By now, the surge in online shopping and the commensurate rise in cyberfraud over the past year are well-established themes. But what many people don’t know is how the frontline battle in that fight has changed. According to Jason Tan, founder and executive chair at the digital trust and safety firm Sift, the average attempted fraudulent purchase rose to more than $700 in the fourth quarter — up 70 percent from a year ago — fueled by a huge increase in account takeovers.
“If you can steal someone’s credentials and pretend to be them, you can do all sorts of things with that account,” Tan said in a recent chat with PYMNTS’ Karen Webster. “You can take out value from their stored wallet. You can buy stuff using their credit card. You can message other people. It’s just the perfect crime, in many ways.”
In fact, he said, the proverbial cat-and-mouse game between the good guys and the constantly adapting cyberthieves is completely imbalanced.
“The techniques are always evolving. These fraudsters are very smart. They’re always on their feet, and they’re always evolving,” Tan noted. “The asymmetrical nature of security is that, as the defense, we have to protect all avenues. But as the offense, fraudsters only have to find one way in.”
And because of these new areas for fraudsters to attack and their constantly evolving ways to “play offense,” Tan believes it will take more than companies like his to solve the problem — it will also take redoubled efforts from merchants.
“There are many different touchpoints and interactions with users that fraudsters are attacking,” Tan said. “And whether it’s buy online pick up in-store or curbside pickup, or whether it’s a digital-only order, it’s all just one customer at the end of the day. I think this makes the job even more difficult, but that’s why technology is so important and why data is so important. Being able to seamlessly connect across different channels is a big part of what we’re trying to do.”
Food, Beverage And Buy Online Pick Up In-Store Fraud
Tan mentioned one of those channels is the sharp increase in the amount of food being ordered and the way it gets delivered to customers during the COVID-19 pandemic. That has resulted in the food and beverage segment being one of the hottest new fraud vectors of 2020.
“There’s an interesting dynamic and characteristic about that industry in that the merchants cannot afford to wait to deliver goods and services. It’s a very real-time product,” he said. “You can’t wait 24 hours for your food to arrive, so that puts a lot of pressure on the merchants to make decisions quickly.”
Obviously, making quick financial decisions under duress is not an optimal scenario — especially for businesses that don’t have the “right tooling, right resources and right team” in place to make those decisions accurately, said Tan. Similarly, fraudsters have also found that weakness and pounced on the huge increase in consumers using buy online pick up in-store (BOPIS) and curbside pickup.
“BOPIS fraud has an interesting characteristic in that you don’t have to have an ID check,” he explained. “There’s no shipping address required, so there are fewer data points collected in the process.”
Even basic, old-school measures like checking to see if the shipping address and the billing address match are no longer available.
It Must Be Easy, Fast And Safe
Tan said the three parameters — easy, fast and safe — are inseparable and critical when it comes to eCommerce. And since consumers expect it, merchants must figure out how to provide it. In fact, said Tan, easy, fast and safe will define the winners and losers in the digital economy. Because of the growing need for speed, consumers have very limited attention spans, which means merchants have to maximize every possible second they get with a customer or risk losing potential revenue. To best way to accomplish this, Sift has learned, involves taking a holistic, de-siloed approach.
“There’s going to be an interesting convergence between the different teams within these organizations and merchants,” said Tan. “Marketing and product and engineering and customer service and security — there have traditionally been silos among these teams, and we think that in the future, trust and safety will separate winners from losers in a digital world. We believe that’s going to require a de-siloed approach.”
According to Tan, Sift has found that its most forward-thinking customers are the ones who evolved their various back-office players into a more holistic trust and safety team. It’s a cohesive mindset that requires everyone to accept that there is only one gate through which every customer must enter.
“Historically, a lot of merchants or businesses approached this as one-size-fits-all; everyone gets the same checkout page and the same login page,” Tan said. “But this idea of dynamic friction and being choiceful with when to introduce friction in the user experience and when not to — that’s a bit of a paradigm shift that is really rewiring [a company’s] attitude and culture.”
Facilitating that rewiring requires harmony between man and machine.
“In many situations, [humans] don’t have the same information processing power that a computer has, and so being holistic and having a best-of-breed approach, with humans and machines working together harmoniously, . . . I think that is the future.”
Omnichannel But Uni-customer
Sift research shows that holistic trust and safety is essentially a self-funding mechanism that has proven to reduce fraud by as much as 80 percent, reduce manual review by more than 75 percent and increase conversion rates by more than 25 percent.
“We really want to deliver easy, fast and safe experiences, not just safe experiences. I think the legacy mindset just focused on the safe piece without thinking about easy and fast,” Tan noted, citing the need to view the entire end-to-end consumer journey. “Historically, we’ve approached this problem just at the point of sale. We believe that [approach] is not going to be able to keep up with the way the world is going and how fraudsters are evolving. Merchants need to be holistic and look at that user journey.”