Understanding the Scale and Geography of Online Fraud
ClearCommerce Corporation, a specialist in payment processing and fraud protection for e‑commerce, recently turned its analytical lens toward 1,100 of its top merchants. By sifting through 6 million transactions from 40,000 customers, the company built a detailed portrait of where fraud originates and how often it shows up. The findings were stark: orders coming from IP addresses in certain non‑U.S. countries were more than ten times as likely to be fraudulent as those originating in the United States. In fact, 21 percent of bad orders could be caught simply by spotting a mismatch between the buyer’s IP country and the billing, shipping, or card‑issuer country on file.
These numbers match a broader industry picture. Gartner Inc., one of the most respected research firms in the online marketplace, reported that loss from fraud and identity theft in 2002 hit US$700 million - almost nineteen times the loss recorded for offline fraud in the same period. That figure represented 1.14 percent of total online sales that year, which totaled US$61.8 billion. The sheer volume of money at stake is not just a headline; it’s a call to action for merchants who want to keep their cash registers ringing.
Beyond the raw dollars, the perception of risk can also hurt a brand. An analyst at Gartner noted that, on average, merchants were rejecting about five percent of Internet transactions as “suspicious.” Retailers who sell more than a quarter of their goods online faced rejection rates as high as seven percent. When customers see a payment declined, they often assume something is wrong with the site, not just the transaction. That distrust can translate into lost sales and damage to a company’s reputation.
One of the most revealing parts of the study was a breakdown of fraud by country. The list of “dirty dozen” non‑U.S. sources tops the chart with Ukraine, Indonesia, Yugoslavia, Lithuania, Egypt, Romania, Bulgaria, Turkey, Russia, Pakistan, Malaysia, and Israel. Collectively, fraud originating from these nations made up about six percent of all online transactions. In contrast, a separate list of the lowest‑risk countries - Austria, New Zealand, Taiwan, Norway, Spain, Japan, Switzerland, South Africa, Hong Kong, United Kingdom, France, Australia, and the United States - showed far lower rates. Knowing where a buyer’s IP comes from can therefore give merchants a quick, data‑driven way to flag risky orders before they even hit the processing queue.
In the United States, the state‑level data painted a similar picture. California led the way with a 21 percent fraud rate, followed by Florida at 10.1 percent, New York at 8.3 percent, Texas at six percent, Pennsylvania at four and a half percent, and Illinois at 3.9 percent. States with rates below four percent included New Jersey, Michigan, North Carolina, and Virginia. For merchants with shipping centers in these high‑risk states, a stricter review process can make the difference between a legitimate sale and a costly loss.
While the numbers above focus on transactions, it’s worth mentioning a particular scam that has been on the rise: the “Nigerian money‑offer” fraud. This scheme typically involves an email that asks the recipient to help move money out of the country. Victims are lured into wire transfers or direct debits, often with the promise of a large payout. In 2001, this fraud type accounted for nine percent of all losses and averaged a staggering US$6,542 per victim. The combination of email deception and bank‑level fraud makes it one of the most dangerous scams for online merchants.
When merchants analyze fraud by method, the top ten categories reveal a clear pattern. Online auctions made up 63 percent of fraud activity, with an average loss of US$478 per incident. General merchandise sales followed with 11 percent of fraud and an average loss of US$845. Other notable categories included internet access services (three percent, US$568), adult services (three percent, US$234), computer equipment and software (two percent, US$1,102), work‑at‑home scams (two percent, US$120), and advance‑fee loans (one percent, data not available). Credit‑card issuing fraud and franchise opportunities topped the list with under one percent each.
When it comes to payment methods, credit cards dominate, accounting for 41 percent of fraud in general merchandise. Money orders also feature heavily, with 29 percent of fraud involving them. Checks, bank account debits, debit cards, and wire transfers round out the rest. The spread shows that fraud is not limited to a single type of payment, but that merchants can still benefit from layered security checks that consider the nature of the transaction as well as the buyer’s IP origin.
Ultimately, the data from ClearCommerce, Gartner, and other research bodies converge on a single lesson: understanding where fraud originates and how it manifests is crucial for every e‑commerce business. By layering geographic intelligence with robust transaction monitoring, merchants can reduce loss, maintain customer trust, and keep their revenue streams healthy.
Using IP Address Tracking to Guard Your Store
IP addresses are the digital equivalent of a home address. Every time a device connects to the internet, it receives a unique string of numbers that tells the world where the connection is coming from. For merchants, that information can be a powerful fraud‑prevention tool. If an order arrives from an IP that belongs to a country or region known for high fraud rates, the merchant can flag or decline the transaction before it goes to the payment processor.
Tracking the origin of an order isn’t just a nice-to-have feature; it can be a frontline defense. A customer in California may be using a VPN that masks their true location, but the IP still carries traces that can be decoded. When an IP belongs to an international provider, the same logic applies. Even with dial‑up connections, Internet Service Providers allocate blocks of IPs that are publicly documented, so the root location is never truly hidden. Knowing that the buyer’s IP comes from a particular country or state can help you decide whether the order needs a manual review.
There are a few ways merchants can access this data. One method is to use the server logs that capture every request your site receives. Within those logs lies the raw IP address of each visitor. You can then cross‑reference that IP against a database that maps numbers to geographic locations. If you prefer a more streamlined approach, several companies provide ready‑made services that integrate directly into your checkout flow.
One such provider is Quova’s GeoLocator, which ClearCommerce uses. GeoLocator delivers real‑time country and city data for any incoming IP address. It can also flag connections that pass through anonymous proxies, corporate proxies, or satellite links - situations that often accompany fraudulent activity. The software is built to handle large volumes of traffic and offers an API that can be embedded into the payment gateway or order‑processing system.
Quova’s technology extends beyond basic geolocation. The company also supplies performance analytics that let merchants gauge how much bandwidth is being used in a given region. That insight can help design better page layouts for customers in bandwidth‑constrained areas, reducing cart abandonment that might otherwise be mistaken for fraud. In the U.S., Quova can drill down to city level, giving merchants granular data on where their legitimate customers are coming from.
Another notable player is HNC’s eFalcon, marketed as an intelligent fraud‑detection platform. eFalcon uses neural networks, rule‑based scoring, and real‑time data feeds to distinguish between legitimate shoppers and high‑risk users. It incorporates IP‑based location data via NetGeo’s InfoScope engine, which provides detailed information on the buyer’s country, state, city, ZIP code, and even the type of internet connection. By feeding this data into its scoring model, eFalcon can flag suspicious orders before they reach the payment processor.
For merchants who prefer a simpler, more cost‑effective solution, InfoSplit’s NetLocator offers a decent alternative. According to the company, its accuracy stands at 99.5 percent for country, 96.5 percent for state, and 85 percent for city. NetLocator also comes with Market Reports that tally the percentage of traffic coming from each region, allowing merchants to see how much volume they’re receiving from high‑risk countries. These reports can be invaluable for adjusting shipping policies or setting up additional verification steps for certain regions.
Beyond third‑party services, merchants can also build their own in‑house IP‑lookup utilities. VisualRoute, for example, is a desktop tool that traces the path of an IP address back to its point of origin. While not as automated as an API, VisualRoute can serve as a quick sanity check during manual investigations. If an order appears suspicious, pulling up VisualRoute to see the exact routing can provide evidence that the order is coming from a suspicious location.
Once the data is in hand, the next step is to decide how to act on it. Many merchants adopt a tiered approach: low‑risk IPs pass through automatically, medium‑risk IPs trigger an email verification or a manual review, and high‑risk IPs are automatically declined. The thresholds for each tier can be adjusted based on historical fraud rates, the merchant’s risk tolerance, and the nature of the products sold. For instance, high‑ticket items may warrant stricter scrutiny than low‑cost goods.
Another layer of defense involves checking for inconsistencies between the IP location and the billing or shipping address. A customer claiming to be in New York but whose IP comes from Moscow should trigger a red flag. Many fraud‑prevention platforms combine IP checks with address verification services, sending the billing and shipping details through a third‑party API that confirms whether the address matches the reported location.
In practice, integrating IP geolocation into your checkout process can be done in a few lines of code. Most e‑commerce platforms offer plugins or modules that pull in a geolocation service. You configure a set of rules - such as “decline all orders from countries X, Y, Z” - and the plugin enforces them in real time. For custom platforms, you can write a middleware layer that intercepts incoming requests, looks up the IP, and sets a flag in the order data. That flag can then drive business logic down the line.
While no system is perfect, the combination of accurate IP geolocation, real‑time fraud scoring, and human oversight can dramatically reduce the number of fraudulent transactions that reach your payment processor. Over time, the data you collect will feed back into your model, improving accuracy and allowing you to relax some of the stricter rules without compromising security. For merchants who want to protect their revenue streams, the investment in IP‑tracking infrastructure is not just a defensive measure - it’s a proactive strategy that can keep customers satisfied and cash flowing.
No comments yet. Be the first to comment!