A better way to understand the ecommerce risk landscape

New report, typography identifies and measures ecommerce losses
Sheryll Poe
NRF Contributor

The growth of omnichannel retail has given rise to new types of ecommerce-related loss and risks, including fraudulent returns, payment fraud and non-delivery losses.

Loss prevention

Browse resources and read NRF's latest articles and press releases related to loss prevention.

To combat the losses associated with these and other ecommerce risks, retailers need a way to understand the full landscape of loss that needs to be controlled.

ECR Retail Loss commissioned Adrian Beck, emeritus professor in the Department of Criminology at the University of Leicester, to develop an ecommerce loss typology to better understand how retail businesses are affected by losses in the ecommerce space.

“I’ve tried to offer a way for how we can calculate value associated with losses in all of these areas and put a value on what it might be costing the organization,” Beck said while unveiling the ecommerce loss typography at NRF PROTECT, the retail industry’s premier event for professionals in loss prevention, asset protection, digital fraud and cyber risk.

“This report confirms the continued convergence between asset protection, cybersecurity and digital payment teams, and the need to build a cross-functional approach to ecommerce fraud prevention,” says David Johnston, vice president of asset protection and retail operations at NRF.

“That’s why NRF has been at the forefront of bringing these teams together through NRF PROTECT and the various working groups to understand fraud tactics, trends and prevention.”

In particular, Beck’s typology, built upon his Total Retail Loss typology, creates a definition of ecommerce loss that differentiates between outcomes and events considered to be the “costs” of doing business and those which can be regarded as “losses.” The typology also identifies, categorizes and measures the range of losses associated with ecommerce retailing.

The challenges of ecommerce retailing

There are a couple of things that make ecommerce different from traditional bricks-and-mortar retailing and therefore more susceptible to risks, Beck noted. First has been the rapid rise of ecommerce: In 2019, ecommerce accounted for 10% of all retail sales; by 2021, due in part to the pandemic, ecommerce represented 17% of all sales in the United States and approximately 30% of all transactions in the United Kingdom.

The impact of the pandemic had an even more profound effect on retailers and spurred a rapid shift to ecommerce.

Fraud Prevention Professionals Working Group

Learn more about how this working group is enhancing the understanding of current fraud tactics and trends among NRF’s retail members.

“There was undoubtedly a sense of sales first” and security second, Beck said. “What the pandemic also did was, it limited the types of controls that retailers could have in place … and what we’ve seen from many retailers who started setting up in that period is that loss prevention has been trying to catch up with ecommerce.”

Ecommerce retailing inherently is a process-heavy operation, Beck pointed out, which means layers of complexity compared with bricks-and-mortar organizations. “It’s just more processes required to get orders in, processed and delivered,” he said. “When you have extra process, you typically have extra problems in terms of managing those processes and generating potential loss.”

For example, according to recent data, U.S. companies engaged in ecommerce are losing 3.6% of their revenue due just to payment fraud (chargebacks), which amounts to $26 billion a year. In addition, ecommerce retailers have reported that they expect as much as 3.1% of all their orders to be subject to chargebacks from financial institutions. On fraudulent ecommerce returns, NRF data has found such returns cost retailers as much as $23 billion a year.

Ecommerce fraud and losses also happen on a significantly different volume and scale. “The volume can be significantly higher, and the scale can be international,” Beck said.

Retailers are no longer looking at local offenders. Instead, they are facing a global offender pool. In addition, knowledge and information about potential cracks in an ecommerce system can be communicated and shared much more quickly and much more widely among this larger offender pool.

Data holds the key

On the plus side, the ecommerce retail environment is more data-rich than a traditional retail environment, which could put retailers in a stronger position. For example, in the area of non-delivery fraud, it’s possible for retailers to use data to track each step of the delivery process. It’s not a major stretch to suggest that, based on that data, a retailer could decide whether it wants to accept an order or not.

Center for Digital Risk & Innovation

Learn more about NRF’s hub for engagement on key technology issues that have significant policy and risk management implications. 

Or, the retailer could use the data from those non-delivery claims to suggest the buyer order online and pick up in-store instead of having the item delivered.

Beck said his typography and the associated report, “Developing a Framework for Understanding and Measuring Ecommerce Losses in Retailing,” is meant to truly help retailers “understand the size of the prize,” or the scale of loss that is associated with ecommerce. “And critically, then that gives you something to chase after in terms of what loss prevention and loss prevention teams can begin to do.”

NRF has established a Fraud Prevention Professional’s Working Group for NRF members engaged in digital and ecommerce fraud prevention. In addition, the NRF Center for Digital Risk & Innovation acts as a hub for engagement on key technology issues that have significant policy and risk management implications for the global retail industry.

Related content

A Guide to Developing a Retail Supply Chain Cybersecurity Risk Management Plan
 
A woman working on a computer.
This guide identifies supply chain-related cybersecurity risks and offers best practices for retailers.
Read more
Cybersecurity in retail: How to bridge the trust gap
 
A photo of an individual working on the computer displaying work in security.
Data security is a key differentiator in today’s privacy-driven market.
Read more
Digitization is table stakes for retailers
 
Artificial intelligence
PwC consumer markets leaders on the impact of AI in the retail sector.
Read more