Payments and transaction fraud: What you need to know

It’s a whole new era in payments fraud, and criminals are stepping up their games.

For years, fraudsters sifted through the dark web and other shady domains to get their hands on what seemed to be a holy grail: compromised credit card numbers. But these days, compromised cards may be the least of a merchant’s worries.

What’s scarier, for both consumers and companies trying to sell to them, is that more critical, personal information – social security numbers or your mother’s maiden name, for example – could live on the internet in places where criminals can find it.

“If your social security number is out there, it’s not like you can replace it,” says Attila Dogan, a fraud expert and Head of RevenueProtect at Adyen. “A criminal could take the number, apply in your name, and ruin your credit score or your relationship with banks. This form of identity theft is very painful.”

Adyen's Head of RevenueProtect Attila Dogan.

For companies, new flavours of fraud have become bigger headaches, as the plots to steal money become more elaborate and the tools used more technologically sophisticated. Online marketplaces and other ecommerce sites are increasingly popular. But they can be particularly rife with scams, as both buyers and sellers are susceptible to fraudulent practices.

Below, a few of the latest types of fraud and tips for merchants on fraud prevention.

Account takeovers
As consumers buy more and more on the internet, criminals have learned that too many shoppers use the same login and password in every part of their life. Is your email password the same as your bank account password and the same for all your shopping sites? Look out. Thieves know that once they get one login and password combo, they can try those same details on many platforms until they strike pay dirt. 

Card testing
This is not a new type of fraud, but it has lately gotten a technological twist. The basic premise behind card testing: criminals obtain large batches of compromised credit cards on darknets that they need to validate before they commit crimes (stealing goods and services they plan to sell at a profit later). To speed up this process, fraudsters increasingly rely on automated tools that send trustworthy-looking orders in small amounts to unsuspecting merchants. The massive scale of these attempts sometimes resembles distributed denial of service attacks (DDoS) that cause real harm to the businesses in question, driving up costs and harming their payment conversions.

Refund fraud 
Refund fraud happens on the customer end of an order placed over the internet. This is also called “friendly fraud” or “buyer liars.” All a customer has to do is claim they didn’t receive a package or product, and the business is likely to eat the cost. A customer may also claim that a product was damaged in some way and demand a refund, another loss for the business. To be sure, a handful of such losses is expected for any business. But at scale, thousands of fraudulent refunds can cost online marketplaces millions of pounds.

Collusion
Money laundering – a very old type of fraud indeed – gets a new life in today’s online marketplaces. When the buyer and seller of an item or service are indeed the same person or work together, traditional KYC (Know Your Customer) processes might find this hard to detect. Given money laundering is often tied to the drug trade and financing terrorism, legislators do hold all actors accountable and criminals target a vast number of different international businesses.

To be sure, not all fraud is preventable. But choosing the right payments partner can help you cut down on risk. Adyen’s unique fraud prevention tools take a data-driven approach to fraud detection, reducing manual work and helping you gain full visibility into your payment transactions.

Learn more about Adyen’s fraud prevention systemhere.