The pandemic has been an inflexion point for the online grocery market globally, boosting the number of online grocery buyers by 30%.
And while we’ve seen some levelling off with the easing of restrictions across Europe, it’s a trend that’s not going away. In the UK in 2021, nearly 50% of shoppers said that they would continue to buy their groceries online once the pandemic was over.
European retailers have been quick to capitalise on this appetite, starting to provide groceries, beverages, meal kits, and other products and services online. Europe has also seen an explosion in Quick Commerce (Q-commerce), feeding off the new work-from-home lifestyle and demand for instant delivery.
Q-commerce is a global phenomenon, with new players like Jiffy and Zapp, with their dark food warehouses, to traditional brands like Tesco partnering with Gorillas and Carrefour’s investment in Cajoo. Restaurant delivery businesses like Just Eat Takeway and Deliveroo are also partnering with grocers across Europe to deliver groceries as part of their service.
But it’s not just online grocers that are benefitting from this shift in consumer behaviour. Online shopping, home delivery and Q-commerce have also opened up a whole host of new money-making opportunities for online fraudsters.
Grocery accounts are more valuable than ever
Online groceries were often thought of as one of the most predictable ecommerce segments; loyal customers with recognisable buying patterns, typically at their home address, making it easier to spot suspicious activity.
Now, with more people feeling comfortable buying online, wanting to shop around for the best prices and quickest delivery slots, and open to trying out new digital services, there are more accounts being opened and behaviour is less predictable — which is where the fraud problem for these online grocery merchants accelerates.
In our recent Retail Ecommerce Fraud & Payments report, grocery merchants rated their top three fraud risks: online payment fraud (73%), account takeover or ATO (65%), and friendly fraud (58%).
The majority of online payment fraud is a result of stolen credit card details, gained by skimming or bought on the dark web and these bad actors have a number of techniques to obtain verifying information that can ‘legitimise’ their purchases from the retailer perspective. On the dark web, food account mentions have increased 230% since 2019, and login details are easy to buy at USD 1.50-USD 10 each.
Friendly fraud occurs when a customer makes a purchase with their own credit card, and then requests a chargeback instead of contacting the merchant for a refund. A version of friendly fraud rife in grocery deliveries is refund abuse, where contactless delivery relies on the honesty of customers to claim for items not received. Opportunistic customers are aware how hard it is to discredit their complaints and are quick to take advantage.
Account takeover (ATO) occurs when a fraudster infiltrates a genuine customer’s account and then makes unauthorised transactions. Interestingly, despite online grocers not seeing account takeover as the biggest threat to their business, of all the ecommerce sectors, they’ve seen the largest increase in ATO (+50%). This type of fraud is particularly problematic for retailers, as it often dupes them into thinking the activity is that of a legitimate customer. Once access is gained, attackers can make orders with saved card details, redeem loyalty points, or extract customer data to sell online.
Adding layers of defence
To address these challenges, grocery merchants are spending an increasing amount of time manually reviewing transactions. In a recent survey, over half of grocery merchants (55%) said they spend over 40% of their time on manual transaction reviews — more than any other sector, due to selling high-risk and restricted products like alcohol and tobacco.
While this creates added pressure for merchants, they can’t afford to let fraud detection take a back seat in favour of moving quickly.
In order to combat fraud effectively, the grocery sector needs to consider introducing a combination of machine learning and customer behaviour analysis to provide a robust layer of defence.
As a subset of AI, machine learning has the ability to create fast, flexible models for specific tasks such as fraud detection. Going further, using more advanced deep learning techniques, more bespoke models can be created. These models base predictions on fraud signals focused on an organisation’s customer base alone, preventing the model being swayed by patterns in unrelated industries for more precise decisions and better performance.
Now is the time for grocery merchants to take greater control and gain clearer customer insights to fight the increased risk of fraud attacks.
About Mairtin O'Riada
Mairtin is the CIO at Ravelin, which provides fraud protection for online businesses. The ‘I’ in CIO stands for ‘Intelligence’, and Mairtin runs the Data Science and Investigations team in Ravelin, responsible for the machine learning and graph network models at the heart of Ravelin’s detection engine. He was previously the Head of Fraud at the taxi app Hailo, where he honed his fraudster frustrating skills. He is an internationally experienced intelligence analyst, with stints in Scotland Yard, the United Nations and elsewhere.
About Ravelin
Ravelin provides technology and support to help online businesses prevent evolving fraud threats and accept payments with confidence. Combining machine learning and graph network visualisation, Ravelin helps businesses draw deeper insights from their customer data to detect fraud, account takeover, and promotion abuse, and increase payment acceptance.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now