How new fraud travel trends emerge after the lockdown - interview with Sift

Before digging into the current state of affairs, how did things look for this sector in terms of fraud in the past 12 months? Have chargebacks, illegitimate refunds, loyalty fraud, or other ‘classic’ trends maintained?

As global travel bans quickly cleared the skies and the streets as COVID-19 rapidly spread worldwide, the travel industry saw a dramatic drop in transaction volume. Fraudsters typically gravitate towards industries and verticals that see high volume and high-velocity transactions, but we actually saw something interesting: fraudsters were attacking an already vulnerable industry that was being ravaged by the pandemic. In 2020, fraud rates for the Travel and Transportation industry were nearly 30% higher than they were in 2019, according to Sift global network. We actually built an entire page to monitor the effects of the pandemic on fraud across a number of industries.

Anecdotally, we also saw fraudsters increasingly targeting loyalty accounts. People stopped checking their frequent flyer mileage or the store value in their travel accounts. And when no one is paying attention, fraudsters can slink in and slink out undetected. If anything, I’d say the ‘classic’ trends increased during the last 12 months.

Although we can see a silver lining, many OTAs and airlines reduced their fraud teams and now they are running a skeleton crew. How can businesses deal with this issue?

If rehiring isn’t an option, I would encourage businesses to leverage automation – specifically machine learning (ML) – to tackle the return to normal. While it looks like we’re finally at a turning point with the virus and its effects on the travel industry, the pandemic taught us that we need to be prepared for rapidly changing market conditions and buyer behaviour. The only way to quickly adapt is to leverage machine learning. With an ML-first fraud prevention solution – ideally, one that utilizes a global data set – your fraud team can spot trends before they become pervasive and proactively prepare for fluctuations. Moreover, it is often more cost-effective than scaling out a fraud team.

In the current circumstances, health checks are and will be a standard practice at borders. This practice could also be monetized by fraudsters, so what are vax fraud types relevant in travel that the industry should be aware of?

We’re seeing the buying and selling of fraudulent vaccination cards everywhere, specifically on encrypted messaging platforms. As the COVID-19 vaccination began to ramp up earlier this year, and as businesses, as well as countries, began to require proof of vaccination, several groups on the messaging app Telegram started to sell fraudulent vax cards, which is, of course, illegal.

What’s even more frightening is that while the cards themselves may be forged, the information on them might be legitimate. We’ve seen ads on Telegram that claim to have cards that have verifiable information on them. This is likely due to the fact that many people posted selfies on social media while holding their vaccination cards. This is not a good idea.

What other loopholes and vulnerabilities could fraudsters exploit in this sector with regards to payments? Are there any new fraud trends to watch, especially this summer?

Gift cards topped the list of the fraudiest payment types in 2020. However, gift cards were also convenient gifts for legitimate customers to purchase for their friends and family when they were unable to visit them to celebrate birthdays and holidays in person. With travel returning this summer, merchants will need to differentiate between a brand new customer redeeming a gift card they legitimately received versus a fraudster who has seen success in using gift cards and has no plans to stop doing so. 

A similar challenge for merchants will come from mobile traffic. With customers now able to travel and make purchases on the go, merchants cannot rely as much on geolocation matches to make their fraud assessment. Instead, merchants must look at a variety of signals within a customer’s behaviour to take a more layered approach. For example, can the merchant see the velocity of a user’s geolocation changes and determine whether such changes are physically possible?

Considering all these new challenges, what can a business do to stay ahead of the game?

In regards to vaccination card fraud, that’s a tough one. If you spot these types of ads on messaging apps, you should absolutely report them. There’s no precedent for this type of fraud and therefore no known countermeasure that’s been proven to work. One tactic could be to leverage large amounts of data to crosscheck the information on vax cards against other data points connected to the cardholder, like checking whether the batch indicated on the card matches the geographic location where the person says they received the shot.

But for all other types of fraud, the merchant must focus on scaling their fraud operations to readjust to increasing volumes of user activity and transactions. What data can your team access that you aren’t already leveraging in your fraud prevention approach?