Basil Salah from Riskified shares some valuable insights into what you need to know about CNP fraud mitigation and give you the framework to ensure you stay protected.
Ever heard of the Australia Payments Network (AusPayNet) CNP Fraud Mitigation Framework? If not, you’re not alone. And you’re fortunate.
Merchants taking card-not-present (CNP) payments in Australia often learn the hard way about this fraud-reduction program when they get dinged for excessive chargebacks by the Australian Payments Network (AusPayNet). How do we know? Because they frequently then call us for help: “What do I do now?”
Riskified can help address the issue (see below) or can even help you avoid the situation altogether with a little understanding of how the Framework operates. Here’s what you need to know.
First, What Exactly Is AusPayNet?
AusPayNet, or Australian Payments Network, is a regulatory body for the payments industry in Australia.
What is the CNP Fraud Mitigation Framework?
AusPayNet created the CNP Fraud Mitigation Framework in 2019 to set rules for identifying merchants with excessive chargeback rates and reducing CNP fraud in Australia. The Framework sets out obligations for compliance and thresholds for chargeback levels based on a merchant’s percentage of total transactions. It’s worth emphasizing:
Merchants who run afoul of the rules must take corrective action, which can include undergoing monitoring, putting in place strong customer authentication (SCA) measures, and/or paying fines.
Unfortunately, merchants who haven’t studied the 40-page CNP code closely may not realize how low its chargeback thresholds are, so they get caught by surprise when AusPayNet comes calling.
What’s more, merchants may underestimate the impact AusPayNet’s SCA requirements can have on their conversions. A 20% drop in online revenue is not unheard of when customers are faced with the hassle of 3D Secure verification. Ouch.
6 Things to Know About CNP Framework Compliance
- Thresholds are extremely low
Be aware that Australia is home to significantly lower chargeback thresholds than you may have experienced elsewhere, typically 0.2% of total online card transactions, so merchants are frequently surprised when they get stung.
For perspective, excessive chargeback thresholds set by card issuers like Visa run in the 1.0% to 2.0% range.
- Noncompliance can be devastating
Remedies under the CNP Framework start with monitoring and progress to financial penalties. In between, there’s peril. After two consecutive quarters of excessive chargebacks (including fraud-to-sales ratio of 0.2% or more), the CNP Framework requires merchants to implement SCA such as 3D Secure to reduce chargebacks.
Unfortunately, these measures also reduce conversions for merchants. Because SCA measures such as text verification create excessive friction for legit CNP customers, merchants can lose a significant percentage of their CNP conversions — and lose customers to competitors in the process.
- Subscription-based merchants are particularly at risk
While a consumer might tolerate the hassle of two-factor authentication during a one-time sneaker purchase, repeat buyers of a service may not be so forgiving.
For SaaS providers or subscription-based digital merchants that rely on automated periodic payments (think Netflix or Canva), chargeback mitigation measures like 3D Secure can cause chaos and subscriber exodus.
- Four quarters is less time than you think
Unlike most card issuers, AusPayNet calculates chargeback rates on a quarterly basis, and merchants have a maximum of four quarters to return to compliant chargeback rates before the worst sanctions kick in and taking card payments may require two-factor authentication via 3D Secure, which may lead to an abandonment of customers who don’t verify.
That’s a challenge because there is a delay between the time a merchant implements remedies and the time they see their chargebacks fall. Here’s why:
A merchant’s current chargeback rate assessment may reflect transactions that took place up to six months prior. So, these chargebacks will keep flowing in even after you put SCA measures in place. This means once you hit the Q2 mark and still have excessive chargebacks, you have no room for error.
- Chargeback guarantee can be your lifeboat
A chargeback guarantee can be a way to quickly reduce your chargebacks to exit the AusPayNet excessive chargeback program — or protect yourself from noncompliance in the first place.
With a guarantee, chargeback rates can be efficiently suppressed to get the merchant back into compliance. At Riskified, we do this with machine learning to ensure the most accurate with the least possible impact on approval rates, and merchants can typically be back in compliance in a month or so.
- Riskified can help
By leveraging Riskified’s fraud protection solution and AI-driven chargeback guarantee, merchants can enhance their fraud prevention capabilities, reduce chargebacks, and avoid exposure to (or rapidly exit) the AusPayNet excessive chargeback program.
To learn more about real-time, adaptable solutions designed to upscale your business growth and manage your risks in a competitive and dynamic environment, email [email protected] or request a demo to see fraud prevention in action.