Nowadays, not only the world’s leading e-commerce giants are struggling with fraud. The problem affects almost every business that sells its products or services online. Among many types of fraud, “friendly fraud” is one of the most difficult challenges that each and every online business has to encounter sooner or later. According to CardNotPresent.com, it accounts for up to 86% of all chargeback requests and costs retailers more than $11 billion per year. Fortunately, merchants are not left to their own devices anymore. There is an effective way to fight “friendly fraud”. But first, let me explain what the troublesome phenomenon is all about.
“It wasn’t me…”
“Friendly fraud”, also known as “chargeback fraud”, occurs when a legitimate customer purchases a product or service online using their credit card, yet once the order is delivered they request a chargeback (refund) from their bank.
The customer may claim that, e.g.:
- they didn’t receive the ordered item (although they did),
- a family member had carried out the transaction that the cardholder was unaware of,
- they do not recall making the purchase,
- they hadn’t been informed about the terms and conditions of subscription-based purchasing.
If you sell physical goods, it’s not that bad. You can at least demand a return of your product or use the shipment receipt signed by the customer as a proof of delivery. But in the case of digital goods, the possibilities are much more limited. Nevertheless, the chances of successfully concluding a dispute with a dishonest customer are negligible.
Regardless of the type of your business, the “better safe than sorry” rule is always applicable. You would rather prevent fraud than lose money or claim your rights in court, wouldn’t you? Moreover, any conflict with a customer, can have a negative impact on your company’s reputation and might hamper your sales.
Let me illustrate what “friendly fraud” looks like, using two examples:
1) an e-store selling physical goods and
2) a gaming platform selling digital items (e.g. CS GO rifles, magic spell books etc.).
Example #1 – A Disappearing T-shirt
Imagine the following situation:
- A customer buys a T-shirt worth $10, pays by card.
- The e-store fulfills the order and delivers it to the customer.
- The customer receives the parcel.
- As soon as the courier is gone, the recipient contacts their bank claiming that their credit card has been charged for purchases that have never been delivered and demands a refund (chargeback).
The bank, as well as the card organisation have no reasons not to believe the customer, so they accept the complaint. As a consequence, the online store that sold the T-shirt receives the demand to return the charged amount to the customer’s credit card. The merchant not only loses their product and money but also has to cover the costs associated with the whole chargeback procedure.
If the online store does not agree with the decision and claims that the customer actually received their order, it can assert its rights in a court. However, the cost of such a judicial proceeding would be much higher than $10. In other words, it’s not worth it.
Therefore, it comes as no surprise, that many online stores treat “friendly fraud” as a necessary evil and include it in their overall operational costs (although they shouldn’t).
Example #2 – Virtual money, real loss
Let’s take a look at another example – a gaming platform selling digital goods:
- A parent of a few years old child gives them a smartphone to play.
- On this smartphone, there is a mobile game installed with the parent’s credit card linked to the in-game user account.
- The child buys some items to make the game more entertaining, but does not fully understand that “virtual golden coins” in the game are in fact real money (as they cost real money).
- As soon as the parent discovers that the card has been charged a substantial sum of money, they turn to the bank with a complaint of illegitimate transaction and request a chargeback.
As the transaction was carried out not by the cardholder but somebody else – in that case their child – the game publisher has to, just like the online T-shirt store, give the money back and cover procedural expenses.
How to protect your online business against “friendly fraud”?
To prevent “friendly fraud”, without damaging your shopping experience and company’s reputation, it is essential to get to know and deeply understand your customers. It requires careful observation enabling accurate conclusions and predictions towards their future behaviour.
In the digital world, the ability to “observe” customers is limited – most often, merchants know about their customers only as much as the latter choose to tell/show them. Therefore, it is necessary to use software that allows to reveal more information about each of the customers individually. The process of collecting data about them and discovering interdependencies between numerous, apparently unrelated variables is called “profiling”. Due to the volume and the complexity of data, one needs to apply Machine Learning for this task.
High quality “profilers” collect thousands of data points describing each person’s software, hardware, network environment and behaviour each time they interact with the service – be it an online store, a gaming platform, a SaaS product, you name it. In the case of “friendly fraud”, behaviour is the most important aspect. It’s not only what a customer is doing but also how they behave while visiting the analysed website. The point is that, you need to simultaneously collect information about, for instance, what product categories the customer is browsing, what parts of the website they are clicking, how they are using their mouse/touch screen etc.
In the analysis, there are also other data taken into account, including:
- the history of previous purchases made by the users (when was the last time the user bought anything in your e-store and for what price, how often they make purchases, were there any chargeback requests before etc.).
- Device fingerprinting – allows to verify whether a given device (computer, tablet, smartphone) had been used before for fraud attempt.
By recognizing individual behavioural patterns of each customer, you can create their digital profile and compare it with behavioural profiles of previously detected fraudsters. It is also possible to detect behaviour indicating that someone else than the legitimate account owner is logged in, before the purchase is made (like a child instead of their parent in the second mentioned above example). Thanks to this information you can then secure the transaction, e.g. by activating a conditional authentication layer, for example a request to provide the CVV number of the card or a unique PIN code.
What if …?
If the e-stores owners described in the above examples had used profiling and Machine Learning solutions, they could have significantly reduced the risk of “friendly fraud”.
The e-store could have secured a shipment by requesting the recipient’s identity card while delivering the T-shirt. And the game publisher could have prevented a child from making a transaction by requiring a confirmation code that only the parent would know. That kind of friction should be added only where it’s necessary and the probability of fraud is high.
The cost of introducing such security measures, would be much lower than the losses caused by “friendly fraud”.
Last but not least. Let’s not forget about building strong relationships with your customers. Applying profiling and Machine Learning solutions should be reinforced by excellent customer experience, as it is considered one of the most effective ways of reducing the risk of friendly fraud.
Communicate with your customers, stimulate engagement, reward the most loyal ones, send newsletters and coupons, help them immediately when they are looking for a resolution to their problems, build a strong bond with your brand.