A
Arbitration: Arbitration takes place when a third person, impartial, resolves a dispute between two parties outside the dispute, listening to their evidence and testimony to make a decision. e-commerce increasingly uses online dispute resolution to solve problems with a transaction.
Authenticator: The services provided by an authenticator provide an extra layer of protection to clients. This is because they confirm the identity of a customer during the login or checkout process on an e-commerce page and at the time of payment.
This can be done through questions that only the person knows the answer or biometrics. While this system can cause friction with the customer experience, it prevents user accounts from being compromised.
Authorization: The authorization request for the amount to be transacted is sent from the merchant to the acquiring bank. Then goes to the card issuing bank. If approved, the purchase amount is deducted from the cardholder's account and he receives a confirmation of the purchase.
Autofraude: While the other types of fraud in e-commerce are caused by third parties, this is an action carried out by the cardholder himself. To do so, he makes the purchase online and, within the period granted by the financial institution (180 days), disputes the transaction, claiming that he did not make the purchase, even though he has already received the product or service.
AVS: The address verification system (AVS) is a fraud filter that many e-commerces use to block potentially fraudulent orders. For the transaction to be approved, the numeric portions of the billing and shipping addresses that a customer inserts must match those recorded at the card issuing bank. Otherwise, the transaction may be declined or flagged for manual review.
B
Big Data: Refers to the volume of information that a company collects and stores daily from various sources, such as customer data, business transactions, email correspondence, as well as social media presence. E-commerce can use this data to get detailed information about consumer behavior and identify business trends.
Botnet: This term is a combination of the words "robot" (bot) and "network" (net). In general, it refers to a malicious sequence of internet-connected devices used to steal data and compromise other computers and systems.
C
Chargeback: The chargeback, which means chargeback, occurs when the cardholder identifies a questionable transaction on the credit card statement and complains to the credit card issuer.
If the issuer understands that the cardholder did not make the purchase and therefore the transaction was made with a stolen card, or if the product was not received, the transaction amount is refunded, and an additional fee from the merchant is charged.
Credit agency: These are agencies that collect and sell data related to a person's credit quality. They collect valuable information that allows lenders to decide how reliable an individual is in paying their debts. Because they deal with sensitive information, they become particularly susceptible to cyber attacks and violations.
Credit card fraud: This type of fraud includes theft or identity assumption. Fraudsters can access a victim's credit card data by purchasing information on the deep web or dark web(hidden part of the web), using skimmers (card readers) at gas station pumps or through corporate data breaches, in addition to other methods.
Cryptography: Encryption is a technology that encodes data so that only authorized parties can access it. Encrypted information makes it difficult to access by preventing interception for illegal purposes. Even if they are intercepted by a hacker, he will not be able to decode them without the decryption key.
CVC: Online purchases often request the Credit Card Verification Code (CVC) number as a way for e-commerce retailers to verify that the consumer actually has the card used in the purchase. There are three or four digits printed (without embossed) on the back of the card.
Although this identification is not necessary for online transactions, it provides an extra layer of security for the cardholder as well as for the merchant.
D
Data theft on fake websites: Many fraudsters use technology to take advantage of people, including creating websites identical to those of consumer stores, with registration sites to steal sensitive data. From this, they misuse information in various types of fraud for their own benefit.
Digital signature: The digital signature assists in the conference of the authenticity of a digital message or document. It provides reliability to the source of the data and ensures that it has not changed during transit. These are encrypted authentications, equivalent to legal signatures handwritten in several countries.
F
False refusals: False refusals (or false positives, as they are also called) occur when a legitimate transaction is flagged by the fraud protection system and refused. In general, this can happen when the cardholder requests the shipment of the purchased products to an address other than the registered one. With this, the customer is mistakenly identified as a fraudster and cannot finalize the purchase.
Friendly fraud: Friendly fraud happens when the cardholder disputes a purchase or requests reversal because they simply don't know that someone nearby, such as a friend or family member, used the card to carry out the transaction. What differentiates this from other types of fraud is that, in these situations, there is no intention to deceive a victim or get some kind of gain from the situation.
M
Malware: This term is an abbreviation of "malicious software", designed to damage computers, servers, and even networks through computer viruses such as ransomware, spyware, and others. When installed on the victim's computer, you can even capture the keys you typed by the user while they enter usernames, passwords, and emails. With this, fraudsters can access accounts and use balances for fraudulent purchases.
Multi-channel merchant: Multi-channel marketers focus on putting their products in the hands of customers, wherever they are through websites and social networks. They are diversified channels that go beyond physical sales, by phone and catalog.
P
Payment fraud: Refers to any fraudulent transaction performed by a criminal that results in the theft of money, property or access to the victim's confidential information. Fraudsters increasingly engage in subtle behavior to trick unsuspecting consumers who release personal data.
Phishing: Also called data fishing, this is a very widespread form of Social Engineering. This is identity theft and one of the fastest growing fraudulent occurrences in the online environment. It happens when the criminal sends email or text message with a fake link.
When accessing it, the browser is redirected to altered pages containing malicious viruses that install on the victim's machine. From there, it runs the risk of exposing your personal data, which can generate improper business transactions.
R
Reversal fraud: While chargebacks exist to protect consumers from loss from identity theft and unfair business practices involving credit cards, some malicious customers record an undue chargeback in a legitimate transaction. So they get the product and receive a full refund of the purchase.
Reversal protection: Typically, reversal protection covers a portion of the losses that a company may suffer due to fraudulent transactions. However, it does not fully reimburse traders. Instead, they may receive invoice discounts based on predetermined KPIs.
S
Social Engineering: This is one of the biggest security threats that companies face today. Social Engineering deceives people, through a set of actions, to violate security and disclose information or perform some action in this sense.
To do this, fraudsters present themselves as authorities or representatives of companies to obtain sensitive data, through non-technical methods, such as phishing.
Speed filters: Speed filters monitor specific data elements (such as email address, phone number, and billing/shipping addresses). They limit the number of transactions a site can process in a given period (one hour, one day). This prevents a fraudster from having time to test various numbers of stolen cards in order to verify that they work.
T
Tokenização: Payment services such as Apple and Android use tokenization to protect sensitive data by exchanging personal information for randomly generated data. That way, a person's actual credit card data is never accessed or used.
This is a frictionless process and almost invisible to consumers. In addition, it helps protect against credit card data theft during a transaction and helps merchants meet industry security standards such as PCI DSS.
U
Use of someone else's identity: Identity theft is one of the most commoncrimes in many years. The criminal passes himself off as someone else and uses third-party identity data to make purchases on behalf of the victim. In general, this data is obtained electronicly, and the card owner does not recognize the purchase, requesting a refund to the card company.