9 Payment Scenarios – Indian Online Retailers

Compiled by RevenueStream, Jan 2017


Due to the unique nature of the Indian ecommerce market, there are certain trends that we would like to point out. India’s ecommerce payment methods are currently divided between COD (50-65%), credit card transactions (30-40% – encumbered by two factor authentication requirement) and newer payment schemes such as Paytm mobile wallets. Even with the more advanced schemes typical payment success rates hover at 88-89 percent, which is very low compared to other countries. With RBI considering removing the two-factor authentication for lower sum transactions, in addition to fraudsters becoming ever more sophisticated in bypassing the current security measures, merchants need to be prepared with tools that allow them to seamlessly accept payments even when the authentication fails because of technical reasons or there is no authentication available. We have outlined 10 typical cases of fraudulent and legitimate transaction scenarios to point out some of the specific behaviours seen throughout the Indian continent.

1.   FRAUD – Payment Type: Domestic Indian Credit Card Transaction –

Scenario: Using risky email hosts such as formbuddy.com , Shipping and Billing Address are different, amounts less than 80 usd. In this case the perpetrators achieved remote access to the customer’s mobile phone allowing them to circumvent two step authentication.

2.   FRAUD – Payment Type: Major International Payment Service –

Scenario: Shipping to a computer store in Shillong, Meghalaya, large amounts (>150 USD), discrepancy between email address username and shipping address name, phone number used is a prepaid SIM batch. Again posing as shop employee and receiving the goods on the street, not on shop premises.

3.   FRAUD – Payment Type: Foreign Credit Cards used on Indian websites

Scenario: Student acquires foreign credit card numbers through the web and uses them to purchase goods online for himself and friends – these cases can be considered ‘amateur’ but can quickly rack up thousands of USD. The difficult part which our system manages to overcome is identifying unique traits that show that these are not foreign nationals purchasing the goods.

4.   FRAUD – Payment Type: Domestic Indian Credit Card

Scenario: 2 apparently unrelated payments with similar last ip blocks , shipping to the same big apartment complex in Hyderabad.

In this case the ip’s used were traced to a single mobile phone , running a scam where apparently legitimate customers ordered products online and later issued chargebacks on the orders claiming the product had not arrived, when in reality they were colluding with the crime gang.

5.   LEGIT – Payment Type: Indian Domestic Card Transaction

Scenario: Multiple consecutive payments coming from the same ip address batch, shipping to apparent private address in Ganesh Bhavan, Mumbai. In this case our system managed to conclude autonomously that this was a legitimate new business ordering supplies.

6.   LEGIT – Payment Type: Paytm

Scenario: A very high amount single transaction (over 500 usd) to a residential address in Chennai, Tamil Nadu. In most systems this transaction would be stopped but we correctly identified it as legitimate due to the specific high income neighborhood as well as email address / phone number analysis  showing this customer had a very high seniority rating as well as consistency with other related data points.

7.   FRAUD – Payment Type: Indian International Cards

A batch of over 500 cards from a well known Indian bank were illegally issued by a fraud gang through a third party and used to conduct online shopping on various Indian and Foreign sites – the sites under our system stopped these transactions from the first 2-3 transactions onwards by finding suspicious hard-to-detect links between them such as similar shopping patterns within apparently unsimilar customers.

8.   LEGIT – Payment Type: Domestic Indian Credit Card

Scenario: A customer from Agra purchased travel tickets to the amount of 1300 USD was detected as using an IP address which was behind an anonymous proxy. This is usually a very high signifier of fraud, however in this case the customer was using the proxy to avoid paying higher rates that certain websites show to domestic customers. The transaction itself was 100% legit.

9. FRAUD – Payment Type: International Indian Credit Card

Scenario: The fraudster managed to get customer’s credit card data, then used vishing to call the bank and change the phone numbers for two-step verification to his own cell numbers. He then continued to perform around 10-13 transactions online.

This was detected by using a high level anomaly check of time between each transaction based on Benford’s law calculation.