Marketplaces are particularly targeted by fraud attempts and are exposed to a growing risk of bank data breaches. Hence, they must do everything possible to secure their environment, ensure data protection, and guarantee safe transactions. In this article, we offer 5 tips for limiting fraud, ensuring compliance with regulatory requirements and guaranteeing secure transactions, to provide users with the best possible payment experience.
Implement robust security and compliance measures
Comply with PCI DSS data security standards
PCI DSS (Payment Card Industry Data Security Standard) certification is a global security standard for banking data. It includes a set of requirements that must be met to improve consumer data security online. In a nutshell, it involves:
- Collect and securely communicate user credit card data.
- Back up data securely, using encryption technologies.
- Guarantee that the required safety checks are carried out every year.
Guarantee a strong authentication procedure
To strengthen payment security, reduce fraud and improve the customer experience, it's necessary to apply a robust authentication procedure (SCA - Strong Customer Authentication) during transactions. This initiative is a response to the financial regulations within the European Union set out in the PSD2 (Payment Services Directive). To ensure compliance, a marketplace must use the 3D-Secure-v2 protocol, which requires at least two authentication factors to standardise and strengthen its payment control system. These factors can be:
- Knowledge: secret questions, passwords, secret codes
- Possession: connected device, mobile phone, smart card
- Inherent: facial recognition, fingerprint, voice recognition
Identify and prevent fraud effectively
Implement KYC procedures
Regarding security, one of the fundamental verification procedures concerns KYC (Know Your Customer). The marketplace must validate the sellers' identity by gathering information to prove they are who they say they are. This is particularly important in the fight against money laundering and the financing of terrorism (LCB-FT). This procedure, which meets regulatory requirements, also ensures marketplace users' security in the fight against financial fraud and identity theft. The KYC obligation also applies to marketplace buyers. To achieve this, a marketplace can rely on verification processes such as buyer registration with identity and residence verification, profile validation by sellers, sending a letter with authentication codes, etc. There are many security solutions! It's also advisable to have a KYC team of legal and IT security experts who can control suspicious behaviour.
Raise awareness of security and fraud among buyers and sellers
Transactions on marketplaces involve exchanging sensitive data and substantial amounts of money. In addition to security measures such as multi-factor authentication and data encryption, it's crucial to inform users of the importance of data security and provide them with the proper cybersecurity practices.
Improve dispute management
The marketplace model is unique in that it concentrates large volumes of orders, so it's important to anticipate various dispute scenarios (product quality, late delivery, non-compliance). However, there are tried and tested methods and solutions to prevent reputational risks. Each marketplace can define its dispute resolution policy to resolve disputes effectively and fairly: mediation mechanisms, arbitration methods, customer service to resolve conflicts effectively and fairly, etc. A marketplace can define its dispute resolution policy:
- Secure deliveries to avoid significant delays.
- Opt for an effectively processed and responsive after-sales service.
- Improve the refund process: only pay the seller once the buyer has received an order that meets his/her expectations.
- Guarantee transparency in the payment process: provide clear transaction traceability (dates, references, amounts, etc.). All key information must be easily accessible.
- Set up an integrated, transparent and accessible dispute resolution mechanism to deal with problems quickly.
- For B2B marketplaces, it is possible to take out credit insurance, which assesses a buyer's reliability and suggests an appropriate payment term. For example, in the event of a poor credit history, a cash payment will be requested. The credit insurer is responsible for collection if the buyer defaults on payment. This solution, which minimises risk and offers merchants a guarantee, is a good way of enhancing user value, securing sales and increasing trust in the marketplace.
Have a continuous activity monitoring
Equip yourself with a monitoring dashboard
The dashboard allows a marketplace to monitor marketplace activity effectively with a 360° view. By tracking transactions in real time (payment details, amounts, dates, payment status), it is possible to exploit the data and generate reports. Having accurate information and these indicators helps to reduce fraud.
Set up alerts
Specific alerts can be configured using the dashboard to detect fraudulent transactions, enabling all accounts to be managed effectively and centrally. The leading indicators to monitor are:
- A sudden increase in the number or volume of incoming transactions in relation to the marketplace's history and vertical
- A sudden drop in card acceptance rates
- A significant or abnormal increase in the card chargeback rate
- Payments are significantly higher than the usual average basket
- Cash payment requests less than 48 hours after receipt of payment
- Multiple requests for payments from vendors over a very short period of time
- An increase in the number of sales on days or at times that are unusual for the platform concerned and its sector of activity
- Different identities for the same bank card used for several purchases.
In the event of alerts, it is crucial to be able to rely on a proactive team capable of responding in real-time (by blocking fraudulent transactions, for example).
Find the right partners to meet your marketplace's challenges
Rely on a payment service provider that ticks all the boxes
To ensure compliance with standards, to provide a framework of trust, to process sensitive data and to secure payments on marketplaces; companies can use a payment service provider (PSP). This partner is responsible for all aspects of transaction compliance and security. By combining the best verification (OCR, instant KYC), encryption and authentication (2FA) technologies, Lemonway strengthens the payment control system and limits the risks associated with fraudulent behaviour. Thanks to its robust and innovative technology, Lemonway has protected and ring-fenced the funds of several thousand platforms since 2012. All data is hosted in PCI DSS-compliant data centres in France. Furthermore, Lemonway provides a wealth of information about transactions and the ability to configure specific alerts to optimise the detection of suspicious behaviour. Finally, the teams work alongside marketplaces to ensure the necessary responsiveness in the event of fraud, providing recommendations and solutions and limiting the spread of the threat.
As a pan-European licensed payment service provider, Lemonway guarantees its users the highest level of security and compliance with regulatory requirements. You've got a question? A project? Contact our teams!