Ecommerce Fraud Incident Response: A Grounded Theory Study

Aim/Purpose: This research study aimed to explore ecommerce fraud practitioners’ experiences and develop a grounded theory framework to help define an ecommerce fraud incident response process, roles and responsibilities, systems, stakeholders, and types of incidents. Background: With a surge in global ecommerce, online transactions have become increasingly fraudulent, complex, and borderless. There are undefined ecommerce fraud roles, responsibilities, processes, and systems that limit and hinder cyber incident response to fraudulent activities. Methodology: A constructivist grounded theory approach was used to investigate and develop a theoretical foundation of ecommerce fraud incident response based on fraud practitioners’ experiences and job descriptions. The study sample consisted of 8 interviews with ecommerce fraud experts. Contribution: This research contributes to the body of knowledge by helping define a novel framework that outlines an ecommerce fraud incident response process, roles and responsibilities, systems, stakeholders, and incident types. Findings: An ecommerce fraud incident response framework was developed from fraud experts’ perspectives. The framework helps define processes, roles, responsibilities, systems, incidents, and stakeholders. The first finding defined the ecommerce fraud incident response process. The process includes planning, identification, analysis, response, and improvement. The second finding was that the fraud incident response model did not include the containment phase. The next finding was that common roles and responsibilities included fraud prevention analysis, tool development, reporting, leadership, and collaboration. The fourth finding described practitioners utilizing hybrid tools and systems for fraud prevention and detection. The fifth finding was the identification of internal and external stakeholders for communication, collaboration, and information sharing. The sixth finding is that research participants experienced different organizational alignments. The seventh key finding was stakeholders do not have a holistic view of the data and information to make some connections about fraudulent behavior. The last finding was participants experienced complex fraud incidents. Recommendations for Practitioners: It is recommended to adopt the ecommerce fraud response framework to help ecommerce fraud and security professionals develop an awareness of cyber fraud activities and/or help mitigate cyber fraud activities. Future Research: Future research could entail conducting a quantitative analysis by surveying the industry on the different components such as processes, systems, and responsibilities of the ecommerce fraud incident response framework. Other areas to explore and evaluate are maturity models and organizational alignment, collaboration, information sharing, and stakeholders. Lastly, further research can be pursued on the nuances of ecommerce fraud incidents using frameworks such as attack graph generation, crime scripts, and attack trees to develop ecommerce fraud response playbooks, plans, and metrics.