Latin America and the Caribbean (LAC) is on the path to digital revolution. ECommerce volumes are currently rising at around 30% a year in Latin America, or more than twice the global average. As a percentage of total retail sales, eCommerce rose to 16% in 2021, up from between 3 and 7% just two years earlier (1).
That’s a major achievement and a positive step for the region’s emerging economies. But it comes with one obvious challenge. Fraudsters like nothing more than rapid growth in digital payments because it is difficult to grow exponentially while also implementing the security procedures that can properly protect against scams.
The challenge facing LAC is highlighted in the statistics. Around a fifth (20%) of overall revenue is lost to fraud in Latin America, putting it second only to South-East Asia on this measure (1).
Is there anything unique about the fraud threat to the LAC region, aside from the speed of eCommerce growth? In many respects it’s facing the same risks as other regions, centred on payments fraud, refunds abuse and identity theft. But within those broad definitions a number of emerging sub-trends can be discerned.
“Friendly” fraud is a misnomer. It costs businesses millions. Often, it’s a deliberate attempt at cyber-shoplifting by a customer who buys an item online and then disputes the purchase, demanding a chargeback. Sometimes it’s the result of confusion, a genuine mistake or something else.
Whatever the cause, friendly fraud is a serious drain on resources. Merchant losses can amount to significantly more than the value of the original transaction.
The speed of eCommerce growth may have created some genuine confusion among consumers in LAC around the charges that appear on their bank statements, leading to increased incidence of friendly fraud. In cases of deliberate fraud, the rapid adoption of online selling may have left merchants without the resources to fight claims efficiently and professionally.
Airlines and fraud
As the travel industry continues its post-pandemic recovery, fraudsters are already gearing up to take advantage. Like other regions, LAC is facing a wave of airline loyalty scheme fraud as business travel returns to pre-pandemic levels. Loyalty fraud sees criminals steal frequent flyer miles and other loyalty points and trade them on the dark web.
The U.K. based Loyalty Security Association (LSA) estimates that at least 1% of all airline miles redemptions worldwide are already fraudulent (2).
And airlines in the region are reporting the emergence of a new fraud trend. Here, a fraudster will buy tickets at discount prices months in advance, then change to a same day flight at the airport. The price of changing the ticket will be covered by a small insurance fee. The flight will be completed before the transaction is properly reviewed.
Digital wallet and instant payment fraud
The spiralling popularity of digital wallets and mobile payments is also fuelling fraud, and this is a particular problem in some LAC countries.
For example, Pix is an instant payment platform and digital wallet developed by the Brazilian Central Bank and introduced in 2020. It’s a phenomenon. In 2021, Brazil recorded 8.7 billion real-time transactions. That’s expected to rise to over 82 billion by 2026 (3). Pix is the fastest-growing instant-payment app in the world.
Again, the super-fast take-up of new technology is creating potential security gaps that fraudsters are quick to exploit. There have been reports of scams using fraudulent Pix payment QR codes (4), and even kidnappings in which victims are forced to transfer funds using the app (5). And the problem with all digital wallets is that if your phone gets swiped your payment app goes with it.
Card not present fraud
As eCommerce surges in the region, so does the proliferation of card not present transactions. Many digital retailers save credit card details, so customers don’t have to enter them every time they make a purchase.
This is convenient for consumers, but also one probable driver behind the spike in LAC’s eCommerce fraud. It’s simply much easier to commit credit card fraud when the card in question doesn’t have to be physically present, and when details don’t have to be entered.
Card testing is a common fraud attack. Card testing is a card not present attack where fraudsters buy stolen credit card details and then attempt multiple small purchases to weed out cancelled cards. Those that are still active can then be used for larger purchases.
Criminals can programme bots to attempt thousands of low-level purchases at the same time, bombarding merchants with transactions and causing huge financial and reputational damage.
While LAC faces many of the same fraud challenges as the rest of the world, the speed of its transformation to digital commerce may be leaving gaps in protection that criminals exploit.
Accertify has a comprehensive platform to address today’s threats with the agility to detect what comes tomorrow. With a simple API integration and real-time machine learning based risk decisions, our seamless approach makes it simpler to protect your organisation while delivering excellent customer experience.