Fraud Prevention Glossary
Welcome to the NoFraud Fraud Prevention Glossary. We’ve curated an extensive list of commonly used fraud terminologies — and related resources — to arm you with the knowledge you need to safeguard your eCommerce business.
Account takeover refers to the unauthorized access and control of someone else’s online account by a fraudster. It involves the fraudulent acquisition of login credentials, such as usernames and passwords, to gain unauthorized access to an individual’s or organization’s account across various platforms, including email, social media, banking, or eCommerce.
Address verification systems (AVS) are tools or services used by financial institutions to validate the accuracy and legitimacy of a provided address. The primary purpose of AVS is to help merchants prevent fraud. This used to be the gold standard and the banks thought that if a card was stolen, the thief would have no way of knowing the correct billing address. However, because of the explosion of data breaches, AVS verified addresses are often sold alongside stolen card credentials such as credit card number, expiration date, and CVV code. So while AVS data can be a helpful tool in fraud prevention, it can no longer be solely relied upon.
Affiliate fraud, also known as affiliate marketing fraud, refers to deceptive practices aimed at manipulating or abusing affiliate marketing programs for financial gain. In affiliate marketing, businesses reward affiliates (publishers or marketers) for driving traffic or generating sales through their promotional efforts. However, fraudsters exploit this system to fraudulently earn commissions or benefits without legitimate referrals or actions.
A brute force attack is a type of cybersecurity attack in which an attacker attempts to gain unauthorized access to a system, account, or encrypted data by systematically trying all possible combinations of passwords or encryption keys until the correct one is found. This method is typically used when the attacker has no prior knowledge of the target’s password or key.
Buy Now Pay Later (BNPL) fraud refers to fraudulent activities or scams involving the use of Buy Now Pay Later services. BNPL services (e.g., Affirm, Klarna, Afterpay) allow consumers to make purchases and defer payment, typically in installments, instead of paying the full amount upfront. While BNPL options provide convenience and flexibility for consumers, fraudsters exploit these services by using stolen credit card information or avoiding repayment.
Buy Online Pickup In Store (BOPIS), also known as Click and Collect, is a retail fulfillment model that allows customers to purchase products online and pick them up at a physical store location. It offers convenience and flexibility to consumers by combining the ease of online shopping with the immediacy of in-store pickup. However, like any retail transaction, BOPIS can be vulnerable to fraud. Fraudsters use BOPIS to avoid having products shipped to a physical address, which could raise suspicion.
Card skimming is a type of credit card fraud in which criminals use a small, inconspicuous device known as a skimmer to steal card information from unsuspecting victims. Skimmers are typically placed on legitimate card-reading devices, such as ATMs, gas station pumps, point-of-sale (POS) terminals, and other payment systems. When a person inserts their credit or debit card into the compromised machine, the skimmer captures the card’s magnetic stripe data, including the card number and sometimes the cardholder’s name and other details.
Card testing fraud, also known as credit card testing or carding, is a type of fraudulent activity where fraudsters test the validity and usability of stolen or compromised credit card information. The purpose of card testing is to determine which stolen card details are still active and have available credit or funds. Card testing can be easily identified based on the velocity of attempts with a common trait being all orders are coming from the same IP address. If undetected, card testing can run up overwhelming gateway fees if basic bot prevention software is not installed on a merchant’s website.
A card-not-present (CNP) transaction occurs when a purchase is made remotely, typically online, without the merchant physically processing the cardholder’s credit card via a payment terminal.
Card-not-present (CNP) fraud is a type of payment card fraud that occurs when a credit or debit card is used for a transaction in which the physical card is not present. In CNP transactions, a fraudster uses the victim’s card without their authorization. The fraudster will make purchases using the victim’s card details, such as the card number, expiration date, and the card’s security code (e.g., CVV), but the card itself is not swiped, inserted, or physically presented to a merchant. CNP fraud is commonly associated with online and phone transactions, as well as mail-order and catalog purchases.
Cart abandonment, or checkout abandonment, refers to the situation where a website visitor adds items to their online shopping cart but leaves the website without completing the purchase. It is a common occurrence in eCommerce and can have a significant impact on a retailer’s revenue.
Chargeback management refers to the process of effectively handling and resolving chargebacks, which occur when a customer disputes a charge on their credit or debit card and requests a refund from the card issuer. Chargebacks can be a complex and time-consuming aspect of managing payment disputes, and effective chargeback management aims to minimize financial losses, identify business processes that need improvement and save on labor costs.
Chargebacks occur when a customer disputes a charge with their financial institution. Often, chargebacks are a result of an unauthorized charge due to fraudulent activity. Less frequently, a chargeback can also result from merchant error, such as accidentally running a charge through twice, or by a legitimate customer who is dissatisfied with the product or service.
Checkout abandonment, also known as cart abandonment, refers to the situation where a customer adds products to their online shopping cart but leaves the website or abandons the purchase before completing the checkout process. It is a common phenomenon in eCommerce and can result in lost sales opportunities for businesses.
Credential stuffing is a cyberattack method in which attackers use stolen username and password combinations from one data breach to gain unauthorized access to user accounts on various online services. This attack leverages the fact that many people reuse the same credentials (usernames and passwords) across multiple websites and services. When one of these websites is breached and user data is exposed, cybercriminals take these stolen credentials and attempt to access other accounts using the same username and password combinations.
Credit card fraud, also known as card-not-present fraud, refers to fraudulent activities that occur during the checkout process of an online transaction. It involves the unauthorized use of someone else’s payment information to make purchases without their knowledge or consent. Credit card fraud is particularly common in eCommerce and online shopping scenarios where the physical presence of the payment card is not required.
The dark web is a part of the internet that is intentionally hidden and not indexed by traditional search engines. It is a subset of the deep web, which includes all web pages not indexed by search engines, but the dark web specifically refers to websites and online content that are intentionally concealed and typically associated with illegal or illicit activities.
Device intelligence refers to the use of data and analytics to gather information about devices used by individuals, such as smartphones, tablets, or computers, in order to assess their risk profile, detect fraud, and enhance security. By analyzing various attributes and patterns associated with a device, fraud solutions ingest device intelligence along with the other data they collected, or have at hand to identify anomalies, suspicious activities, or potential risks.
Digital wallet fraud refers to fraudulent activities that specifically target digital wallet services like Apple Pay, Paypal, Google Pay. Also known as mobile wallets or e-wallets, digital wallets are applications or platforms that allow users to store payment information, make online transactions, and conduct in-store payments using their mobile devices or other electronic devices. While digital wallets offer convenience and security, they can also be vulnerable to various types of fraud. Digital wallets obscure customer payment information and oftentimes don’t require standard authentication, making it easier for fraudsters to use stolen credit cards and harder for merchants to have the evidence they need to fight chargebacks.
A Distributed Denial of Service (DDoS) attack is a malicious attempt to disrupt the regular functioning of a network, service, website, or online application by overwhelming it with a flood of internet traffic. The objective of a DDoS attack is to render the target system or network unavailable to its users, causing downtime, slowdowns, or service disruption. Cybercriminals might launch a DDoS attack on a targeted organization’s network to divert the attention of IT and security teams while simultaneously carrying out a separate fraud scheme, such as attempting to steal sensitive data or conduct financial fraud. The DDoS attack serves as a smokescreen to distract from the actual fraudulent activities. This is a tactic employed by cybercriminals to create chaos and confusion, making it more challenging for security personnel to detect and respond to multiple threats simultaneously.
False declines, also known as false positives or wrongful rejections, occur when legitimate transactions are mistakenly declined or rejected as fraudulent. False declines can have a significant impact on both merchants and customers. For merchants, false declines result in lost sales, customer dissatisfaction, and potential damage to their reputation. Customers may experience frustration, inconvenience, and a loss of trust in the merchant’s payment system.
Fraud detection refers to the process of identifying and detecting fraudulent activities or behaviors within a system or organization. It involves using various techniques, technologies, and analytical methods to identify patterns, anomalies, or suspicious activities that may indicate fraudulent behavior. Effective fraud detection helps in early identification and mitigation of fraud risks.
Fraud prevention refers to the proactive measures and strategies implemented by individuals, organizations, and financial institutions to detect, deter, and mitigate fraudulent activities. Fraud can take various forms, such as identity theft, payment fraud, account takeover, or deceptive practices. Implementing effective fraud prevention measures is crucial to protect individuals and businesses from financial losses, reputational damage, and legal consequences.
Fraud risk management refers to the strategies, processes, and measures implemented by organizations to identify, assess, mitigate, and monitor the risks associated with fraud. It involves the proactive identification of potential fraudulent activities, the implementation of controls and safeguards to prevent fraud, and the continuous monitoring and detection of fraudulent behavior. Effective fraud risk management helps organizations protect their assets, reputation, and stakeholders from the financial and operational impacts of fraud.
A fraudster is an individual or entity that engages in fraudulent activities, intentionally deceiving others for financial gain or other malicious purposes. Fraudsters employ various tactics to deceive and exploit victims, often through dishonest or illegal means. Their actions may involve identity theft, payment fraud, account takeovers, or other forms of fraudulent activities. Fraudsters are skilled at manipulating individuals or systems to achieve their fraudulent objectives, and they often target vulnerable individuals, businesses, or financial institutions. It is important to stay vigilant, protect sensitive information, and report any suspicious activities to authorities or relevant institutions to combat fraud and protect against potential harm caused by fraudsters.
Friendly fraud, also known as chargeback fraud or friendly chargeback, occurs when a customer makes a legitimate purchase using their credit card or payment method but later disputes the charge and requests a chargeback from their bank or credit card company, claiming that the transaction was unauthorized or fraudulent. Unlike traditional fraud, friendly fraud involves the original account holder themselves initiating the fraudulent chargeback.
Identity theft refers to the illegal acquisition and use of someone else’s personal information, such as their name, social security number, credit card details, or other identifying data, without their knowledge or consent. The purpose of identity theft is usually financial gain, and it can have severe consequences for the victims.
Interception fraud, also known as man-in-the-middle (MITM) fraud, occurs when an unauthorized third-party intercepts and manipulates communication between two parties engaged in a transaction or data exchange. The fraudster positions themselves between the legitimate sender and receiver to eavesdrop on or alter the information being transmitted, or intercept a package during shipment.
IP address geolocation tracking is a method used to determine the approximate geographic location of an internet-connected device based on its IP address. Every device connected to the internet is assigned a unique IP address, which can provide information about the general location of the device. IP geolocation tracking is often used for various purposes, including fraud detection, targeted advertising, content localization, and website analytics.
“Item Not Received” (INR) fraud refers to fraudsters falsely claiming that they did not receive the purchased item with the intention of obtaining a refund or a replacement item without paying for it.
Manual review is a process in which a human reviewer assesses and evaluates certain transactions, accounts, or activities manually, rather than relying solely on automated systems or algorithms. Activities include looking up shipping addresses, spending time on Google, and sometimes reaching out to customers in an attempt to verify their identity.
Merchant fraud, also known as merchant-based fraud, refers to fraudulent activities committed by merchants or businesses themselves. It involves deceptive practices aimed at unlawfully obtaining financial gain or exploiting loopholes in payment processes. Merchant fraud can take various forms and negatively impact both consumers and other businesses. For example, a common merchant fraud scheme involves fraudsters creating a fake online store that sells products but never delivers them or delivers a cheaper item in lieu of the higher priced product the customer intended on purchasing.
Multi-factor authentication (MFA), also known as two-factor authentication (2FA) or two-step verification, is a security process that requires users to provide two or more different authentication factors to verify their identity when logging into an account, system, or application. MFA adds an extra layer of security beyond traditional username and password authentication by making it significantly more difficult for unauthorized users to gain access.
Payment gateway fraud refers to fraudulent activities that target payment gateways, which are the technology infrastructure used to facilitate secure online payment transactions. Fraudsters exploit vulnerabilities in payment gateways to carry out unauthorized transactions, gain access to sensitive payment information, or manipulate payment processes for their financial gain.
Payments fraud refers to any fraudulent or unauthorized activity that occurs during a payment transaction, typically involving the use of stolen payment information or deceptive practices to gain financial benefit illegally. Payments fraud can occur in various forms, and it poses significant risks to both individuals and businesses.
Phishing is a type of cyberattack or social engineering technique where attackers attempt to deceive individuals into revealing sensitive and confidential information, such as login credentials, financial details, or personal information. This is typically done by posing as a trusted entity or individual through various means, often through email, but also through other communication channels like text messages, social media, or phone calls. The goal of phishing attacks is to trick the victim into taking specific actions that benefit the attacker, such as clicking on a malicious link, opening a malicious attachment, or providing sensitive information.
Post-gateway fraud prevention refers to the set of security measures and strategies employed to detect and prevent fraudulent activities after they have passed through a payment gateway or other critical points in an online transaction process. While pre-gateway fraud prevention focuses on identifying and blocking potentially fraudulent transactions in real-time before they are processed, post-gateway fraud prevention comes into play after the transaction has been approved and processed. Post-gateway fraud prevention is crucial for identifying and addressing fraudulent transactions that may have initially gone undetected during the authorization process.
Pre-gateway fraud prevention refers to a set of security measures and strategies designed to detect and prevent fraudulent activities before they reach a payment gateway or other critical points in an online transaction process. The objective is to identify and block potentially fraudulent transactions in real-time, reducing the risk of financial loss and protecting both consumers and businesses from various forms of payment fraud.
Referral fraud, also known as referral program fraud or referral abuse, occurs when individuals or fraudsters manipulate referral programs or systems to fraudulently gain benefits, rewards, or incentives. Referral programs are designed to incentivize existing customers or users to refer new customers or users to a business or platform. However, fraudsters exploit these programs by engaging in deceptive practices to generate fake or invalid referrals.
Representment, also known as chargeback representment, is the process by which merchants can dispute chargebacks. When a customer files a chargeback, claiming that a transaction was unauthorized, fraudulent, or unsatisfactory, the merchant has the opportunity to provide evidence and arguments to challenge the chargeback and recover the funds. During representment, the merchant gathers relevant documentation, such as sales receipts, shipping records, proof of delivery, customer communication, and any other evidence supporting the validity of the transaction. This evidence is then submitted to the merchant’s payment processor or acquiring bank, who acts on behalf of the merchant in presenting the case to the customer’s bank or credit card company. The goal of chargeback representment is to prove that the charge in question is legitimate and therefore should not be reversed.
In eCommerce, a risk assessment is a critical process for online businesses to identify, evaluate, and mitigate potential risks associated with their online operations. Online merchants face various risks, including financial, security, legal, operational, and reputational risks. Conducting a comprehensive risk assessment helps organizations understand their vulnerabilities and implement strategies to protect against these risks.
Risk scoring is the process of assigning a numerical score to evaluate the level of risk associated with a particular transaction or customer within an eCommerce business. This scoring system helps businesses identify and prioritize high-risk transactions or customers, allowing them to take appropriate actions, such as approving, reviewing, or rejecting transactions. Risk scoring is a crucial component of fraud prevention and risk management in online retail.
Social engineering is a manipulative technique used by cybercriminals to deceive shoppers or employees of organizations into divulging confidential information, granting unauthorized access, or performing actions that compromise security. It exploits human psychology and trust to gain access to sensitive data or systems. Social engineering attacks rely on deception and manipulation rather than technical vulnerabilities.
Subscription fraud, also known as subscription-based fraud or account takeover fraud, occurs when an individual or a fraudster gains unauthorized access to someone else’s personal or financial information to fraudulently sign up for subscription services or accounts. The fraudulent party takes advantage of the victim’s identity or payment details to initiate subscriptions without their knowledge or consent. With subscription fraud, attackers will also try to manipulate loopholes in the integration between subscription and fraud prevention solutions in an attempt to bypass fraud detection.
Triangulation fraud involves three parties — the fraudster, the unsuspecting legitimate shopper and the eCommerce store. An online storefront is created by the fraudster, often on eBay or Amazon, that offers high-demand goods at extremely low prices. The store collects payment for the goods it sells. The fraudster then uses other stolen credit card data and the names collected in orders on his online storefront to purchase goods from a legitimate website and ships them to the customers that purchased on his new online storefront. This type of fraud can usually be identified by the products that are targeted as well as some investigative work by locating the unsuspecting shopper who can identify the storefront where the stolen goods were purchased.
Velocity checks, also known as velocity limits or velocity rules, in the context of cybersecurity and fraud prevention, are mechanisms used to monitor and control the rate at which certain actions or transactions can occur within a system or application. These checks are employed to detect and prevent fraudulent or malicious activities, such as account takeovers, card-not-present (CNP) fraud, or Distributed Denial of Service (DDoS) attacks, by limiting the frequency or speed of these actions.
Verification checks refer to the process of verifying the accuracy, authenticity, or eligibility of certain information or individuals. These checks are commonly used in various contexts, such as online transactions, account registrations, employment screening, identity verification, and more. Verification checks help ensure that the provided information is valid and reliable, reducing the risk of fraud or misuse.