AntiFraud.es / Case Studies / CNP Fraud — E-commerce
🛒 E-commerce

CNP fraud reduction for major European retailer

A layered card-not-present fraud strategy combining device fingerprinting, velocity controls, and 3DS2 optimisation — cutting chargebacks nearly in half while growing revenue.

−44%
Chargeback rate
+12%
Revenue (fewer false declines)
3mo
Payback period
−38%
False decline rate

The challenge

A major European e-commerce retailer with annual revenues exceeding €800M was caught in a classic CNP fraud squeeze: rising chargeback rates were attracting card scheme fines and threatening their merchant category status, while their fraud team's response — tightening decline thresholds — was generating an unacceptable rate of false declines that was costing the business millions in lost legitimate revenue.

The fraud team had implemented 3DS2 the previous year but had not optimised its configuration, resulting in high authentication friction for low-risk transactions and a poor mobile checkout experience. Their device fingerprinting solution was outdated and being circumvented by organised carding groups using residential proxy networks and emulator farms. The business needed a fundamental rethink — not more rules, but smarter controls.

Fraud landscape analysis

The engagement began with a forensic analysis of 90 days of transaction data, confirmed fraud, and chargeback records. The analysis revealed a highly structured attack pattern:

  • 68% of fraud losses were concentrated in a single product category (high-value electronics) ordered for next-day delivery to a small cluster of address patterns
  • Organised carding groups were using automated card testing on low-value transactions to validate stolen cards before high-value fraud attempts
  • The retailer's 3DS2 exemption strategy was misconfigured — it was requesting authentication on 40% of transactions that qualified for transaction risk analysis (TRA) exemption, creating unnecessary friction
  • False declines were disproportionately affecting legitimate customers on first-time purchases from new devices — a customer segment with high lifetime value

"Facing relentless fraud attacks, we needed more than a vendor — we needed a true partner. Their proactive insights and tailored approach went far beyond the contract. We sleep much better at night."

— Head of Payments & Fraud, Major E-commerce Group

The solution

1

Next-generation device intelligence

Replaced the legacy device fingerprinting solution with a modern device intelligence platform incorporating browser signal analysis, hardware fingerprinting resistant to proxy rotation, and emulator/bot detection. This specifically targeted the residential proxy and emulator farm attack vectors identified in the forensic analysis, cutting automated carding attack volume by 71% within four weeks.

2

3DS2 optimisation

Rebuilt the retailer's 3DS2 exemption strategy from scratch. Implemented a risk-based approach that applied TRA exemptions intelligently — removing authentication friction from 94% of low-risk transactions while ensuring 3DS2 authentication was applied precisely where it added protection. This simultaneously reduced checkout abandonment and shifted fraud liability to issuers for authenticated transactions.

3

Velocity controls & order risk scoring

Designed a multi-dimensional velocity control framework targeting card testing behaviour, and an order-level risk scoring model incorporating product category, delivery address risk, customer tenure, and device history. High-risk orders were routed to a manual review queue staffed by a trained fraud operations team with clear decision guidelines — keeping review volume manageable while catching high-value fraud.

4

False decline recovery programme

Implemented a structured programme to recover falsely declined legitimate customers: automatic retry via 3DS2 for rule-declined transactions with no fraud signals, a customer-facing dispute mechanism for declined orders, and a post-decline re-engagement flow. This directly contributed to the +12% revenue improvement measured against the pre-engagement baseline.

−44%
Chargebacks
+12%
Revenue
3mo
Payback

Commercial impact

The combination of reduced fraud losses, lower chargeback fees, and recovered legitimate revenue delivered a full return on the engagement investment within three months. The retailer's chargeback ratio dropped from 0.82% to 0.46% — well below the card scheme warning thresholds — removing the threat of merchant category review. Mobile checkout conversion improved by 6% following the 3DS2 optimisation, representing a significant ongoing revenue contribution.

Related case studies

🏦 Retail Banking

APP fraud strategy overhaul for international bank

−28% fraud losses, +9pts approval rate in 6 months.

 ⚡ Fintech

Identity fraud framework for neobank

−61% synthetic ID fraud. €4.2M saved in year one.

 🛡️ Service

Fraud Strategy Consulting

End-to-end fraud strategy for e-commerce and payments.

Engagement snapshot

€800M
Client annual revenue
−44%
Chargeback reduction
+12%
Revenue improvement
3mo
Full ROI payback

Fraud types addressed

CNP / Card fraud Carding attacks Card testing Triangulation fraud Friendly fraud

Capabilities delivered

Device intelligence 3DS2 optimisation Order risk scoring Velocity controls Decline recovery

High chargebacks hurting your business?

Let's identify where your fraud controls are leaking and fix them.

Get in touch →