Technology advances have helped organisations evolve and improve many processes and streamline operations but they have also brought the challenge of dealing with more digital crimes, such as fraud, money laundering, or identity theft. Research shows that organisations have lost an average of USD 4.5 million per year due to online fraudulent transactions. With such numbers, it is easy to overlook the matter of merchant fraud; however, it is one of the most common reasons for money losses, especially for payment service providers, payment facilitators, and merchant acquirers, and has historically been hard to detect and prevent.
What is merchant-initiated fraud and how does it differ from other types of fraud?
Most fraudulent actions we know are related to individual attempts to falsely represent or deceive another consumer. Merchant-initiated fraud, as the name says, refers to a situation where the merchant is the bad actor who initiates deception of individuals or businesses to commit payment fraud or money laundering.
Merchant-initiated fraud can be hard to identify, especially depending on the complexity of the payment ecosystem. Because of that, merchant-initiated fraud exposes acquirers and other payment organisations that take on the liability of the merchant to large losses that can occur from the risk of excessive chargebacks, fines, and reputational damage.
Losses can be significant, as an estimated 200 million dollar scam involving complicit merchants bear witness. In February 2013, the New Jersey district of the US Department of Justice charged eighteen people in a scam involving the creation of thousands of false identities and card accounts – cards that subsequently were used at complicit jewellery merchants, where the proceeds were shared between the perpetrators.
Fraud of the above magnitude sometimes becomes public knowledge through filings or press releases whereas other, less significant, but still sizeable, scams remain publicly unknown. For reasons of image protection, ongoing proceedings, or hope of recovery, acquirers may choose to report losses to charge-off, delinquency, or credit-loss accounts rather than to a fraud-loss account. That is why it is essential to have the right tools and partners to improve the onboarding process of merchants and assure the integrity of the operation.
Common types of merchant-initiated fraud
Bust out fraud
This type of fraud usually involves establishing a front business organisation to open merchant accounts and process as many fraudulent transactions as possible in a very short window of time and then withdraw the funds and disappear.
Fraudsters are careful in their operation to avoid triggering alerts during the onboarding process of those false accounts. They convince banks by providing false social security numbers, addresses, and other information that could be double-checked with more accurate onboarding processes.
One trend that has increased during the pandemic is the occurrence of bust out fraud happening months or years after the merchant started processing with the merchant acquirer. This can indicate that a legitimate merchant has been bought or coerced by a bad actor who then leverages its reputable trading history to hide fraudulent transactions for as long as possible. Unless merchant acquirers are continuously monitoring their portfolios for merchant-initiated fraud they can be exposed to large losses from this growing trend.
Identity swap
Identity swap, another common merchant fraud type, refers to occurances when merchants use a false or stolen ID to set up a new business to secure a merchant account, and bypass anti-money laundering (AML) rules in places such as sanctioned countries or on watch list locations where they usually are prohibited from opening accounts with major acquire, for example.
Transaction laundering (factoring)
Transaction laundering (factoring) happens when a merchant processes unknown transactions illegitimately for a different business entity. The high number of micro-merchants and instant onboarding processes are factors that contribute to the difficulty in monitoring those types of merchants and fraudulent activities with basic rules.
Reducing merchant-initiated fraud with artificial intelligence
To fight merchant-initiated fraud, it is essential to have an advanced solution that can cover the complete range of points of vulnerability that fraudsters can attack. There are different ways in which financial institutions can reduce fraudulent actions and improve their operations. By far the most cutting-edge technologies today use artificial intelligence coupled with machine learning. This tech allows financial institutions to detect and separate fraudulent merchant behaviour from the expected legitimate merchant behaviour.
As companies become more digitised and gather ever more data, it allows for the use of cutting edge technologies including AI to automate certain risk assessment workflows and machine learning to detect and adjust to emergent fraud trends. When combined with stream processing and powerful cloud computing technologies, these tools have become some of the most efficient to fight fraud, helping fraud investigation teams handle higher caseloads per worker and focus on the most important investigations.
Artificial intelligence is also a valued tool during the onboarding process of merchants to prevent identity swaps and other merchant fraud activities at a very early stage of the operation. AI and ML techniques allow organisations to verify the identity of the merchant and a series of ID documents during the onboarding. Banks can also use AI to create automated Know Your Customer (KYC) processes and check their identities within seconds. Above all, businesses must be aware of the issue and the importance of fighting fraud actions with the proper and most suitable tools, recognising the risks they face when being exposed to those kinds of activities. The more advanced technology becomes, the more sophisticated criminal entities emerge.
That is why payment service providers, payment facilitators, and merchant acquiring banks must take the time to consider cutting-edge tools and systems to fight merchant-initiated fraud and minimise their enterprise risk. The right partners can help reduce merchant-initiated fraud and improve the onboarding process for merchants to guarantee the accuracy of the information and the security of operations, enabling faster and safer growth of merchant portfolios.
About João Moura
João Moura is the CEO of Fraudio, having vast experience across industries from telcos to cybersecurity and payments. His expertise in AI was acquired during his PhD studies and cemented over 15 years of using AI in products. Currently he is completing his MBA.
About Ricardo Costa
Ricardo Costa, LOQR’s CEO is an experienced cybersecurity international project leader within the Financial, Payment Systems, Digital Certification and Electronic Identity fields. He is a researcher and has a PhD in Computer Science (Artificial Intelligence).
About Fraudio
Fraudio is a leading payment fraud and money laundering detection company founded by online payment and AI experts in 2019. Its mission is to connect all companies in the payments ecosystem to a powerful centralised AI that detects and prevents fraud in real-time, creating unrivalled value. Fraudio leverages the latest in technology and data science innovations to create highly scalable cloud-native API solutions. It is trusted to protect and enable the safe scaling of some of the fastest-growing payment companies in the world, such as Viva Wallet, SaltPay, Paymentology, Tutuka, Switch, Payabl, ePayco, Bold, Culqi, and PagueloFacil. Learn more: www.fraudio.com
About LOQR
LOQR is a key enabler of financial institutions within their digital path, providing turnkey journeys-as-a-service through a journey builder platform. LOQR is an expert on AI and compliance, with the mission of helping clients to empower their customers' digital lives through certified journeys such as remote account opening, customer data update, real-time consumer credit, and other value-added services that are regulatory compliant and delivered within an end-to-end platform. Learn more: www.loqr.io
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now