Blog / Payment fraud

How to reduce false positives and false declines

Blocking legitimate transactions, false positives can sometimes cause more damage to a business than actual fraud. How can you continue protecting your business from fraudsters without losing genuine customers?

12 February 2024

How to reduce false positives and false declines

False positives can cost merchants up to 75 times more than actual fraud attacks. This means lost sales, reduced CLTV, less customer loyalty, and strain on your fraud teams.

So, how can you minimize fraud losses without losing genuine customers?

Today, we’ll cover why a good customer might get caught up, the implications, and what you can do to prevent false positives.

What are false positives?

In fraud prevention, false positives are when a tool or solution mistakenly identifies a genuine customer as a fraudster – basically, putting out a false alert.

With 69% of buyers worldwide cutting down on spending per PwC, nobody can afford to lose transactions. False positives are a clear gateway to customer churn, as 25% of buyers that have had their purchases falsely declined will turn to a competitor.

What are the consequences of false positives?

The consequences of a high rate of false positives on a business can not only be severe but they also extend beyond the obvious:

  • Financial loss from false declines resulting from the false positive. Many customers will simply abandon their carts rather than try again.
  • Reputational damage as a result of disgruntled customer reviews and online publicity.
  • Bad data in terms of shopper metrics, as well as potential to feed bad data into any machine learning (ML) modules
  • Increased workload and potentially low morale for teams such as fraud prevention and customer support.

From alienating legitimate shoppers and affecting your reputation in the form of "customer insults" to reducing your revenue, false positives can be hugely impactful for merchants.

What are false declines?

A false decline is simply when a customer is prevented or blocked from completing an action (often from completing their purchase) while they shouldn't have been. False declines are due to false positives – that is, to the customer mistakenly believed to be a fraudster or otherwise malicious.

Here's why you're getting false positives

Your fraud detection strategy likely uses both rules and machine learning (ML). Here’s how this setup could give way to false positives:

1. An overreliance on rules

Rules are deterministic and rigid. While this makes them ideal for tackling fraud attacks quickly and on a broad scale, they can easily lead to false positives.

After all, something that gets flagged as “potentially fraudulent” doesn’t always mean that actual fraud is happening.

Let’s say your business gets a new buyer with extravagant taste and a lot of different credit cards, who immediately makes a high-value purchase. If your rules engine sees any expensive order that gets made by a new customer with several cards as potentially fraudulent, you risk identifying this genuine buyer as a fraudster, costing you a huge sale and customer loyalty.

2. Overly conservative risk thresholds

According to our Fraud Survey 2023, 48% of all merchants worldwide rate machine learning as one of the most effective tools for fighting fraud. ML models can process a large amount of data and learn diverse fraud patterns, which is exceptionally valuable for tackling fraud at scale.

But ML can also lead to false positives if your risk thresholds are too conservative.

An ML model generates a fraud risk score to gauge how potentially fraudulent a customer is at the point of transaction. The decision to allow, review, or block the customer and/or transaction is then based on your risk threshold.

If the threshold is very high, then your fraud rate may get lower – but you also risk losing transactions from genuine customers.

Stepping away from a conservative risk threshold can be daunting. You obviously don’t want false positives, but you also don’t want to set too low a risk threshold that fraud attacks slip through.

This is why a good fraud prevention partner will help you define these thresholds in relation to your unique fraud landscape and appetite, rather than implementing a one-size-fits-all for your sector or industry.

false positives fraud prevention

Why are false positives so bad for business?

They affect bottom lines, damage your relationships with customers and affect your reputation. Let's look at how bad false positives can be for your business in more detail.

Financial fallout

When you block a genuine customer, you block a genuine sale. The cost of false positives for online merchants comes to $443 billion per year.

To put that in context, the cost of actual credit card fraud is estimated to cost online merchants $408 billion over the next decade – which would come down to $40.8 billion a year. Not a small number at all, but a huge difference compared to the ten-fold damage of false positives.

Damage to your conversion and customer metrics

False positives are inherently disruptive to the customer journey:

  • Cart abandonment: More than 40% of customers will abandon their carts if a system declines their payment method.

  • Customer lifetime value: False positives can reduce your CLTV by 68%.

Strain on your customer service and fraud teams

A lot of false positives means further strain on your business. Your fraud teams will have to spend time and resources on manual reviews that ultimately don’t actually prevent fraud. Your customer service function will be swamped with unhappy customers – if they haven't already switched to a competitor.

Limited capacity and resources for any of the above can cause further harm down the road, as alerts go unreviewed and already unsatisfied customers don’t feel heard.

how link analysis works

How to reduce false positives: practical steps

Here's how you can cut down your rate of false positives without compromising your fraud-fighting strategy, while making use of both fraud prevention rules and machine learning:

1. Reduce your reliance on rulesets

Not every customer and transaction will be clearly fraudulent or not fraudulent. In these cases, you shouldn’t rely on automated processes like ML; you need to utilize your fraud teams. They’ll be able to conduct the deeper, manual analysis needed to make sense of these gray areas and determine whether the customer/transaction should be declined or accepted.

2. Use a variety of indicators

False positives come about when there’s a limited set of data and indicators being assessed. So a key solution is to make sure that your fraud detection is taking into account a number of different indicators to make a fully-informed decision.

For example, a transaction that happens through a VPN is often seen as a sign of a fraudster that’s trying to hide their details. But many genuine customers also use VPNs for legitimate reasons while shopping online. Namely, to protect themselves from fraud attacks, by encrypting their personal data and blocking suspicious websites that may be phishing scams. After all, VPNs are increasingly being seen as a safety net for people in the face of rising online crime.

However, additional factors can clarify whether there’s more reason to believe that a transaction happening through a VPN is a case of fraud, like:

  • The delivery address being different to the billing address

  • The payment card also getting used for other high-value purchases made by different accounts

You also have to consider context both inside and outside your business. People’s buying behaviors tend to change around the holidays. So you can’t follow the exact same indicators throughout the year.

3. Assess risk tolerance, reassess risk thresholds

When working with a machine learning model, precision and recall are two key indicators of its performance.

They are fundamental to deciding whether to allow, block, or review a transaction:

  • Precision asks: Of all the customers we blocked, what proportion were fraudsters?

  • Recall asks: Of all the fraudsters who transacted, what proportion did we block?

There’s a careful balancing act to strike here.

The higher your precision, the fewer false positives you’ll have. However, in this case, your recall will be low as there’ll be a large number of fraudsters you’re not preventing.

And on the other side, a high recall will help block a lot of fraudsters. But it will also block your genuine customers and cause false positives.

What you need to do is identify and define your risk appetite. By knowing how much risk of fraud you’re willing to accept to avoid turning away a potentially legitimate sale or customer, you can then use a fraud prevention solution that allows you to configure and set your risk thresholds in a granular, useful way that is aligned with your risk tolerance.

Fewer false positives = more growth

Preventing churn, increasing customer satisfaction and allowing for more successful transactions, a low rate of false positives should be an objective for any merchant.

Truth is, false positives in your fraud detection have less to do with the specific tools you’re using and more to do with the risk thresholds you’re setting for your business. Understanding what goes into setting these risk thresholds is the first step to reducing your rate of false positives. For more information on how an ML model takes this into account, check out our in-depth guide: Machine learning for fraud detection.

If you want to know how Ravelin can specifically help your business address fraud detection, just book a demo and one of our experts will be in touch.

Explore related topics

.

Related content