SecureBuy enables identity verification without leaving the retailer’s site.

32% of merchants in a recent online survey of 378 retailers that use the Magneto e-commerce platform do not perform any fraud screening before authorizing online payments.

Broken down further, 32% of merchants on the Magento platform with annual sales of more than $25 million do not screen purchases for potential fraud before sending payment data to a payment gateway, and 57% of international merchants do not complete such fraud checks.

The survey, conducted between May and February by fraud prevention company SecureBuy with cooperation from Magento, also finds that 40% of all merchants surveyed still perform manual reviews of transactions suspected for fraud. For international merchants, that figure rises to 42% and for merchants with annual sales of more than $25 million, it rises to 68%. Magento is part of X.Commerce, a unit of eBay Inc.

Of the merchants that conduct manual reviews for fraud, 26% manually review 80% or more of their transactions, the study finds. 61% manually review 10% or less of transactions, and 13% review between 11% and 79%.

“Manual review is an expensive proposition that lends itself to false positives, and the associated cost is nearly impossible to recover,” the report says. For instance, if a retailer places an impatient customer’s legitimate order under review, the customer might abandon his shopping cart, or, if a retailer has stringent rules, its analysts might end up denying legitimate transactions.


Vendors like SecureBuy seek to speed up fraud screening by offering automated security services and ways to more quickly verify that a transaction is legitimate. For example, SecureBuy suggests e-retailers ask a customer a validation question at checkout for high-risk transactions. SecureBuy makes this possible by linking e-retailers with credit card issuers through the Visa and MasterCard networks. The system takes advantage of a security system called 3D Secure, marketed by MasterCard as SecureCode and Visa as Verified by Visa. Consumers register with their card-issuing banks and choose a password that they then use to authenticate themselves when making an online purchase.

SecureBuy has reengineered the 3D Secure authentication process to prompt high-risk shoppers to authenticate themselves without creating a pop-up window. Instead, at checkout the authentication prompt appears in the shopping cart, typically below the cardholder’s credit card information. When the correct answer is provided, the consumer continues the checkout process without the need for manual review. The entire process takes place in seconds, SecureBuy says.

“3D Secure has been around for quite some time,” says Greg Wooten, CEO of SecureBuy.  “It’s a tried and true method of proactively beating fraudsters before they can do any damage. The protocols basically allow the customer to authenticate themselves with their issuing bank” This, Wooten says, allows the issuer to assume all risk of the transaction, letting the merchant off the hook. He adds that merchants can also in many cases save on interchange fees by implementing 3D Secure, as Visa and MasterCard offer lower fees for online retailers that take advantage of this authentication method.