By Monica Eaton-Cardone, Chargebacks911
It’s not hyperbole to say the 2010s transformed how we conduct business online.
Let’s look back at the beginning of the last decade. We see many of the technologies and practices that would define eCommerce a few years later—BOPU.S. (buy online, pick up in-store), IoT technology, augmented reality, etc.—barely existed in 2010. It’s been a wild ride already, but if one trait defines the digital market, it would be the tendency toward rapid, disruptive change.
Disruption in the market is a good thing; it creates space for innovation and, ultimately, better services. That said, bad actors are always keen to identify new opportunities to abuse people. Any time a new technology or strategy enters the market, fraudsters immediately get to work finding ways to manipulate it.
Consider open banking; greater interoperability between banks and third-party services means more data moving through a larger ecosystem. And, like sharks that sniff blood in the water, it’s already attracting fraudsters. We’re going to see even more momentum in this direction with the new decade, and we need to be ready for it. With that in mind, let’s look at five of the biggest digital threats confronting businesses in the new decade, and how you can rise to the challenge.
Threat #1: BOPUS Fraud
BOPUS is quickly becoming the main channel for customers to make purchases. Take grocery shopping, for instance; buyers love the convenience of being able to fill their cart, then swing by the store on their way home and pick up their purchases at the curbside. The same goes for other verticals like food and beverage, and even electronics. It becomes a problem, though, when many locations require no form of ID or payment card at the time of pickup.
In many cases, the buyer can simply flash a purchase confirmation, then pick up their items. This can lead to problems like account takeover fraud, in which a criminal impersonates a valid user, and makes purchases in that person’s name. Seemingly-legitimate buyers may even engage in friendly fraud, claiming that they never submitted the order in question. It’s no wonder restaurant industry chargebacks grew exponentially between 2013 and 2018.
We need improved customer verification and confirmation built into these platforms. For instance, an app could ask the buyer to provide a biometric signature at the time of pickup to authenticate the order. BOPU.S. can be a highly popular and profitable business model, but without basic methods of verifying customers, merchants will lose more and more each year.
Threat #2: Loyalty Program Abuse
Loyalty programs give users an incentive to buy using rewards that accrue with time, and consumers generally view these rewards as being equivalent to cash. They love these programs, especially when integrated into other brand assets, as brands like Dunkin’ have done.
The problem comes when hackers access users’ accounts and steal their loyalty rewards (like airline miles or hotel points). As mentioned, consumers view these points as being largely equivalent to cash, so they don’t take kindly to this kind of abuse. This is despite most platforms having lower security standards for loyalty points than they would for actual payment methods.
Platforms through which users can access points require stricter standards for login credentials. Businesses should require customers to update their passwords at least semiannually, using a combination of letters, numbers, and special characters. CAPTCHA puzzles could help deter some botnet activity, as could temporarily locking customers’ accounts after repeated failed login attempts.
Threat #3: The “Concierge Mentality”
We’ve unintentionally trained consumers to expect an ever-increasing standard of ease and convenience. However, that expectation never came with any additional responsibility. As a result, cardholders came to view card issuers as being more like concierge services than banks.
Issuers cater to consumer demands for chargebacks, often obliging for the sake of preserving a good relationship with customers, enabling friendly fraud in the process. And, if the concierge mentality remains, the situation is likely to get worse in the new decade.
IT professionals have limited resources to contend with this problem, as friendly fraud is a post-transactional problem. The best solution is to develop processes for accurate and detailed recordkeeping, allowing for fast response in the event of a dispute. This should include integrating with Visa Resolve Online using the Visa Merchant Purchase Inquiry plugin.
Threat #4: Airline Refund Fraud
The travel industry is a highly-integrated vertical; a single trip could involve multiple merchants including carriers, OTAs, hotels, and more. As a result, managing fraud in this environment is a complex and roundabout process. That’s a problem on its own, but high-profile incidents like the collapse of Thomas Cook, a major brand in the industry, further complicate matters.
Consumers have a right to recover their funds if they experience issues. That said, buyers are developing a tendency to “double-dip”; recovering their money through insurance bonds or merchants like Expedia or Orbitz, then requesting a chargeback on top of that. This has a compounding effect, increasing perceived risk in the travel space; it’s a self-fulfilling prophecy.
Customers are subverting the rules, and that’s another problem we can only address through better records. Especially given the limited time frames and complexity of travel industry disputes, rapid recall will be more important than ever in the coming decade.
Threat #5: Recurring Billing Losses
Subscriptions are incredibly popular with consumers and merchants alike. For the former, it means access to goods or services on an ongoing basis without the need for active involvement. For the latter, it’s a reliable source of regular revenue.
That “set it and forget it” mentality causes problems, though. A consumer might forget to cancel a subscription, then file a chargeback later. Alternately, that individual could get tired of a service, and decide that disputing the transaction is easier than canceling. Either way, the result is often a significant loss of both future and past revenue.
Tools like Visa Account Updater can help protect some transactions, but the best solution is to make the inquiry and cancelation processes as simple and straightforward as possible. Obviously, you don’t want to lose buyers, but it’s far better than a chargeback. Thus, you want to give customers the impression that canceling their service through the proper channels will be faster and easier than doing so through a chargeback.
About The Author
Monica Eaton-Cardone is an international entrepreneur, speaker, author, and fintech thought leader. She has extensive experience developing agile technologies and products, optimizing eCommerce profitability, analyzing risk relativity, and creating payment processing solutions. She developed Chargeback911's robust chargeback-mitigation solution, which combines human insights with agile technology, which is now used by thousands of companies worldwide. Eaton-Cardone was instrumental in cofounding a number of successful companies, including Chargebacks911, eConsumerServices, and Global Risk Technologies.