Black Friday or Black Fraudday? Securing your business during the holiday season
nethone fraud ocean hero background

The holiday shopping season is coming. With social media channels being flooded with ads and “best deals” attacking us - online shoppers - from each and every direction, Black Friday weekend and holiday season fever is on! Securing your business during Black Friday and the holiday season

You’re getting your online store ready for the season and have already planned everything - from extra server capacity to hiring seasonal workers ready to pack orders and send them straight away to the excited customers. You’re ready to see increasing bars of sales and revenues…

…but are you aware there’s something that can lower them?

Amidst the COVID-19 pandemic, online sales on Black Friday 2020 reached $9 Billion in the United States, which is almost 21.6% growth year-over-year! Cyber Monday was even more impressive, bringing in $10.8 Billion of revenue (a 15% increase on 2019). According to the Digital Commerce 360’s projections, this year customers in the U.S plan to spend $36.4B over the course of the Cyber 5 (Thanksgiving to Cyber Monday). This sales madness is probably what most retailers are waiting for, but they have to remember - without proper prevention, Black Friday weekend may easily turn into a Black Fraudday weekend.

Working closely with e-Commerce and Travel companies, we observe fraud seasonality, and the numbers seem to confirm it. Let’s take Great Britain as an example; according to TSB Bank, a staggering 24% of people who shopped online on Black Friday weekend experienced fraud attempts. Why are these rates so high? To better understand this phenomenon, we should consider three common aspects:

  1. Firstly, criminals like crowds - it’s easier for them to hide their identity among thousands of faces. The same principle applies on the Internet; more traffic and orders, easier to hide.
  2. Secondly, carding is a full-time job. Fraudsters don’t input single transactions manually; they use bots to get things done for them in a faster and more efficient way. As it has been observed, sometimes they test stolen cards by making small purchases before the peak, then conduct their massive attacks during the Black Friday weekend (or a similar occasion).
  3. Last, but certainly not least; getting ready for the busiest days, merchants “loosen” their velocity rules to reduce the number of manual reviews and denials. This results in accepting more traffic, and in turn, an increase in fraudulent transactions.

However, the scale of card-not-present fraud isn’t glaringly obvious after the holiday season wraps up. Each year we see e-Commerce celebrate hitting new sales records, but the threat of fraud lurks in the shadow of this success. It will eventually come to light… But when?

Chargeback festival

According to Chargeback911, the peak season for chargebacks is typically the first quarter of a calendar year. The fact that they are mostly filed around 45-60 days after the purchase indicates the spike correlates with the Black Friday - Cyber Monday weekend and the holiday shopping season fever. The figures are terrifying; chargebacks filed during Q1 represent a massive 41% of their total yearly number!

And what is the real cost of chargeback for a merchant? It’s not only the cost of purchased goods and the refund, but also the fee from the acquiring bank, which covers the costs of processing the chargeback. It is estimated that in 2018 every dollar of fraud cost e-Commerce companies around three dollars. If we imagine $100 of the average $420 spent during the holiday season was fraudulent, that means the merchant lost almost ¾ of their income on that particular client! And the loss is not immediate – just take a look at the chargeback timeline. Black Friday Chargeback timeline

E-retailers admit they expect troubles with chargeback programs in the first quarter of the following year, as their chargeback rates increase sharply after holiday sales boost. For those who sell seasonal goods, it may be an especially dangerous situation – they get the most sales during the peak, but chargebacks are filed in the following, less lucrative months. This, combined with fines from the card issuers, may seriously threaten a loss of financial liquidity.

How to secure your business

Securing online business during sales peaks, especially in terms of not killing the conversion, does not look like a piece of cake. Merchants need solutions that work in the background and screen customers in real-time; any additional action for users may result in an increased propensity toward cart abandonment.

As fraud is in a constant state of change, we observe new trends and tools. The market tries to respond to these trends, usually by creating new rules. Unfortunately, multiplying them leads to an inconsistency in the systems, which results in a very dangerous situation – an increasing number of false positives, in other words, blocking legitimate customers.

To address this issue, we propose using Machine Learning solutions, which can better estimate the risk of transaction without any friction for online shoppers. These solutions analyze over 5,000 attributes of user hardware, software, network intelligence, and last but not least, user behavior during the purchase process. The outcomes of said analysis let merchants better understand customers’ motives. Let’s use an example of online airline ticket sales, which uses a rule that automatically rejects people who purchase a ticket from a location that is over 1000 km from the departure airport. Rule-based systems

The system automatically rejects around 60% of the traffic (dark grey area), but highlights an inherent issue; a number of fraudsters in the accepted traffic, and some legitimate users in the rejected traffic. How will the situation look when we use Machine Learning to solve this challenge? Machine Learning Fraud Systems

The analysis will not only be based on distance, as the models will also investigate its correlation with the time to departure. Using advanced profiling tools, the solution will concurrently monitor additional user-specific attributes, i.e. if they use a VPN, try to fake their location, and how they use their keyboard and move their mouse. Why?

How fraudsters threaten online retailers

We observe many typical patterns and behaviours of fraudsters. They often buy tickets for flights with a very short time to departure, but the departure airport is quite distant from their physical location – they usually don’t use them but resell them on the Darknet. They try to misrepresent their true location (so the merchant’s system accepts the transaction), and use bots to fill the forms to purchase the ticket (automation to make their work more efficient). The bots however, behave differently than people, so a well-developed system can recognize it is a machine that “presses” the buttons, not a human. This scheme applies to all e-Commerce, not exclusive to the airline industry. For example, fraudsters seek out goods that can be shipped expediently, as they want the packages sent before the credit card owner reports the fraudulent transaction.

A proper Machine Learning solution can spot all these differences, nuances, unusual actions, patterns and correlations, and categorize website users into different risk buckets while they are going through the process of purchasing goods or services. Machine Learning can reveal even completely new or atypical fraud attempts. This solution is more proactive; securing business here-and-now, as opposed to relying on rules which are created long after the attacks, long after the damage has been done.

Are you interested in more information? Contact us at!


Financed by: