John Brown

The danger of false positives

We explore how false positives can affect your bottom line and how they happen.

When it comes to fraud protection, most people tend to focus on the cost of losses due to fraudulent activity. This common but myopic strategy is understandable, since fraudulent sales are expensive and often easy to calculate. However, the true cost of a fraudulent transaction can actually be two to three times as much as the initial purchase amount.

What many companies fail to consider are the additional costs involved in fraudulent activities: chargeback fees, shipping, employee costs, advertising costs, and so on. All of these add can add up to an amount far more than the actual price of the product lost.

Newer technologies, like EMV, have lessened the risk of card-present fraud, while at the same time data breaches have created a booming market for stolen card data. What’s a fraudster to do? Technology has driven fraudsters to embrace the internet and a life of crime from the comfort of their own homes, leading to a rise in online and card-not-present fraud.

The natural reaction for an online business is to tighten up security and make sure no bots or fraudsters are able to breach their defenses. But what happens when these defenses become too strong and even your real customers cannot get past them?

Well, you lose money. Valuable sales are lost, and impacted customers are unlikely to ever return to your business. Your brand may be further damaged by an angry customer who turns to social media—not exactly the way you want to go viral. Oh, and the dollars you spent driving that traffic to your site in the first place are also lost as well.

How Much Are You Really Losing?

While not an easy metric to summarize in a neat little graph, the cost of false positives, sometimes referred to as false declines, can have a big impact on your finances and reputation.

  • Research from Oracle has shown 89% of consumers will abandon a merchant after a poor experience, while 86% will pay more for a better experience.
  • A Nielsen study suggests that 92 percent of consumers rely on recommendations from people they know when making a purchase.


By failing your real customers, you could lose far more money than fraud could steal. This is why balance in your fraud prevention strategy is so important.

Consider This

Imagine one of your VIP customers is traveling and places a large order. The order will be shipped to an alternate address so that they will receive it on vacation. A too-stringent fraud tool steps in and automatically cancels the order because the shipping address does not match the address on file with the customer’s payment card. Now that customer has to call to find out why their order was canceled. Without the right tools in place, they may not have even been notified that there was a problem with the order.

So what happens to that revenue? What happens to the future revenue of that customer? How many people will they complain to about the experience? After all, a bad customer experience will reach twice as many people as a good one.

This same scenario can happen to a customer for many reasons: they move to a new house, they place an order from work, they are sending a gift to an alternate address, or they log in to manage a subscription from an unknown device. Many customers blame the easiest target when a problem occurs (namely, the business) because they don’t understand why they are essentially being called a thief. In many cases, they simply move on to another website or company to make their purchase.

What Can You Do About It?

The best solution is to implement a fraud prevention strategy that minimizes both false positives and real fraud. Manual reviews or automated risk scoring can help ecommerce companies create balanced fraud protections. For other companies, two-factor authentication for customer logins or creating verification steps for unknown devices can help mitigate false positives. Strategies will vary depending on the most common problems faced by each company and the level of risk that they are willing to accept.

Your first step should be a careful review of any fraud protections you currently have in place as well as what types of fraud are still getting through these defenses. Then look for any issues caused by your current systems, such as cancelled orders for repeat customers or locked accounts. From there, determine your acceptable risk level and adjust your fraud prevention tools to maximize coverage for any common fraud issues while providing customers with more options to verify themselves or escalate any issues that your protections may cause. Finding the right balance can be tricky, but it will ultimately help your customers feel both protected and appreciated.

About the author
John Brown

Solutions Consultant at NS8. After years in the payment industry, John now lends his expertise to NS8 clients by helping them implement effective fraud protection.

More From NS8
Ad fraud simplified

People have been talking about ad fraud for years, but many still don't understand what it is or how it may affect them. Here's our quick guide on what you need to know.