This article is a summary of an Accertify commissioned study, conducted by Arizent Research. The resulting whitepaper provides statistics on different types of fraud attacks, which customer interactions are monitored by merchants, and how surveyed parties intend to invest in fraud prevention.
Fraud is always evolving. As soon as one threat is neutralized, multiple ones replace it. Professional cybercriminals and their tactics for defrauding merchants should not be underestimated. A new study, commissioned by Accertify, sheds light on which threats are of most concern to fraud prevention professionals at some of the largest businesses in the U.S. and what they believe they must do to adapt.
Payment Fraud Management: Highest Concern and Largest Increase
There has been a sharp increase in fraud since March 2020. This study also found that 84%1 of merchants experienced an increase in fraud in the last year. As new fraud management measures were instituted, cybercriminals launched increasingly sophisticated campaigns to subvert and disrupt. It is safe to say that managing fraudulent activities is at the forefront of merchants’ minds and priorities.
Some types of fraud are of greater concern than others. Respondents reported on their areas of greatest concern and ones in which they have seen the greatest increase in fraud in the past year:
Concerned About in 2020
Increased Most in 2020
Online payment fraud
Refund fraud/orders-not-received fraud
Gift card fraud
Account opening/new account creation fraud
Promotion abuse (coupon)
The types of fraud that feel like a real and present danger for merchants can be reduced by effective mitigation strategies and fraud management systems.
Online Payment Fraud
Any online transaction is at risk for fraud. Direct theft can occur when payment portals or other checkout processes are compromised. Particularly in the e-commerce space, payment gateway monitoring and security may support the detection and prevention of payment fraud.
Fraud that occurs at point of sale is fairly standard. Verification of card, device, location, and payer can be used to minimize the damage caused by online payment fraud.
Refunds abuse and fraud has become more prevalent recently, especially during the COVID-19 pandemic. Even though online shopping has increased, many shipping providers are still unable to obtain signatures for packages. In this and numerous other scenarios, fraudulently claiming items or deliveries were not received, is a simple way for fraudsters to exploit merchants. According to the research, it is more likely to occur in larger companies that have more than $1 billion in revenue1. Refunds abuse is also known as “delivery-not-received fraud”. In this scenario, the cardholder requests a refund, claiming they have not received their item and there is no adequate proof of delivery. There are entire fraud rings waiting to exploit merchants, costing billions of dollars a year in losses.
To prevent refunds abuse, merchants can refine return policies, use transaction keys, validate terminals or site visit sessions, and verify purchases and the delivery of items before refunding money.
Customer impersonation is easily achieved either manually or en masse by skilled cybercriminals and artificial intelligence (AI) programs. Identity theft – the fraudulent acquisition and use of a person’s personally identifying information (PII) – is only avoided with comprehensive identity fraud management. This is mission critical: in 2020 alone, 49 million consumers were victims of identity fraud, with loss estimates calculated at $56 billion. Major settlements for notorious data breaches underscore the risks of inadequate security. Merchants can leverage available technology to identify trusted users and accurately recognize known customers.
Gift Card Fraud
Gift card theft, gift card return fraud, physical gift card tampering, and gift card scams are all problematic. The Federal Trade Commission (FTC) reports $79.9 million lost to gift card scams in the first three quarters of 2020. Respondents in the study specifically pointed to the prevalence of gift card fraud through the COVID-19 pandemic with 24%1 citing an increase in 2020. Gift cards are extremely easy to sell once fraudulently obtained, making this a lucrative and simple option for fraudsters.
Strict check-out rules for purchases with gift cards that include order flagging is a widely recommended method for minimizing gift card fraud.
New Account Creation Fraud
Allowing users to create online accounts is a rewarding feature that many consumers want. But it is also risky. Businesses need to provide a frictionless customer onboarding experience while minimizing new account fraud. New accounts can be populated with stolen identities. Automated attacks can also mimic real account creation both in speed and frequency.
Behavioral biometrics are one powerful way to identify new account fraud. This, combined with a holistic fraud prevention strategy, can go a long way in stopping fake accounts before they begin
When businesses want to expand their customer base, they will often use promotional offers. Fraudsters know this and exploit it. This form of fraud can happen in highly competitive markets when businesses seek to beat out the competition with attractive offers and coupons.
Any business struggling with promotions abuse needs to revisit the level of control and monitoring it exercises over promo codes and coupons. Fraud prevention teams and marketing teams need to work together and communicate, so increased usage can be predicted and methods for tracking or offering limited time promos are internally understood. To enhance security, coupon codes and other offers can be individualized to match customer identity parameters or geotargets.
Requiring identity fraud management, account takeovers are not fake accounts but rather hijacked ones. This may happen by an attacker simply changing the credentials for a legitimate customer’s account. Account takeovers can quickly turn into theft when the bad actor charges purchases or otherwise defrauds someone’s account.
The dark web, data breaches, insecure payment portals, and even poor password security can all be entry points for this type of fraud. Merchants can protect users from this by requiring multi-factor authentication, monitoring suspicious activity, and using other fraud management tactics.
Accertify Fraud Management
The first step in payment fraud management is to implement strong prevention measures. After all, cutting off an attack before it occurs is the ideal scenario. The challenge is that cybercriminals know that predictability undercuts their success. Tactically, they leverage gaps in a system to exploit in ways merchants cannot always foresee.
Accertify’s superior fraud management services provide elite insight, so merchants are no longer left to merely react to what has happened. Instead, Accertify solutions put merchants in proactive control, identifying online fraud before it occurs. Accertify provides simple API integration, leading machine learning and optimal rules strategy, formulated by experts with decades of experience in fraud management. This meticulously designed solution is smarter, faster, and more adaptive.
Request a consultation to learn how implementing a payment and identity fraud management solution can help with fraud prevention.
1Source: Arizent Research/PaymentsSource, December 2020/January 2021