1. Field of the Invention
This invention relates generally to the processing of a request for an interaction over a computer network. In particular, the invention relates to assisting an entity that operates on the Internet to determine conditions under which to obtain additional information from a user after the user has made a request for an interaction with the entity.
2. Background of the Invention
Companies that conduct business on the Internet face challenges in obtaining enough reliable information about a user to meet the needs of the company without causing the user to have an adverse reaction, e.g., to terminate the interaction. For example, typically an on-line merchant wants to obtain enough information about a potential transaction with a customer to reliably indicate that the customer is not acting fraudulently. However, in doing so, the on-line merchant can cause the potential customer to terminate the transaction, for example, by asking for too much information, or for too personal information.
Credit card purchases of goods and services over the Internet are now common. In a typical transaction, a consumer selects one or more items to purchase, provides information identifying himself, such as his name and address, and provides payment information, e.g., credit card information.
Unfortunately, merchants doing business on the Internet face great exposure to credit card fraud. Stolen cards are used in approximately 1.2% of all Internet sales, causing on-line merchants to claim losses due to credit card fraud of more than $200 million in 1999. Currently, about 0.06% to 0.09% of traditional sales are fraudulent, making on-line transactions more than 10 times as likely to involve fraud as traditional retail transactions. At least three factors make on-line sales more susceptible to fraud than sales made at retail shopping venues. For on-line sales, the buyer does not have to 1) be physically present; 2) hand over a credit card, or 3) sign a receipt. As a consequence, on-line merchants presently suffer a variety of fraud-related costs. These costs include:
1) Loss of Payments & Merchandise
On-line fraud results in large revenue losses for Internet merchants. When an Internet merchant is a victim of fraud, it loses both the payment and the merchandise. In contrast, if a cardholder's card is used fraudulently and the merchant has a signed receipt as record of the transaction, the issuer usually absorbs the fraudulent charges.
With Internet commerce, however, the merchant, not the issuer, absorbs the fraudulent purchases. Regulations created by card issuer associations specify that in card-not-present (CNP) situations, merchants assume the full risk of purchases made by credit card, independent of authorizations made by issuing banks. Because CNP transactions are the standard for e-commerce, the current framework shifts the burden of these losses primarily to the merchants. Indeed, for companies that do all of their business over the Internet based on CNP transactions, this loss exposure can be in the tens of millions of dollars.
Beyond use of a stolen credit card or of a fabricated card number, other types of fraud frequently occur in the context of on-line purchasing. Customers more easily dispute valid charges related to on-line purchases as opposed to valid charges related to traditional retail purchases. For example, a husband may make charges to an on-line merchant and deny them to his wife. The wife, in turn, may then call the card issuer and dispute the on-line merchant's bill. Though these charges are valid, the card company may decide in favor of their customer, and the merchant becomes responsible for the chargebacks. A chargeback is a charge levied on a merchant for the amount of a purchase that was charged on a credit card and that the credit card holder successfully disputes. In addition to chargebacks, merchants are responsible for loss from disputed charges when customers claim non-receipt of goods, non-arrival of goods due to incorrect shipping addresses, or goods refused on delivery.
2) Loss from Shipping Charges
The charges for shipping goods are normally paid by consumers. When on-line fraud occurs, however, the on-line merchant must cover the cost of shipping.
3) Loss from Human Intervention
Presently, an on-line merchant can attempt to use parameter-based rules and negative files to determine credit card fraud. Parameter based rules use if/then logic to attempt to identify aberrant behavior based on specific data such as negative file information. Negative files are database files that track negative customer behavior. One can access the negative file database using a key, such as credit card number, or Social Security number. However, using parameter-based rules and negative files often leads to time-consuming fraud investigations. The fraud investigations, in turn, lead to rising administrative costs as a result of the need to increase staff to perform the investigations.
4) Loss of Valued Customers
Poorly managed fraud-control systems can lead to decreased customer satisfaction resulting in lost revenues to retailers. Many on-line retailers burden their customers with lengthy and complex on-line order forms in an attempt to minimize fraud. However, these lengthy forms frustrate and confuse customers potentially reducing the customer's good will toward the retailer. A frustrated and/or confused customer often either abandons their order of defaults to a competitor when initiating a transaction in the future. In the same vein, legitimate customers become insulted when inaccurate fraud control rules reject their orders. Such customers often permanently migrate to other vendors where they find better treatment Merchants then spend valuable marketing dollars attempting to replace the customers lost as a result of poorly managed fraud-control systems.
5) Loss from Chargeback Fees
As noted above, a chargeback is a charge levied on a merchant for the amount of a purchase that has previously been charged to a payment card, and that has been successfully disputed by a customer. When a chargeback is processed, the merchant typically pays a fee of $15.00 to $25.00. If the merchant disputes the chargeback and wants to re-present, or re-issue, the charge, an equivalent fee is billed to the merchant. If the card issuer again decides in favor of the customer and processes a second chargeback, the merchant is charged yet another fee, and this time the charge cannot be re-presented. The merchant can, however, arbitrate the charge, whereupon the issuing bank can charge an up-front, non-refundable fee of up to $50.00. Thus, for low cost items (e.g., books, clothes, etc.) merchants simply absorb the loss rather than pay the higher chargeback fees.
6) Loss from Chargeback Fines
In addition to paying a fee for each chargeback, issuing banks can levy fines on merchants having too many chargebacks. Typically 1.5-3.0% of the merchant's chargeback volume, such fines can range from a few hundred dollars per month, to $10,000 or even $100,000 per month, with fines escalating higher as chargebacks continue unabated.
7) Loss of Credit Card Privileges
The reputations of credit card brands are damaged when legitimate customers are victimized by fraud, even if they do not absorb the actual financial losses. Rules are thus instituted by the credit card brands to prevent merchants from allowing too many fraudulent transactions to occur. If fraudulent transactions exceed a specified small percentage of a merchant's overall credit-card sales, the merchant can lose the privilege of receiving payment through a credit card issuer altogether. Obviously, the ability to accept credit cards for payment is extremely important to an on-line merchant. Thus, as noted above, out of fear of losing the privilege of accepting credit cards for payment, on-line merchants are responding with generalized, lengthy and complex on-line order forms in an attempt to reduce fraud. These burdensome forms cause the loss of customers. Those on-line merchants that can solve the problem of fraud without using generalized, burdensome order forms stand to gain significant market share.
8) Limitations of Most Fraud-Risk Solutions
On-line retailers have been implementing a range of fraud detection and reduction techniques to combat the problems described above. Typical solutions that on-line merchants have deployed include the use or rule sets and basic checks such as address verification.
a) Rule Sets
Rule sets use if/then logic to attempt to identify aberrant behavior using specified data such as negative file information. A typical rule might read: “IF the transaction amount is over $1000 and the ship-to address is outside North America THEN decline the transaction”. Rule-based fraud detection and reduction methods by themselves are limited because they:                Fail to detect an unacceptably large amount of fraud        Result in high false-positive rates (a false-positive result occurs when a fraud detection method flags a valid transaction as potentially fraudulent)        Create a high volume of cases requiring human intervention to investigate transactions identified as potentially fraudulent        Are slow to adapt to new methods of committing fraud, requiring new rules to identify the fraud        
b) Address Verification Service (AVS)
AVS attempts to verify that the billing address for a credit card presented by a customer is the same as the customer's address. For example, a customer may provide her address and zip code to a merchant. The merchant then transfers at least part of the address and zip code data along with the credit card number to a server for approval. The server compares the zip code and billing address data with the physical address to which a cardholder's credit card is registered. Once the server compares this information, the server sends the merchant a response to the AVS request indicating the result of the comparison.
AVS was designed for mail and telephone orders and many on-line merchants presently use AVS. However, AVS has no international fraud detection capability, is not designed for on-line transactions, and is available only for certain credit cards. Furthermore, there are many legitimate instances when the shipping address and billing address are different. Such instances include the purchase of a gift using a personal credit card to ship goods to a work address and vice versa or when there is no shipping address at all. There may be no shipping address when companies deliver the purchased goods or services electronically. Items that companies can deliver electronically include software, reference material, subscriptions to an on-line service, and digital images.
9) Other Problems Associated with Obtaining Information from a Customer
As noted above, companies face challenges in obtaining enough reliable information about a customer to meet the needs of the company without causing the customer to have an adverse reaction. A variety of companies in addition to on-line merchants face these challenges. In-bound call centers, e.g., customer service centers or catalog ordering phone centers, as well as out-bound call centers, e.g., telemarketing operations, attempt to obtain information from a customer without causing the customer to have an adverse reaction.
A customer can have a variety of adverse reactions. The customer may terminate her interaction with the merchant or provide false and/or incomplete information to the merchant In addition, the merchant can lose the customer's goodwill; if a customer faces lengthy, confusing, or inconvenient forms or questions when interacting with the merchant, the customer may default to a competitor of the merchant when initiating transactions in the future.
An entity may collect information from a user for a variety of reasons distinct from preventing fraud. These reasons can include gathering information for marketing or for research. Companies often use registration forms for such purposes. Completion of the registration form is often a prerequisite for gaining access to portions of a site or to desirable content. Such companies do not want to cause the customer to terminate her interaction with the company, provide false or incomplete information, or lose good will toward the company. Thus, there exists a need for a way of determining the conditions under which to request information from users so as to foster the entity/user interaction.