Looking forward to Christmas? Spare a thought for the nation’s retailers, who will be battling as many as one million fraud attempts each day in the period following Black Friday, according to new estimates.
They come from ThreatMetrix, a fraud prevention company with good industry insight thanks to its Digital Identity Network platform which analyses over 20 billion transactions globally each year.
It predicted a 60% increase in fraudulent e-commerce transactions in Q4 2016 compared to the last three months of 2015.
Product and data evangelist, Rebekah Moody, told me that this time of year usually sees an uptick in activity as dodgy transactions are less likely to be spotted, because retailers loosen fraud filters to let more transactions through.
“Transaction volumes are much higher – we saw huge daily peaks for some merchants in the same period last year. This means some merchants may choose to adjust their risk tolerance to ensure that more transactions can be processed with less friction,” she explained.
Cybercriminals also jump on the fact that average basket values are usually higher in the run up to Christmas.
“Fraudsters capitalise on this by trying to sneak through higher value transactions that are less likely to flag as unusual in amongst the sea of high value transactions,” said Moody. “Last year we saw the average basket value of rejected transactions was around 70% more than the overall average. We expect this trend to be mimicked this holiday season.”
The problem is compounded by current fraud prevention technologies, many of which have problems detecting some of the more advanced techniques used by the black hats, including device and IP spoofing and automated bots.
The latter threat is increasingly prominent to the point where, during attack spikes, bot traffic exceeds legitimate user traffic, according to the company’s latest Cybercrime Report for Q3.
It has the following:
“What might begin as a simple account validation using a basic bot evolves to using a complex bot to guess unknown passwords, to a bot that masquerades as genuine human traffic to trick unsuspecting businesses.”
Another tactic which makes fraud hard to spot is when the scammer manages to trick a victim into downloading malware onto their machine.
“For example, a fraudster convinces a customer to download some remote access software after playing to their worst fears that their account is being hacked following a data breach. They pretend to be from the consumer’s bank, and reassure them that they will protect their account from the impending hack,” explained Moody.
“In actual fact they manage to take over the consumers account after the consumer has legitimately logged in.”
Because there are no unusual log-in patterns, strange locations or hacked devices to monitor, it might look like a legitimate transaction.
“The key here though is that the remote access software was suddenly enabled, and then the fraud occurred,” Moody told me. “It’s not the fact that there was remote access software installed; many consumers use this legitimately. It was the change in behaviour. Unless a fraud system is advanced enough to detect this, it could be easy to see how this technique could cause huge issues.”
The best systems work in the background, using contextual data and real-time behavioural analytics in a way that is invisible to the user. But unfortunately they’re still not the norm. According to Barclays, two thirds of retailers (64%) are confident that their digital infrastructure will cope well with the Christmas rush. But if they prioritise up-time and sales over fraud prevention, there could be some nasty surprises down the line.
Daily deals giant and one-time darling of Silicon Valley, Groupon, is having a hard time of it. An IPO in 2011 raised a whopping $700 million, apparently more money at the time than any US firm since Google. But more than four years after the flash deals specialist was valued at nearly $13 billion, there’s very little to celebrate.
In September, the firm announced over 1,000 job cuts as part of its ‘One Playbook’ plan to cut debt and kick-start growth. Its CEO has moved across to chairman and the firm is quitting several markets including Morocco, Panama, the Philippines, Puerto Rico, Taiwan, Thailand and Uruguay. In November the firm’s shares plummeted 27% after it forecast 2016 revenue of $2.75 billion-$3.05 billion, below analyst estimates.
So what went wrong? I’ve been chatting to analysts for a piece in IT Pro (Hong Kong) about this and the general consensus is that it shouldn’t have IPO’d when it did. IDC Retail head of Europe, Spencer Izard, told me that the firm simply can’t keep up with the demand for high quality deals on a daily basis, so it’s failing in turn to meet the insatiable growth demands of shareholders.
For Gartner’s Sandy Shen, it’s a vicious circle. Groupon is not coming up with consistently good deals, so customers are leaving. Merchants see these falling customer numbers and the fact that most are only after that one deal and aren’t returning, so they also lose interest.
For Miya Knights, global technology research director at Planet Retail, there’s simply too much competition for the firm these days, and not just from bricks and mortar stores, which have lowered their prices to match the web.
“Groupon was first to the flash deals party, but has certainly not been the last. The space it occupies has been filled with direct, global and local competitors that offer deals across a wide range of categories, like Wowcher in the UK. More niche, specialist deal sites, for hotels, holidays, and home furnishings etc. have also emerged to fill the space,” she told me by email.
“Groupon’s figures, however, show it still has a loyal customer base and that revenues are strong. It’s just that its business model is broken: it does not generate enough revenue from its daily deals, which is where the margin lies, and relies too heavily on selling goods at discount prices, where the margins are tiny.”
So is there any hope for the site? It’s now trying to rebrand as an online marketplace, but with the likes of Amazon and eBay also playing in that space, the future doesn’t look too rosy.
Alibaba finally announced plans to list on the stock market on Sunday after months of speculation and protracted discussions with the Hong Kong stock exchange.
A lot of the column inches devoted to this piece of news have focused on the firm’s decision to chose the US, rather than Hong Kong to IPO, and while it will be a blow to the SAR, there really wasn’t much it could do.
The bottom line is that Alibaba wanted to continue electing the majority of its board even after going public and the HKSE has a very strict one-shareholder-one-vote rule, which it could not break. End of story.
Of course, its decision to go Stateside doesn’t hurt Alibaba’s attempts to globalise its brands and attract more big name investors from the US. It will certainly be pretty happy with the way things turned out.
However, it would be wrong to interpret the move as an attempt to internationalise, even given the following statement from the firm:
This [IPO] will make us a more global company and enhance the company’s transparency, as well as allow the company to continue to pursue our long-term vision and ideals.
As numerous industry analysts have told me this week, the IPO is all about raising funds (as much as $15bn if rumours are to be believed) to grow its business in China.
Yes, it’s still China that dominates Alibaba’s thinking and it’s easy to see why. In terms of e-commerce the likes of Amazon and eBay will make it very difficult to compete outside the Middle Kingdom, while inside there is still a huge amount of growth going on.
China is poised to become the world’s biggest market for online commerce by 2015-16. “Growth will double in the next five years so the market is definitely big enough for two or three major providers,” Gartner analyst Jane Zhang told me.
This is just as well, as arch rival Tencent is breathing down its neck with its recent JD.com deal and could present a significant challenge to Ali in the future, Zhang added.
Not that Alibaba has taken its eye off the ball with mobile, investing in Sina, AutoNavi and extending Taobao to the mobile sphere, but its Laiwang messaging service has been a bit of a stinker and really pales in comparison to WeChat’s success.
A lot of the IPO money, Zhang told me, will go on growing its cloud and hybrid infrastructure, as Alibaba takes a leaf out of Amazon’s book and goes into business of providing IT infrastructure as a service in earnest.
Frost & Sullivan analyst Marc Einstein echoed these thoughts.
“Alibaba has some global ambitions but obviously competition is too severe in the US and emerging markets would be more likely targets,” he told me. “Therefore I think that they will continue to diversify into new businesses and mirror companies like Google and Amazon rather than trying to compete head on.”