How to Spot High-Risk Customers in Seconds

In the online world, having more customers is always better.

Or is it? Here’s our guide on spotting high-risk users before they can damage your business in the long run.

What Are High-Risk Customers?

High-risk customers are those who could potentially turn into a threat to your company. In the online world, that threat is often related to cybersecurity, fraud, or compliance issues. 

Because risk takes on many forms depending on your industry, a risky user could be one who is likely to:

• take over another user’s account
• use a stolen credit card
• steal company information
• attempt to launder money
• borrow money with the intention of defaulting
• sign up with stolen IDs

The key, of course, is for companies to have a clear idea of where risk lies within their vertical, for instance by going through a fraud risk assessment checklist or other RiskOps strategies. 

Why Is It Important to Spot High-Risk Customers?

Spotting high-risk users is paramount to operating a safe, successful online business. It may even be considered a form of customer segmentation.

Here are four key reasons to identify them:

1. Reduce fraud: High-risk users may perform illegal activities relating to fraud such as account takeovers, fake ID theft, chargeback fraud, and return fraud.
   
2. Boost compliance: In some cases, high-risk users are a legal issue. For instance, in the world of banking, it’s your duty to spot potential bad actors due to AML and KYC verification regulations.
   
3. Maintain high cybersecurity standards: Risky users can pose an IT security threat. They could inject your website with malware, attempt to steal company data, or generally wreak havoc on your technical setup.
   
4. Ensure community safety: Risky users can sometimes affect how good customers enjoy your product or services. Nowhere is this more apparent than with a community website, where abusing or offensive users can be considered a high risk to the environment you are trying to foster.

Ensuring your business covers all these areas will ultimately help you boost revenue, operate safely, and remove potential threats that could harm your growth. 

3 Types of High-Risk Customers and How to Spot Them

Let’s look at some common types of high-risk customers you might face, when to look out for them, and how to prevent them from harming your business. 

Stolen Credit Card Customers

First on our list are users who are going to purchase a product or service from you using stolen credit card credentials. 

This is bad news for a number of reasons, especially when the original cardholder requests a chargeback:

• You have to refund the price to the original card
• You lose an item
• Your business reputation suffers
• You pay admin and extra processing fees
• Your chargeback rate with the bank increases

The last point can be particularly damaging. Card operators (Visa, Mastercard, AmEx) might consider your business high-risk, which would increase your card processing fee. In fact, they even ban from their network businesses that incur too many chargebacks.

Where to Spot Stolen Credit Card Customers

For most businesses, fraudsters with stolen credit cards are most obvious at the checkout stage.

You need to have information about the user, and more importantly, their payment method. However, for companies that require a credit card to sign up, this is also a good touchpoint to check the payment details.

How to Spot Stolen Credit Card Customers

To spot a suspicious payment, you need to compare the card data with the user data. This will help to highlight suspicious discrepancies, such as:

• The user’s IP points to one country, but the card points to another.
• They are using a prepaid card from a foreign company.
• The email address points to social media sites where the name is different from the card. 
• Multiple cards have been declined for the same user.

A lot of the heavy lifting can be done thanks to a BIN lookup. This will help you extract valuable information from the first few digits of the card number alone. You can try out SEON’s card BIN lookup below:

Money Laundering Customers

A specific case in the world of finance, money laundering is a punishable crime for the perpetrator, but may also result in hefty compliance fines for the institution that enabled it. AML processes are standardized to help spot high-risk users who may be attempting to conduct such financial crimes.  

Where to Spot Money Laundering Users

This would be at the registration stage, and later at the transaction stage, where you can enable transaction monitoring.

How to Spot Money Laundering Users

Here is an example of using software to identify risky users, setting up controls to flag people operating in sanctioned countries. In this case, SEON’s engine will flag all users from high-risk countries as defined by the operator.

In the example above, we are creating a list that includes Pakistan, Burkina Faso, and Yemen, to ensure we meet regulations regarding customers in these countries. 

Then, if an IP address points to one of these countries, we can consider this user high-risk for our business. Of course, this does not necessarily mean they are a fraudster or criminal.

However, scrutinizing their actions and assessing whether there are additional red flags can make all the difference in stopping this type of financial crime.

Multi-Accounting Customers

Multi-accounting users – fraudsters who sign up for a service multiple times under different names – are a huge problem in several industries.

They mess with your analytics. They abuse your marketing promos via referral fraud. Plus, they tend to not be trustworthy individuals, who could be working for sophisticated fraud rings. 

This is why identifying them as high-risk users as soon as possible is paramount to operating safely online. 

Where to Spot Multi-Accounting Users

This would be at the registration stage, when you can get access to data such as their IP address, email address, and phone number. More importantly, the device they use to connect to your site can highlight similarities between ostensibly separate accounts. 

How to Spot Multi-Accounting Users

Here again, collecting as much data as possible will take you a long way down the road towards security. What’s particularly important is to pay attention to the device data, including:

• Device hash: data points such as screen size or operating system
• Cookie hash: data relating to the browser cookies
• Browser hash: data relating to the browser developer, build version, and other data points in the browser itself

High-risk users who sign up multiple times will attempt to make it look like they are doing so from different configurations of software and hardware. But you can still pick up on suspicious data, as shown in the demo below:

Key Takeaways

How you define a high-risk user might depend on your industry and business model, but the idea is always the same: Fail to flag them early, and there could be a negative impact on your entire company.

In the online world, identifying high-risk customers always starts with better data. This goes beyond the identifying info they present themselves – name, address, credit card – but also alternative data you can gather via data enrichment.

That data can then let you automate your risk management and customer segmentation, allowing for safe, compliant operations, and empowering growth.

FAQ