Tune Fraud Rules Instead of Loosening Them Blindly
Payment fraud rules should apply individually to each transaction rather than being applied as a blanket threshold for all transactions. Each transaction can be evaluated individually for characteristics that indicate fraudulent activity (or not) to allow the system to reject fraudulent transactions while allowing legitimate customers to successfully perform their purchase.
Instead of loosening the fraud rules applied to all transactions, the rules should be tuned to ensure that they do not reject legitimate transactions. By ensuring that each transaction is scored individually by the fraud rules system, it is possible to recover the approval rate for all transactions without creating a new path for fraudulent transactions.
Apply SCA Exemptions Where They're Legitimately Available
Strong Customer Authentication rules can be applied to transactions to exempt low-risk transactions from having to authenticate at all. An SCA exemption works through the checkout's 3D Secure v2 flow, the authentication protocol that decides whether a transaction needs a challenge step, so applying the exemption correctly means the challenge is skipped rather than failed. Many transactions will fall into the low-value threshold exemptions for SCA, meaning that they do not create any additional fraud risk for the company while reducing the likelihood that customers will abandon their carts due to authentication requirements.
Using an SCA threshold for transactions that indicates the risk of the transaction will allow for a reduction in abandoned shopping carts due to authentication.
Use Smart Retry Logic on Soft Declines
When transactions are rejected with a soft decline, it is possible to initiate a retry; however, blindly retrying those transactions will waste the opportunity to approve those transactions. Smart retry logic that matches a retry attempt to its specific reason code, rather than retrying on a fixed schedule, is what actually recovers the revenue from those transactions.
Additionally, there should be a cap on the number of times that each transaction can be attempted; retrying a transaction too many times within a short period may trigger a soft decline as a hard decline due to fraud detection created by the bank that initiated the soft decline.
Improve Data Quality at the Point of Authorisation
Improving the quality of the data submitted with each transaction will allow the bank that processes the transaction to more easily recognise the legitimacy of the transaction and authorise it. This fix does not require any changes to the logic or rules for the transaction; only improving the data quality will reduce the number of declined transactions.
Route Through the Right Acquirer Relationship
Banks and payment processors do not all approve the same percentage of transactions; they may have different relationships with acquiring companies. By directing transactions based on BIN (Beginning of Identification Number) values, a technique known as BIN routing, it is possible to route them through the acquirer relationship that is the most likely to approve the transaction. Importantly, this adjustment does not impact the current PSP or checkout system used by the merchant or customer.