One-Size-Fits-All Solutions Fail to Keep Pace With Rising Payments Fraud

eCommerce

Cybercrime is nothing if not varied.

Phishing scams, romance scams, synthetic IDs — and now, with the rise in contactless payments and eCommerce spurred by the pandemic, we’re seeing a boon in buy now, pay later (BNPL) and friendly fraud.

Eric Christensen, chief payments officer and vice president of product at Digital River, told PYMNTS that in a bid to battle the bad actors, a varied teamwork approach is best.

COVID, of course, has driven more people online than ever before. Friendly fraud continues to be a problem, he said, where many users have gone online to go shopping for the first time — and they are not necessarily used to the online experience. That may lead to confusion about who bought what — and when — and chargebacks from consumers who honestly believe they didn’t authorize a transaction.

In less innocuous cases, fraudsters might try to game the system, filing a chargeback though a legit transaction has occurred — and the bank winds up issuing a refund, on the assumption that actual fraud has been committed. And Christensen noted that subscription commerce also has been part of the growth in friendly fraud.

“You signed up for some monthly services,” he offered as a hypothetical example, “and a few months later, you realize that you’re getting charged six different services for $19.99 each, and you try to get them canceled and get refunds.”

In another example of relatively newer avenues of interest for criminals, Christensen said that with the ongoing explosion of buy now, pay later (BNPL) products, “The sector is ripe for fraudsters to attack.”

“Anytime you see these new trends come out in the payment space, there are usually fraudsters looking out for vulnerabilities,” he continued. “It’s important to make sure that all of these BNPL offerings have the right fraud controls.”

Looking ahead, they may train their sights, increasingly, on QR codes — which of course, upon being scanned by individuals, offer a way for fraudsters to access their information.

Four Top Considerations

Against that backdrop, he said, the four-legged stool is critical, tying together tools, policy, strategy and learning.

Regarding tools, as he told PYMNTS, “There is no one fraud solution that will solve all of your problems. You bring in the tools that strengthen one another.”

See also: Secret Sauce: 75% of Top-Ranked Global eCommerce Sites Use IP-Recognition Tech

But beyond the technologies — the hardware and software deployed — those tools are only as good as the people wielding them. Without the right policies and strategies in place, he said, fraud operations teams will be bumping into walls (hypothetically speaking), noting that one piece of software or alert may prescribe one course of action, but users might be steered in another direction by another protocol.

Christensen added that policies should dictate that all employees within an enterprise are as focused on fraud as they are on designing products.

“Anytime you roll out a product,” he said, “that product manager needs to understand what the potential fraud risks are of that solution and making sure that they are covered, and that the fraud team is able to get the data that they need to be able to do their job as those products roll out.”

Data, with strong visualization and analytics in place, can help firms strategically combat cyberthreats — and figure out the best ways to do battle.

Learning is a strong layer of defense, he told PYMNTS, as the financial services industry can educate consumers to be careful with their credentials, and where they click — merchants can also benefit from learning more about friendly fraud, he said.

After all, said Christensen, making it more difficult for the fraudsters to do what they want to do will drive them elsewhere. Fraud, after all, is a business, and criminals are constantly conducting cost-benefit analyses.

“The amount of fraud, and the fraudsters, won’t slow down anytime soon,” said Christensen. “The more payment methods you use, the more convenience that you allow the customer to have, the more opportunities for fraud there are. Every time you’re rolling out a product or a change to your system, fraud has to be top of mind as part of part of that experience.”

See also: Digital River Debuts Drop-in Checkout, Allows Payment Acceptance with Global Compliance