What is Payment Fraud? What are the Best Strategies to Protect Your Business?
Payment fraud is the broad umbrella term for things like clean fraud or account takeover. Essentially, anytime someone who uses your payment card or account information without permission is committing payment fraud. We’ll share some ways merchants can protect their business against this threat, but first, let’s take a closer look at payment fraud itself.
- Payment Fraud
Payment fraud refers to any criminal fraud tactic where the perpetrator conducts a financial transaction without a valid authorization to do so. The fraudster typically impersonates a legitimate user, then completes as many purchases as possible (often in quick succession) to acquire goods for resale.
[noun]peɪ • mənt • frɔd
As the definition implies, “payment fraud” can cover any type of false, illegal, or illegitimate payment transaction completed by a criminal. The perpetrator can engage in payment fraud for a variety of reasons, but the main underlying cause is financial gain. The fraudsters could make off with stolen funds, or with the merchandise they can flip later and convert to cash, depriving their victims of their property in the process.
While payment fraud doesn’t have to be conducted online, fraudsters tend to operate primarily in the eCommerce space. It’s easier to commit card-not-present fraud as compared to card-present fraud. An almost limitless number of opportunities are available for fraudsters, but as a merchant, it’s harder for you to verify customers. EMV chip technology might have been the force that pushed a lot of fraudsters into the CNP space, but they’ve really taken a liking to it in the years since.
Common Payment Fraud Tactics to Watch for
As we alluded to already, a wide variety of individual tactics fall under the umbrella of payment fraud. Some of the most common include:
Identity Theft
This occurs when a cybercriminal steals financial information from a consumer with the intent of impersonating that individual and conducting transactions in their name.
Account Takeover
Another tactic by which a fraudster impersonates a legitimate cardholder. Here, instead of using a stolen card, the criminal makes fraudulent payments using information from the cardholder’s account.
Like identity theft, involves stealing personal information. However, the fraudster uses pieces of data from multiple consumers to create a fake (or synthetic) persona, which can then be used to make purchases.
A fraudster uses stolen credit card data to make a purchase, then manipulates the transaction to bypass fraud detection devices. The name refers to the fact that the transaction appears “clean,” and will not be picked up by fraud filters or blacklists.
Wire Transfer Scam
Rather than target a cardholder, a criminal might target you by impersonating a trusted user and requesting goods or money in return for funds provided at a later date.
Business Email Compromise (BEC)
This hinges on a perpetrator impersonating a trusted email user, either by hacking or using a fake account. The fraudster can then use the deception to facilitate a payment.
Trouble Fighting Back Against Fraud?
Chargebacks911® can help. Give us a call and start recovering your hard-earned revenue today.
Hackers can obtain the data they need, including cardholder information, banking information, login credentials, etc., through a variety of channels. Phishing is a common tactic where the fraudster creates a dummy site or email designed to trick a user into handing over their information. The fraudster might also use malware to steal information from cardholders without their knowledge or purchase stolen information on the dark web.
Not All Fraud is Considered Payment Fraud
Payment fraud is a pervasive problem in the eCommerce space. However, you should keep in mind that not all fraud tactics you might encounter will qualify. Payment fraud is distinct from other eCommerce fraud threats, in that it doesn’t involve making a purchase with phony information. Tactics include:
This occurs when a customer files a chargeback without trying to obtain a refund from a merchant. An authorized cardholder disputes a legitimate charge, pushing the bank to force a refund under the pretense that the merchant made an error.
Family Fraud
This is a version of friendly fraud where the customer who submitted a payment is not the cardholder, but a close relative like a child or spouse.
If you engage in affiliate advertising, you operate under the assumption that your affiliates are honest. However, they may use deceptive tactics to collect unearned commissions and leave you holding the bill.
Customers are entitled to seek a refund if certain conditions apply. However, a cardholder may abuse the process to get a refund for reasons that are not allowed under the terms agreed to at the time of purchase.
Triangulation fraud occurs when a customer makes a genuine purchase on a third-party marketplace, but the seller fraudulently purchases the product from another merchant. The seller then leaves the merchant to face the resulting chargeback.
Payment Fraud |
Other Fraud |
| Identity Theft | Friendly Fraud |
| Account Takeover | Family Fraud |
| Synthetic Fraud | Affiliate Fraud |
| Clean Fraud | Return Fraud |
| Wire Transfer Scam | Triangulation Fraud |
| Business Email Compromise |
Again…this is merely a shortlist of potential fraud threats; plenty of other non-payment fraud tactics exist, allowing bad actors to separate you from your hard-earned cash.
Contrary to popular belief, these threat sources dwarf losses resulting from genuine payment fraud. One study found that 41% of merchants considered friendly fraud one of their fastest-growing threats in 2020, beating out payment fraud. And, by 2023, friendly fraud will account for roughly 61% of chargebacks issued against merchants.
Top 8 Tips to Stop Payment Fraud
The problem is, identifying chargeback triggers like friendly fraud relies on eliminating other legitimate chargeback triggers. You must rule out legitimate chargeback claims before you can address false ones. In other words, many fraud tactics can’t be identified without ruling out payment fraud first.
Here are eight simple tips to help prevent payment fraud and protect your business against loss:
Encourage Account Creation
You should encourage buyers to create an account before making a purchase. This will help prevent one-off, “run and gun” fraud attacks. Accounts should also require strong, unique passwords.
Use Multilayer Fraud Detection
Employing complimentary fraud detection tools like geolocation, velocity limits, address verification, and fraud blacklists can help you flag fraud cases and prevent loss.
Employ Fraud Scoring
Along with the fraud detection tools mentioned above, you should also make use of fraud scoring. This tool examines fraud indicators and generates a simple numeric score for automated, up-or-down decisioning.
Educate Yourself
You need to stay up-to-date on the latest payment fraud trends and new schemes. This will help you identify new and developing threats before they negatively impact your bottom line.
Use 3-D Secure
This technology (branded as Mastercard SecureCode and Verified by Visa) is an opt-in program that adds additional verification to the checkout process. Think of it as a PIN code for a card-not-present purchase.
Require Regular Password Changes
The longer a password goes unchanged, the more likely it is to be compromised. You should require customers to update their passwords regularly, and also verify account information to make sure nothing’s changed.
Maintain Compliance
Ensure that everyone in your organization is up-to-date with PCI-DSS compliance standards and knows how to handle sensitive data. This can help prevent bad actors from gaining access to an internal email account, for instance.
Seek Outside Expertise
There are some facets of fraud management that will be outside your wheelhouse. We strongly suggest seeking third-party support to manage more complex fraud challenges like friendly fraud and affiliate fraud.
50 Insider Tips to Preventing More Chargebacks
Download our FREE guide that outlines 50 step-by-step effective chargeback prevention techniques. Learn insider secrets that will reduce your risk of chargebacks, increase your profits and ensure your business's longevity.
Free DownloadIn Conclusion…
In this post, we explored how fraudsters manage to carry out payment fraud schemes, as well as some of the most common tactics they use. We also looked at fraud threats outside the realm of payment fraud, and some practical steps you can take to reduce your risk.
Have additional questions? Check the FAQ below, or get in touch with the experts at Chargebacks911 to see how you can help manage fraud, reduce chargebacks, and recover revenue.
FAQs
What is payment fraud?
Payment fraud refers to any criminal fraud tactic where the perpetrator conducts a financial transaction without a valid authorization to do so. The fraudster typically impersonates a legitimate user, then completes as many purchases as possible (often in quick succession) to acquire goods for resale.
Is payment fraud only an online threat?
Payment fraud doesn’t have to be conducted online. However, fraudsters tend to operate primarily in the online space, since it’s easier to commit card-not-present fraud as compared to card-present fraud.
How do you know if a payment is fraudulent?
First, you need to familiarize yourself with common tactics used to carry out payment fraud. Next, you can deploy a variety of fraud prevention tools and tactics designed to target each of these threats. You should also stay up-to-date with fraud prevention developments in the card-not-present space.
How is payment fraud most commonly detected?
This depends on the individual fraud tactic used. For example, address verification (AVS) can help stop clean fraud, but it may not work with account takeover if the cardholder’s billing and shipping information is already saved to the account. It’s critical for merchants to employ multiple different tools to get a more detailed impression of each purchase.
What factors determine whether a person will commit fraud?
According to the New York Office of the State Comptroller, four factors must be present for a person to commit fraud: opportunity, low risk of getting caught, rationalization in the fraudsters mind, and justification that results from the rationalization.
What are the most common forms of payment fraud?
Fraudsters can employ a number of different tactics to commit payment fraud in the card-not-present space. Identity theft, account takeover, synthetic fraud, clean fraud, wire transfer scams, and business email compromise are among the most common.