Laura Carruthers is the Director of Fraud Prevention at Boku. With more than 10 years of experience, she’s an expert on fraud and risk management and their effects on industry-leading merchants across different countries, verticals and customer bases.
It can start as a ‘one-off’ refund request, a momentary lapse in honesty, in order to save money on goods or services already consumed. If successful the first time, the temptation to repeat this activity can be strong. Though this may not match most people’s idea of a ‘fraudster’, it is not a fully legitimate or honest interaction – and most businesses consider this to be fraud.
Read on to find out what constitutes first-party fraud and what doesn't, what the impact of this type of fraud is, and how you can protect yourself from it as a merchant.
Definitions
- First-Party Fraud or Friendly Fraud. A type of fraud where the perpetrator is the owner of the payment method or identity, meaning they are who they say they are, but they claim that the payment was fraudulent: carried out by an unknown, malicious third party. Or they may claim that the goods were never received, in order to receive compensation. This can be intentional or unintentional.
- Third-Party Fraud. A typical payments fraud situation in which a malicious third party makes an unauthorised payment on a victim’s account or payment instrument.
- Offer or Policy Abuse – Any dishonest or systematic abuse or misuse of policies to create a profit or benefit. These can include refund policies, promotions, offers and trials, among others.
We can consider offer abuse and friendly fraud to be similar in that the perpetrator is usually acting under their own identity and credentials. The recipient benefitting from or purchasing the resulting product or service may or may not realize the transaction was not legitimate.
While the lines between spontaneous abuse and intentional first-party fraud may be blurry, the damage to businesses in terms of lost revenue is clear. More merchants are reporting refund or policy abuse and first-party misuse than any other type of fraud globally, with MRC’s report finding that around 33% of merchants experience first-party misuse.
With the increasing adoption of strong Multi-Factor Authentication (MFA), biometric-based authentication methods are on the rise, making online payments more secure. Use of biometrics makes it more difficult for fraudsters to pretend they are someone else, for the purpose of using that person’s funds.
But these days the consumers’ Internet is overflowing with offers, promotions, no-questions refund policies and consumer protection schemes – and the potential for abuse is ripe for the taking. This can be attractive for both the experienced fraudster and the ‘regular’ customer alike.
It also opens a door for another abuse category that poses a risk to merchants – the unapproved reseller. These parties see an opportunity to make money by systematically and repeatedly consuming offers, or misusing products and services in a way to make them accessible, then sell on.
This might look like an individual who has found a way to redeem in bulk an offer such as a free trial and sell access to the generated accounts for a profit. In some cases, this can be done without any malicious intention, but with a lack of awareness of the consequences.
What are the impacts of friendly fraud and abuse?
Situations where products and services are consumed but not paid for, create an obvious revenue loss for merchants. When considering refunds, disputes or claims there is also an operational cost to facilitating these compensations.
Distinguishing abuse and friendly fraud from a typical third-party payment fraud transaction can also create challenges. Skews in feedback data and incorrect labelling can cause updates to AI-based risk controls that may adversely impact genuine customers.
How can merchants protect themselves from friendly fraud?
- Review offers and policies, and clearly define reasonable terms of use that staff can follow easily and efficiently when handling claims.
- Apply fraud prevention controls and decisioning at all key stages of the customer lifecycle – from signup, to payment, as well as any refund requests or offer redemptions. This is an essential consideration for managing all types of fraud.
- Maintain open discussion with your payment service provider (PSP) about what behaviours and transactions are considered fraudulent or abusive, so this can be relayed to issuers when necessary.
- Consider choosing local payment methods (LPMs) that utilize strong biometric MFA, and where issuers handle fraudulent payment disputes and cover fraud liability costs for unauthorised payments. This will save both revenue and operational resources from handling lengthy and complex dispute processes involving external parties.
Conclusion
As fraudsters, as well as average consumers, continue to seek ways to save money online, the risks of fraud and abuse are diversifying. Consider a robust fraud prevention and payments strategy to include lower risk payment options, strong forms of user authentication, and transparency with PSPs and Issuers.
Boku works closely with merchants to understand what success looks like for their business and offers an extensive network of secure payment methods. Tackling all types of fraud and abuse is a key component in Boku’s LPM optimization and customer success initiatives. Please get in touch if you would like to learn more.
Popular articles
No items found.