Understanding Fraud as a Small Business
Most small businesses worry about hackers stealing credit card numbers. That's real, but it's not the most common problem. 60-80% of chargebacks come from your own customers, people who made a real purchase and then dispute it.
Before you buy any fraud tools, you need to understand what you're actually dealing with.
Pull your last 20-30 chargebacks. For each one, ask: "Was this a stolen card, or did a real customer dispute a real order?" The answer tells you whether you have a fraud problem or a communication problem.
On this page
The Three Types of Fraud That Hit Small Businesses
| Type | What It Is | How Common | Example |
|---|---|---|---|
| Third-party fraud | Someone uses a stolen credit card on your site | ~20-30% of disputes | You ship a laptop to a stranger who used someone else's Visa |
| Friendly fraud | A real customer disputes a legitimate purchase | ~60-80% of disputes | Customer buys your course, watches it, then says "I didn't authorize this" |
| Card testing | Fraudsters run small charges to check if stolen cards work | Varies | You see 50 transactions for $1.00 from different cards in an hour |
Card testing is when fraudsters run small charges to verify stolen card numbers work before using them for larger purchases.
Most merchants misdiagnose their fraud problem. They see chargebacks, assume it's stolen cards, and buy expensive fraud tools. But if most of your disputes are friendly fraud, those tools won't help. You need better billing descriptors and easier refund paths instead.
Why Friendly Fraud Is Your Biggest Problem
When a customer doesn't recognize a charge on their statement, they call their bank instead of you. The bank files a chargeback, and you lose the money plus a $15-25 fee.
Common reasons customers dispute legitimate purchases:
- Your billing descriptor says "PAY*ACME LLC" instead of your business name
- They forgot about a subscription renewal
- A family member used their card without telling them
- They had buyer's remorse and found disputing easier than returning
- They genuinely don't remember the purchase
The fix for most of these is communication, not technology:
- Use a billing descriptor that matches your business name
- Send purchase confirmation emails immediately
- Send reminder emails before subscription renewals
- Make your refund process easy and obvious
When Stolen Cards Are the Real Problem
If you see these patterns, you likely have a third-party fraud problem:
- Shipping address doesn't match billing address
- New customer places an unusually large order
- Customer requests rush shipping on a first order
- Multiple orders from different cards going to the same address
- You sell high-resale items (electronics, gift cards, luxury goods)
The good news: Basic tools your processor already offers (AVS, CVV verification, and 3D Secure) catch most of this. You probably don't need to buy anything extra.
What You Lose When Fraud Happens
A $100 fraudulent transaction doesn't cost you $100. It costs much more:
| Cost | Amount |
|---|---|
| The product or service | $100 |
| Chargeback fee | $15-25 |
| Shipping costs (if physical goods) | $5-15 |
| Processing fees (non-refundable) | $3 |
| Time spent responding | 1-3 hours |
| Total real cost | $130-150+ |
And if your chargeback ratio gets too high (above 0.9% of transactions), your processor can fine you or shut down your account entirely.
The "Do Nothing" Threshold
Here's something most fraud guides won't tell you: if you process under $100K/year, you probably don't need fraud tools beyond what your processor provides.
Your processor's built-in rules handle the obvious stuff. A few chargebacks a year cost less than a fraud prevention subscription. Focus on clear billing descriptors and good customer communication instead.
When to start investing in fraud prevention:
- Your chargeback ratio is above 0.5%
- You're seeing patterns (same device, same shipping address, burst of orders)
- You sell high-risk products (digital goods, electronics, gift cards)
- Your volume is growing past $100K/year
When you're ready, see the Fraud Vendor Landscape to understand what tools exist, or the Vendor Selection Guide for ROI-based recommendations by business type.