It's no secret digital consumers increasingly purchase goods and services via cross-border transactions. Digital commerce has essentially created a global economy without borders. In fact, according to Nielsen’s Global Connected Commerce Report, in February 2016, 57 percent of the respondents made a cross-border e-commerce purchase in the past six months. Recognizing this trend, businesses are crafting strategies to make cross-border commerce more efficient and customer-centric. However, it is critical for businesses to also keep cybersecurity top-of-mind.
While cross-border transactions present new revenue opportunities for businesses, they also present new targets for cybercrime attacks. The Nielsen report found that the 2015 holiday shopping season saw an increase in cross-border fraud attempts. The proliferation of cross-border shopping and money transfers is causing financial institutions, e-commerce merchants and other businesses to preemptively invest in a digital-first, cross-border security strategy.
Given the increase in cross-border commerce, businesses should implement the following strategies to protect their customers without disrupting their user experience.
Understand users’ full digital identities
Businesses need new ways of assessing digital identities to detect when personal information and devices are being used illegitimately based on historical norms. By understanding how digital identities—which include a combination of a user’s actions, devices, accounts, locations and more—are used across websites, businesses can identify anomalies, such as multiple shipping addresses for one account or suspicious devices being used to complete a transaction. For example, in today’s cross-border commerce world, a fraudster might gain access to U.S. credit card credentials, place an order and have it delivered to a different location, or multiple locations the customer has not used as a shipping address before. By understanding the user’s full digital identity, businesses will know to flag a transaction such as this one as fraudulent.
Leverage global shared intelligence
To proactively prevent cyber threats, organizations need to look beyond their own walls to share actionable threat intelligence about compromised identities and devices. Sharing anonymized, cross-border intelligence will ultimately enable businesses to easily identify fraudsters and better protect cross-border transactions. With every data breach, all businesses operating online face the aftermath, as pieces of a user’s digital identity can be used repeatedly for continued attacks. By sharing threat information across a global network, businesses can ensure suspicious transactions and activities are blocked without adding friction for authentic and returning customers.
One of the biggest challenges these businesses face when expanding to new geographies or accepting transactions from new geographies is maintaining compliance. For example, the U.S. Office of Foreign Assets Control (OFAC) has regulations in place that prohibit business transactions with embargoed or restricted countries or assets. To maintain compliance, businesses must know the true location of their customers and transactions, which becomes increasingly challenging for banks and e-commerce merchants in particular. This is because customers frequently disguise their locations in an effort to maintain privacy and protect personal data, among other reasons. At the same time, cybercriminals spoof their locations to avoid detection when attempting fraudulent activity.
Most companies use outdated technologies such as IP addresses to detect a transaction’s true location, which can put them at risk of violating regulations such as those set by OFAC. Instead, businesses need advanced technology that can detect when users are spoofing their true locations, saving businesses from compliance fines and accurately differentiating between trusted customers and fraudsters.
In the coming years, consumers will increasingly engage in cross-border commerce and the trend shows no signs of slowing down. By accurately assessing digital identities, working with fellow businesses using global shared intelligence and understanding compliance, businesses can capitalize on cross-border commerce while maintaining a positive user experience.