Tackling fraud challenges in ecommerce

Patrick Finnigan of Dunkin’ Brands shares best practices on how ecommerce businesses can meet their fraud challenges while increasing their revenue, expand digital enablement, and drive customer loyalty

With the surge of online and mobile purchases, fraudsters have also seized the opportunity to explore any vulnerability or loophole in the ecommerce space, causing merchants to wisely rethink their strategies so they can ensure a secure and convenient customer experience. At the same time, solution providers are pushed to further innovate their services and technologies to keep fraudsters at bay and help their merchants boost their revenue and protect profits. In a high growth environment like the ecommerce space, several particular challenges remain top of mind so that businesses can increase revenue, expand digital enablement, and drive customer loyalty. 

Omnichannel success depends upon a multi-layered fraud mitigation strategy 

While some businesses had already offered a variety of channels for customers to interact and engage with them, the onset of the pandemic in early 2020 forced many merchants to accelerate their omnichannel and digital plans. While this opened up new streams of revenue, it also produced a host of new and previously unseen points of fraud exposure that merchants needed to protect against. As such, it is increasingly clear that merchants need to guard against fraud along the entire customer journey – not just at the time of financial transaction. This means putting protective measures in place at account creation, login, add a credit card, loyalty programme sign-up etc. Those newer to omnichannel and digital commerce struggle with these types of issues as they have not planned for and invested in fraud solutions designed specifically for the risks associated with the mobile channel and digital transactions. As merchants come to understand that it is imperative to open these channels in order to generate revenue in the current landscape, they should understand the importance of protecting profits with a multi-layered fraud mitigation strategy. Successful digital transformation requires balancing three critical areas: user experience, fraud mitigation, and revenue generation or business goals. The extent to which IT/cybersecurity, fraud teams, and digital/mobile teams are integrated and talking to each other is critical to an organisation’s ability to fight fraud, protect the digital customer journey, and protect revenue. A layered approach to fraud mitigation protects profits, your customer’s data, and the reputation of your brands. 

Gift cards are very appealing to both consumers and fraudsters alike 

Gift cards are an attractive target for fraudsters for a variety of reasons. First off, they are very easily monetised. Gift cards can be bought and sold on many third-party websites, in both digital and physical form, making it very easy for fraudsters to monetise their ill-gotten gains. Digital gift cards, in particular, can be easily obtained by fraudsters who purchase them using stolen credit cards. This is probably the most widespread form of gift card fraud.

The cards are hard to trace and are not subject to the same scrutiny as debit or credit cards, therefore making them attractive to potential buyers. Fraudsters can also tamper with physical gift cards on display at the point-of-sale by merchants by either copying gift card numbers, bar codes, or QR codes, and then waiting for the cards to be activated by legitimate buyers. Once activated, the fraudster can drain the balance of the card in CNP transactions online. Merchants that sell gift cards via mobile, web, and point-of-sale need to ensure appropriate safeguards are in place to protect both consumers and merchants alike. 

Fraud detection in real time may be difficult with sparse or unlabelled data 

Device data collection via an SDK is critical to assisting with fraud mitigation. Collecting device data in real time that can be used to analyse characteristics of the persona conducting the transaction is very important when there is little data input to analyse, as is the case in guest checkout type transactions for instance. Collecting and analysing data points and information gleaned at the time of transaction will enable your fraud tool to make better decisions based upon information related to the device, user, and transaction. For instance, if you can tell that a device is 2000 miles away from the credit card billing address, you may subject the transaction to a different level of scrutiny. Machine learning, AI capabilities, and large amounts of consortium data from other merchants are also helpful when the transactions themselves have little or unlabelled data. 

Choosing the right fraud prevention solution provider 

Choosing a fraud solution provider can be a daunting task. There are many criteria to consider when vetting fraud management vendors and it is important to first understand exactly what your own business needs are before looking at potential solutions. Of the many important criteria to consider, some stand out more than others. Cost is, of course, top of mind for all, as you need a solution that makes sense from an ROI perspective. You also will want a tool that can detect a wide range of fraud through a combination of machine learning, AI, and an advanced rule engine. The system should not solely rely on rules, as fraud attacks are increasingly more complex and sophisticated. Ease, time, and cost of integration is also a factor to consider, as this may impact your ability to get the tool up and running effectively. Flexibility or ability to work with multiple channels (mobile/web etc.) is also a critical component. Finally, you must be sure to leverage references from merchants both within your vertical as well as from other sectors, as they can provide you with valuable information regarding the tool’s capabilities, shortcomings, and other lessons learned from integration to day-to-day performance.

This editorial was published in the Fraud Prevention in Ecommerce Report 2020/2021, the go-to source in securing transactions while offering a frictionless customer journey.

About Patrick Finnigan

Patrick Finnigan is the Director of Loss Prevention Analytics and Fraud at Dunkin’ Brands. Supporting two iconic brands, Patrick leads the Loss Prevention Analytics, Digital Fraud Prevention, and Corporate Fraud functions in support of over 21,000 locations in over 60 countries. Prior to his role with Dunkin’ Brands, Patrick was a Medicare Fraud Investigator and has a combined 20 years of experience in fraud, loss prevention, and data analytics. Patrick is known for developing innovative and measurable programmes and initiatives that support franchisee and brand profitability through the integration of fraud tools & technologies, data analytics, and a holistic approach to fraud prevention.

About Dunkin’ Brands

With more than 21,000 points of distribution in more than 60 countries, Dunkin’ Brands is one of the world’s leading franchisors of quick service restaurants (QSRs) serving hot and cold coffee and baked goods, as well as hard serve ice cream. Dunkin’ Brands is the parent company of two of the world’s most recognised and beloved brands: Dunkin’, America’s favourite all-day, everyday stop for coffee and baked goods, and Baskin-Robbins, the world’s largest chain of ice cream specialty shops.