Digital payments have quickly become the preferred payment method for consumers worldwide. They are quick, easy and create opportunities for diverse consumer-merchant interactions. Unfortunately, digital payments also create opportunities for fraud.
The 2022 PwC Global Economic Crime and Fraud Survey found that 51% of organizations have experienced payment fraud since 2020, the highest percentage since PwC began its research two decades ago.
Fighting fraud and cybercrime is a never-ending battle. Even as businesses improve their defenses, fraudsters will innovate and find security gaps they can exploit. The reality is that all merchants, and the independent sales organizations (ISOs), independent software vendors (ISVs) and payment facilitators (PayFacs) that offer them payment services are at risk.
To ensure your business (and your merchants’ businesses) are secure, adapting and updating your fraud prevention strategies must be an ongoing priority. Below, we explore five tips you can use to identify and prevent fraud.
The Impact of Payment Fraud
According to a recent Nilson Report, payments fraud losses worldwide in 2021 totaled $32.34 billion, 13.8% more than in 2020. Fraudulent transactions often result in debilitating losses for small- and medium-sized merchants (SMBs) and may take years to recover from.
In addition to direct monetary and inventory losses, payment fraud can also lead to unexpected fees and reputational damages.
For instance, some reports found that merchants lose $3.75 for every $1 lost to fraud due to added fees, increased overhead and other costs. Merchants must also consider the risks that fraud poses to their reputations. If a fraudster compromises personal and financial information, it can devastate consumers and ultimately harm their relationships with merchants.
ISOs, software providers, and PayFacs face additional pressures as clients turn to them for effective fraud prevention solutions. These businesses must provide the tools and services needed to mitigate fraud risks for merchants and minimize the potential impact on their own reputations and financial positions.
How Does Payment Fraud Happen?
Payment fraud often begins with a hacker or fraudster stealing payment card data. Unauthorized people can acquire payment data in several ways, such as through a phishing attack that tricks people into providing cardholder data, using malware to steal data or purchasing cardholder information on the black market. Fraudsters can also capture payment data in other ways, such as skimming, which uses a device installed on a payment terminal to record card numbers and PINs.
Once fraudsters have stolen card data, they will either resell the information or use it to make purchases. However, with enough details, they may even hijack the person’s identity and take out loans or open accounts in their name.
What Are the Most Common Types of Payment Fraud?
Every year, fraudsters develop new methods of stealing payment information. Some of the most prevalent fraud schemes include:
Credit and Debit Card Fraud
Credit or debit card fraud occurs anytime an unauthorized person uses a card to purchase items or withdraw cash. A fraudster may also use stolen information to make a counterfeit physical card to use at a payment terminal.
According to Visa, counterfeit card fraud decreased by 87% in the first four years after the U.S. implemented EMV technology, and overall card-present fraud fell by 40%. Unfortunately, online fraud rose by 137% in the same timeframe.
Friendly fraud, also known as chargeback fraud, is on the rise. This type of fraud involves the legitimate cardholder making a purchase, then requesting a chargeback, claiming they didn’t authorize the payment or weren’t satisfied with the product or service.
Digital trust and safety solution provider Sift reports that chargebacks increased over 35% from Q1 to Q4 2022, and about one-fourth of consumers admit to committing friendly fraud.
Card Testing Fraud
Card testing fraud occurs when someone tests a stolen card to determine if they can use it to make purchases. They do this in several ways; some will validate cards by adding them to online accounts or apps that take payments. Others will run a series of transactions across several websites to see if a card declines or processes the payments. If they can successfully verify a stolen card, fraudsters will either resell it on the dark web or use it themselves.
If signs of card testing aren’t identified in time, merchants could face a financial crisis. Unfortunately, small- to medium-sized businesses and organizations that accept donations are often particularly vulnerable to card testing.
A type of fraud that is especially dangerous to ISOs, software providers and PayFacs is merchant fraud. This occurs when a fraudster poses as a legitimate company to steal from businesses and consumers.
These actors may offer expensive or rare items at bargain prices to entice people to buy something. In some cases, fraudsters may take the money and disappear completely. Other times, they may deliver counterfeit or low-quality products to customers who paid full price for what they assumed was genuine.
Unfortunately, payment providers are often liable for merchant fraud - primarily if the transactions occurred on their own platform.
Top 5 Tips to Reduce Payment Fraud
Although fraud rates are growing every year, there are processes you can implement to reduce your risks of becoming a victim. These five anti-fraud activities should be a part of every business’s fraud mitigation strategy:
- Carefully evaluate merchant services applications. Conduct in-depth risk-scoring analyses when onboarding new merchant accounts in compliance with Know Your Customer (KYC) and other regulations. Then, prioritize ongoing monitoring of their activities after they’re using your platform to watch for suspicious activity.
- Monitor transactions for irregularities. Stay vigilant for unusual behavior, such as large transaction volumes, purchases in different geographic regions, and payment activity at unusual times of the day. If you suspect foul play, notify your merchant or contact the consumer’s bank so they can investigate before releasing funds.
- Flag unusually large transactions. Keep an eye out for unusually large transactions or orders, and flag any that seem suspicious.
- Enforce multi-factor authentication. Ensure no one can access a merchant’s system without several ways to authenticate their identity. For instance, you may require a password, PIN and IP address to log in to your merchant portal.
- Use advanced, AI-powered fraud detection and prevention solutions. Solutions leveraging artificial intelligence (AI) can detect fraud, identify customers who pose a high risk and flag new accounts to prevent purchases by fraudsters who have committed identity theft.
Fight Back Against Payment Fraud
The tips above for reducing payment fraud will be more effective if you implement them with the help of technology, especially with advanced capabilities from AI. With real-time database searches and instant alerts, ISOs, software developers and PayFacs can use AI solutions like Kount to minimize their risk of attack and ensure they are KYC-compliant.
Other solutions, like our Automatic Card Testing Detection tool, detect anomalies in activity or behavior in near real-time, allowing you to stop fraudulent transactions before they harm your business.
Fraud should never be considered the cost of doing business—because the cost is too high. In addition to protecting your own interests, you have a responsibility to the merchants that rely on you for payment services (and the consumers who do business with them) to do all you can to protect their accounts and cardholder data.
To learn more about payment fraud and how we can help keep your business and customers safe, contact us today.