Since the news first broke several weeks ago, we’ve learned that the Equifax breach is one of the biggest consumer security incidents in history - potentially affecting roughly 143 million Americans. With most American credit users left vulnerable by the hack, it’s understandable that customers would be worried how this will impact their credit and their long-term financial well-being. It’s merchants, though, who are really left holding the bag for these losses.
The Equifax Hack Will Lead to Merchant Chargebacks
The sheer volume of data compromised means that we could be feeling the effects of this breach for many years, or even decades. Criminals can use data in many ways; for example, they may use stolen account information to impersonate existing cardholders and commit clean fraud. They could also use partially-complete consumer information to invent dummy personas and apply for credit cards (a practice known as “synthetic fraud”).
Merchants will ultimately pay the price as criminal fraud evolves into chargebacks down the line. Fraudsters make-off with stolen goods while merchants lose:
To add insult to injury, the acquirer will also hit the seller with a chargeback fee per each dispute to cover the administrative costs. Finally, as chargebacks mount, sellers can experience real threats to their long-term sustainability, putting their entire business in jeopardy.
Hard to Track Impact
We can predict an increase in chargebacks, but it’s hard to say by how much.
Chargebacks tend to occur in a cycle about 45-60 days after a transaction, making disputes difficult to attribute to a single cause. There was also a preexisting trend toward increasing chargebacks, so it will be even harder—maybe impossible—to say which are the result of the Equifax hack.
The hack will also have an impact on consumer behavior. High profile hacks heighten customers’ awareness of fraud and anxiety at the possibility that a criminal may be using their information. Cardholders tend to be more vigilant in the weeks after a major breach, and are more likely to dispute charges that they suspect could be fraud.
Multilayer Fraud Solution is the Answer
The Equifax hack isn’t the biggest hack in history based on the number of consumers whose data was exposed. It could be the most damaging though, based on the highly-sensitive nature of the data that was jeopardized. The incident leaves us with a great deal of uncertainty for both merchants and consumers as to how to move forward.
For businesses, the only viable option is a multilayered approach.
I like to think of fraud prevention sort of like the old board game KerPlunk; the criminal attacks are the marbles, while each of the straws are tools meant to intercept fraud. If you only use one or two, they’re not going to be very effective at stopping fraudsters. If you use a bunch of complimentary tools, though, they’ll form a tight web that should block most attacks.
Every business requires a host of complimentary strategies. These should include address verification, CVV/CVC verification, device authentication, and geolocation. It’s also important to create a very in-depth, dynamic rule system for fraud filters for the same reason.
Above all, though, merchants need to exercise diligence in mitigating risk sources. Remember: there is no foolproof way to stop fraud and chargebacks. A business can use just about every tool available, but without diligent risk management, it won’t amount to much.
Post-hack, merchants need to stay on top of their game. Otherwise, they will quickly see their revenue start to slip away.
Monica Eaton-Cardone is an entrepreneur and business leader with expertise in technology, e-Commerce, risk relativity and payment-processing solutions. She is COO of Chargebacks911 and CIO of its parent company Global Risk Technologies.