By Andre Edelbrock, CEO, Ethoca

The criminals are working together. Retailers need to start: As the biggest online shopping day of the year approaches and the economy continues to stagnate, it's clear that retailers are faced with striking a careful balance between generating revenue online while still being vigilant in fighting fraud.

This year more than ever, Cyber Monday, the biggest online shopping day of the year - and the biggest shopping day after its cousin, Black Friday - will tell the tale of how apparel retailers will finish 2008.

After many years of annual compounded growth of online sales exceeding 20 percent, we already know that 2008 will be the year that breaks the cycle. Still, the 1 percent growth in year-over-year online sales for the third quarter of 2008 is still growth. Nordstrom, for example, has recently reported 8.5 percent growth in online sales for its 3rd quarter ended Nov. 1, but a more than 11 percent drop in same store sales for the same offline shopping period. This pattern is playing out across the country.

While ecommerce will probably be the primary source of retail optimism in this Christmas season, it brings with it a specific and rapidly increasing target for fraud. While consumers clearly love shopping with their mouse, retailers know that customer-not-present transactions are many times riskier than when a customer presents their card at the retail counter and can verify his or her identity in person. Due to a variety of factors, this Christmas season will likely see a dramatic increase in fraud - and the longer the recession, the more the sting of fraud will add insult to injury.

The bigger picture

Experts agree that as an economy worsens, crimes of dishonesty including shoplifting, house break-ins, fraud, pilferage, etc. all increase. Specifically in the area of online fraud, a study by the UK's Garlik cited an alarming 20 percent jump in online fraud this year.

Increasingly, evidence points to organized crime and international cyber gangs as being key components of the crime wave. Using stolen credit card numbers, often obtained through identity theft and phishing scams - and sometimes even purchased from criminal ecommerce websites - fraudsters know exactly how many times they can use a card before getting caught, and quickly move from merchant to merchant to scam the most possible in the shortest time. By collaborating, these gangs have perfected the science of knowing which companies to target, how often they can be hit, threshold levels that attract attention at different retailers, and where the vulnerabilities in the system are.

Gartner security analyst Avivah Litan reports that in recent months, banking clients have been warning her of a spike in fraud, much of it based on the use of stolen financial data. "There's been a marked increase in the number of attacks and the number of successful fraud attempts," says Litan, who is set to publish a report in December. "This is the busiest my practice has ever been."

Another worrying trend is the increase in so-called "friendly fraud," where otherwise good customers challenge purchases that they actually made, claiming that the goods were not received, or that something was wrong with the order (e.g. damaged goods). This creates chargebacks that, at best, delay payment to the retailer and increase processing costs, and at worst, result in lost merchandise and fines from the acquiring bank if too many reversals of charges occur on its account. Merchants are reporting that they've seen increased numbers of "good" customers doing chargebacks, sometimes because the cardholders have lost their jobs and simply can't afford to pay their bills.

Add to this the lack of consumer confidence amplified by loss of home equity lines of credit due to rapidly shrinking house values, and banks slashing credit card limits for customers who've always paid their bills, and we have the makings of a perfect storm for merchants.

Admittedly, it doesn't take a brain surgeon to read these tea leaves. But it's clear that after sales from Cyber Monday are totaled and we have a good idea of how 2008 will look, there are more tough times ahead for retailers. All indications are that the recession we're currently in is going to be longer and deeper than any we've known in recent memory, and there will be continuing pressure on profits. Good customers will be spending less, fraud attempts will increase (with even the good customers getting in on the act now), online sales will continue to be the one bright spot, and retailers will have to strike a careful balance between revenue and fraud, between protecting against losses and inconveniencing or discouraging legitimate customers.

Controlling what you can

There is nothing retailers can do about evaporating credit, consumer confidence, or the negative macro trend of increased criminal activity during economic downturns. Every penny this year, every incremental sale and every positive customer experience is going to be extra meaningful. And although you can't control the bad economy or how long it will last, there are some positive things you can do to protect yourself, and ensure that you maximize revenue potential and provide a customer experience that will keep your loyal customers coming back.

Much of controlling what you can centers around how you manage fraud. Start by asking your fraud manager: "Are we doing everything possible with our available resources?" Then ask: "What more could we do with the resources of others?"

The first question will be understood and appreciated. The second may create startled looks of confusion.

If you get a confused look, or if you're confused yourself, consider this: You compete against other retailers for sales, but does that mean there are no common interests where you could work together? Ask this question of your fraud manager and of yourself: "I know they're our competitors but what if we had Bob over at ACME, and Sue over at Bit Co. working for us on this? What if we all shared our good and bad customer experiences in a secure way that didn't compromise our ability to compete, and didn't give away anything that's private, but allowed us to know more about people we've never dealt with before. Would it help?"

Fight collaboration with collaboration

The criminals are working together. It's why they're staying ahead of efforts to defeat fraud, and why they continue to be effective in the face of the most sophisticated fraud detection tools we've ever had. They share "best practices." They share stolen card data. They tell each other which sites are most vulnerable.

The fraudsters realized some time ago that working together was enriching, and going it alone meant less profits for themselves. The opportunity exists for retailers to work together, too. The fight against fraud is tough and getting tougher. Why not share the pain? Why not share the cost of fraud with others for your benefit and the benefit of everyone?

Effective fraud management is about having an accurate picture of your risk. More information mitigates risk - it helps you distinguish good orders from bad. More information makes every anti-fraud tool and practice you employ work better, because it improves your ability to assess risk.

The more information you have access to, the better the job you can do preventing fraud, reducing your cost of managing fraud, accepting more good business, and ensuring a satisfactory customer experience. Collaboration with both your competitors and with vendors of all types can provide the data that will improve your anti-fraud practices and mount a stronger defense against the fraudsters aligned against you.

Are you ready to work together?

Andre Edelbrock is the CEO of Ethoca, a leader in collaborative fraud management powering the Global Fraud-Fighting Community for businesses in e-commerce and other 'customer-not-present' environments.