Transaction fraud detection to beat digital payments fraud

We're all familiar with The Wheel of Death. A glamorous assistant is spun around a wheel, while a thrower sends knives hurtling towards them. The aim: To hit the wheel, not the assistant. If the thrower gets the rhythm wrong, disaster. If they get it right, nobody gets hurt. It's a highly calculated set-up, utilising finely honed skills.

It's a lot like fraud and risk in the payments world. We have an assistant (genuine transactions), a spinning wheel (fraudulent transactions and attacks), and a highly-skilled thrower (Adyen).

In this blog we’ll look at the different types of digital payments fraud, and some of our technology that prevents fraud and keeps authorisation rates high for you and your customers.

As the saying goes: The more locks you put on your door, the higher the chance thieves will come through your window. Although technology is evolving, fraud is getting increasingly more intelligent. It’s forever adapting, and requires constant vigilance.In fact, a report on 'The changing face of fraud', PaymentsSource revealed that 41% of survey respondents felt just as, or more vulnerable to fraud than they did 12 months ago. And what companies fear most from fraud is no longer just financial loss, but customer attrition and reputational damage. Today’s fraud is aggressive, it’s pervasive, and it’s no longer simple.

What is it?

• Card testing is when stolen cards are ‘tested’ to check if they’re active, usually before a fraudster sells the details on the dark web. Active cards are sold for a much higher price than those that go untested.

• A common way fraudsters can see if a card is active is by signing up for a service (usually subscription-based with the first month free) and entering the card details. The subscription business then performs a zero amount transaction before charging the actual amount.

Tactics to beat it:

• Apply behavioural analytics technology to identify fraudulent checkout attempts.

• Know your shoppers’ behavior and use velocity risk checks as well as other business rules to ensure you’re blocking the correct scenarios.

• Check time frames of orders as card testers involving bots/scripts are on the rise and can be identified by spotting many transactions within a small time frame.

What is it?

• Friendly fraud is when a shopper purchases goods on an ecommerce website and then follows up with an initiation of a chargeback, despite having already received the goods.

Tactics to beat it:

• Make sure your risk system can identify patterns that identify serial friendly fraudsters. This could be those who have initiated multiple service-related disputes across a few different cards and identities.

• Use blocked lists - at Adyen we call these 'referral lists', to make sure those bad shoppers don't return.

What is it?

• Using a combination of phishing and identity theft tactics, fraudsters now go to great lengths to create websites that look just like a legitimate brand site to steal the credentials of unsuspecting shoppers for future attacks.

• Account takeovers also happen on websites where shoppers already have an account with saved payment details.

Tactics to beat it:

• Use a flexible risk system that allows additional risk fields provided by merchants. With additional data such as account creation date our ShopperDNA is able to leverage more accurate shopper profiles to distinguish between a genuine shopper account or an ATO.

• Use timeline visualisation to understand the normal behaviour of genuine shoppers and how they differ after account takeovers have taken place.

What is it?

• A three-party fraud attack on an unsuspecting shopper. Triangulation involves a fraudster, an unsuspecting shopper, and an ecommerce store. The shopper pays for goods through a fake online storefront and the fraudster takes the details, dropships the goods, and sends a chargeback to the legitimate seller. To add insult to injury, the fraudster often sells the card details on the dark web once they're done.

Tactics to beat it:

• Our extensive block and trust listing capabilities allow merchants to block associated attributes associated with suspected triangulation fraud, including shopper specific attributes and shipping possibilities.

What is it?

• Today there is such a thing as a professional refunder. They make money by setting up websites that offer individuals refund services. They are contracted by legitimate shoppers, subsequently contacting merchants pretending to be the buyer and by falsely declaring “fraud” on their behalf, or by using loopholes around returns policies for lost or damaged goods.

• Refund fraud is becoming increasingly common and can be very difficult to detect.

Tactics to beat it:

• Make sure your risk system has Unified Commerce capabilities so you can fully understand the lifecycle of a shopper and view past orders to identify possible refund fraud.

• Using a combination of unique attributes, you can leverage custom risk rules to mitigate such scenarios and identify unique shoppers misusing those details.

Learn more about Unified Commerce here.

What is it?

• There are several different types of gift card fraud. This type of fraud is common because the cards are hard to trace and aren’t as heavily regulated as debit or credit cards.

• One example of gift card fraud is when a fraudster uses stolen payment details to buy a product online, then returns the goods for a refund on the gift card.

Tactics to beat it:

• Adding contextual data can help build a much stronger defense against gift card fraud.

• Using a combination of custom risk checks and block lists based on this data can help spot these types of transactions.

• Identify misuse of Gift Cards by using our custom risk rules and specified indicators to mitigate such events.

When you put these types of fraud together, it sounds pretty scary, but the good news is, we’re fighting back.

RevenueProtect is our unique risk management product with a range of tools to tackle fraud. We use a global, cross-industry network of data to accurately make the best risk decisions, stay on top of the latest trends, and fight fraud effectively.

Learn more about RevenueProtect here.

In isolation, a payment is just a bunch of numbers; an amount, a card number and security code. So with this limited information, it can be difficult to determine what’s suspected fraud, what’s definitely fraudulent, or even what’s a legitimate request. It’s only when zooming out to look at a payment's wider attributes that we can start to add context to a payment.

So what kind of strong attributes will give us greater context? Two key examples are a card number and email address, as these are both unique to one user and thus easy to verify.

A weaker attribute would be something like an IP address. An IP address can be manipulated through a VPN, or be shared with many people in the case of a library, university, or public WiFi network. It can still be useful, but will need to be supported by additional insights.

To create a steadfast context, we take hundreds of attributes, alongside other parameters and link them together across a certain period. In doing this we stop looking solely at a payment in numerical terms, and instead look at patterns, behaviours, and at the shopper themself. We can then spot trends, identify returning customers, and get a headstart when anticipating as well as stopping fraud.

Since there are several different types of fraud, it makes sense that you’ll need several different tools to catch it. A layered approach using a collection of cutting-edge tools can help you form a strong defense, but you need to be able to ‘trust’ all your tools with the risk of false or incorrect rejections.

ShopperDNA is an intuitive fraud tool belonging to our wider RevenueProtect setup. It provides more context to the risk environment, allowing us to spot anomalies fast, and make better decisions. It works by linking attributes in real-time to identify the profile of a shopper even as they change device, network, or identity. This means we can automate the identification of fraudsters instantly while allowing genuine shoppers through.

Beyond adding context, not every situation is equal. A convoluted way of saying it is this: different circumstances mean different things to different people at different times. Because of this, it's important to be able to explain why certain risk decisions are made.

Our fraud and risk products take the principles of decision theory and apply them to help explain risk decisions. Decision theory is the mathematical study of decision-making, of conflict and strategy in different situations. In the context of payments and risk, it can be about finding the right solution when it comes to fighting fraud.

Our approach to decision making follows the ‘coalition’ method, which investigates how a group of players should fairly distribute reward or loss. It can be applied to payments by labelling various attributes as the input and analysing the payment authorisation output as the reward or loss. Using a set of advanced algorithms, we can see how much each player or feature has contributed to each unique situation.

Think of it in these terms:

You’re visiting Japan, and you decide against your better judgement, that you really want to experience eating blowfish; it’s considered a real delicacy, but is dangerous due to the fish’s naturally occuring toxins. It has to be prepared in a very precise way to mitigate the risk. Are you game?

You have a choice of two chefs. One is older, looks experienced, and chops food with flare and confidence. The other seems meeker; younger, and moves slowly and quietly. You as the diner have a preconceived bias on who you’d like to prepare your blowfish, but you’re basing this off assumptions and not statistics.

It turns out that the younger chef is schooled at Japan’s leading culinary school, it’s his father’s restaurant, and he has been working in the kitchen since he was a teenager. The older chef is in his first month in the job, he has little experience with blowfish and his speciality is Italian food.

It’s  perception taken out of context; and context is everything in this game. Update your prior beliefs accordingly, or risk missing out on genuine transactions (or a decent meal).

Whether it’s Wheels of Death or ecommerce fraud, stressful situations come in different shapes and sizes. What they have in common is skill and preparation; the better prepared you are and the faster you can react, the less risk you face. This is certainly how we look at things as a company, and it’s no different in the way we continuously develop our fraud tooling.