputed transaction to your acquiring bank. This effectively reverses the sale and the cardholder’s account is credited with the value of the transaction. Your account has the funds from the transaction frozen.
At this point, you are permitted to argue your case to the acquiring bank and prove that the disputed transaction is, in fact, legitimate.
All banks will have slightly different appeal systems so it’s essential you follow their rules to the letter.
If you prove your case and win the dispute, the acquiring bank will repay you for the transaction.