There are many ways to explain what blacklisting means.
There was the infamous Hollywood blacklist in the US during the Cold War, which banned entertainment industry personalities whose political opinions went against the government of the time. Another type of blacklist is related to computing, where suspicious IP addresses, apps, emails, or users are restricted from accessing a certain network or resource.
But we're here to talk about what blacklisting is in the context of eCommerce businesses and e-payments, specifically.
Defining blacklisting in the context of eCommerce
Based on the same principles as its other types, this form of blacklisting involves online businesses making a note of customers who demonstrate suspicious transaction practices or have caused trouble through fraudulent transactions in the past. Those identified as suspicious are then tracked using software designed to analyse such behaviour and compiled into a database, against which each transaction is checked prior to being approved by the payment processor.
Every reputable merchant has the responsibility of protecting their customers and their business from fraud, and that is what makes blacklisting an important aspect of e-payments. Let's expand on the risk that electronic payments entail and the vital role that blacklisting plays in reducing the risk associated with eCommerce transactions.
The risk of e-payment fraud
Transactions which are performed without the physical processing of a credit or debit card are called card-not-present transactions, aka CNP transactions. Examples include online payments and payments by text. This type of transaction is inherently at high risk of fraud. According to the most recently published oversight report on card fraud by the European Central Bank, the total value
of fraudulent transactions conducted using cards issued within SEPA and acquired worldwide amounted to €1.53 billion in 2021, and a whopping 84% of this loss resulted from CNP transactions.
On the one hand, online payments enable merchants to expand their activities and customer base worldwide. On the other hand, payment fraud is one of the main risks that online merchants must monitor and eliminate to create a secure payment environment for their business and its customers and avoid subsequent financial losses.
The growth of the eCommerce industry is leading to an increase in electronic payment fraud, as online fraudsters create innovative tactics to illegally access personal data and bank details. Fraudulent activities that affect the payment processing of online businesses include data breaches, ‘phishing' scams, identity theft, and friendly fraud. With the use of fraud management tools, an online business can add an additional security layer to its payment processing systems and eliminate dangers such as data breaches and unauthorised purchases.
How does customer blacklisting work?
A blacklist identifies and excludes suspicious customers based on specific criteria, including factors such as:
- Region
- Country
- IP address
- Credit card details
- Email address
- Shipping address
Whenever a customer establishes a pattern of repeated suspicious transactions and fraud attempts, such as excessive order cancellations, returns, or chargebacks, they are flagged by the payment processing system and all their details are noted. All rejected customers are listed on a database, and the system automatically cancels any transaction attempt they make in the future by cross-checking certain order details, such as IP address or shipping address, against the blacklist database.
For instance, when a customer is on a business's credit card blacklist, their purchase will be rejected when they use a credit card that has previously been flagged in other suspicious transactions. This way, your business is protected against any potential financial losses stemming from attempted fraud.
A slight issue for merchants
Contrary to a popular misconception, eCommerce businesses themselves cannot maintain any such "global blacklist" – it may be considered illegal due to the fact that details such as customer IDs, phone numbers, email addresses, bank details, physical addresses, and such, are private data which cannot be shared across organisations without customers' consent.
The solution
As a merchant, you can choose from a wide variety of fraud screening software programs that help in creating and managing your customer blacklist. payabl.'s payment gateway uses both internal and external blacklisting databases to reject suspicious transactions from prior offenders, offering an additional layer of fraud prevention and protecting its merchants from untrustworthy clients.
The card BIN blacklist
Another type of similar blacklist is when certain cards are banned on the basis of their BINs (bank identification numbers). In such a case, the customer might see an error message at the payment screen, "Card BIN blacklisted". That's an even bigger problem than being put on a blacklist by a certain vendor. It means the bank has banned the card as part of a larger crackdown against a series of cards used by fraud rings in suspicious transactions. The customer may have to apply for a new card altogether.
The bank blacklist
A common misconception – more of a rumour – around the concept of blacklisting is that financial institutions have some sort of all-encompassing, aggregated database which functions as a credit blacklist or a bank blacklist.
Yes, banks can blacklist you. But what does it mean to be blacklisted by a bank?
There are certain agencies, such as ChexSystems in the US and Equifax in the UK, that provide credit checks and score customers based on their credit histories. Repeated overdrafts, bounced cheques, and other seemingly minor offences can add up to too many red flags for banks to ignore, and the customer will end up getting lower scores on these credit checks. Banks, lenders, or other financial institutions can only base their decisions on these scores and cannot blacklist anyone entirely. But they can put a warning on your account, which could pose serious problems for your future applications in any other financial institution.
The benefits of blacklisting for merchants
A major benefit of blacklisting suspicious customers is the prevention of financial loss that comes with chargeback disputes and fraudulent transactions. Indeed, dealing with disputed credit card transactions takes away precious resources, and lost disputes lead to further financial losses. The merchant's liability for accepting a fraudulent transaction in a CNP environment is far greater, as the merchant becomes responsible for refunding the customer in the case of a fraudulent transaction. The total cost to the merchant is much higher than the value of the transaction itself since the merchant not only has to refund the scammed customer but also suffers losses from the wasted cost of product shipping.
Merchants who fail to manage fraud effectively are also subject to additional fees by their acquiring bank to process chargebacks and might be penalised with higher transaction processing fees in the future. If fraud ratios become too high, the merchant's ability to accept credit cards is at stake, as their merchant account can be shut down by their acquirer. It should be noted that schemes like Visa and Mastercard also compile blacklists on a merchant level.
Credit card acquirers have the capacity to report merchants for several reasons, including those who consistently process a high ratio of fraudulent transactions. Before an acquirer boards a merchant, they check the merchant's credibility based on their prior processing history with the schemes. One such check is against the scheme databases. Mastercard maintains the MATCH file (Member Alert to Control High-Risk), and the Visa equivalent is VMAS (Visa Merchant Alert Services).
As a merchant collecting payments online, it is important that you manage the risk aspect of your business, block access for problematic customers, and minimise the potential of fraud, something that payment gateway providers such as payabl. can support you with through their blacklisting mechanism.
Being reported on VMAS and MATCH indicates that as a merchant, you have poor management of your payment function, making it very difficult to find an acquirer who will accept you and enable you to process credit card payments through your online store.
If you choose to partner with a reliable acquirer like payabl., you can benefit from a payment gateway which is equipped with the latest fraud prevention tools and is certified according to the PCI DSS standards. By doing so, you can rely on our technology for payment processing and offer your customers a highly secure payment experience.
Protect against the risk of fraud with blacklisting
This article has discussed the meaning of blacklisting in eCommerce as well as some other contexts, illustrating the importance of safeguarding against fraud using comprehensive strategies designed to identify potential suspicious activity. It is absolutely essential that any online business that uses digital payments makes every possible effort to protect against fraud. One effective way to achieve this is by incorporating blacklisting strategies. Doing so will not only help identify potential fraud cases but will also help enhance the reputation of your company.