Assessing Fraud in High-Risk Payment Methods

As a business, navigating the balancing act of accepting as many payment options as possible while mitigating transaction fraud risk is an eternal pursuit. Customers today expect to be able to pay with an array of online payment methods that offer speed, convenience and a seamless transaction experience. 

Prevailing trends often incidentally prioritize the customer experience over security. For example, merchants, including Amazon until just recently(l), often omit the requirement for users to enter a credit card CVV, sacrificing a layer of security for quicker transactions.

As a business, it is essential to recognize that this apparent trade-off between frictionless transactions and fraud prevention is not inevitable. You don’t have to compromise customer experience for security, regardless of the payment options you offer – and with the rise of digital payments creating more opportunities for fraud, the need for anti-fraud decisioning that supports real-time remittance is crucial to sustaining the variety and flexibility of payment methods your customers have come to expect. The same applies to payment service providers (PSPs) or payment gateways facilitating cross-border transactions, reward and loyalty cards or digital wallets. 

The Different Types of Payment Methods Most Used Online

Most individuals think of credit cards first regarding online payments, but people worldwide have varying preferences. For payment companies looking to expand internationally, it’s essential to know that preferred payment methods may differ across countries. Regions like Germany favor push payments via bank transfers, while many APAC customers prefer Alipay, China UnionPay or WeChat Pay options.

Different Payment Methods and Associated Risks

Cards

Credit and debit cards are the most popular purchase methods, accounting for around 32% of all transactions. Worldwide, Visa and Mastercard are the two largest card networks, but many businesses also accept cards from American Express, Discover and Diners, China UnionPay, Cartes Bancaires, Interac or JCB. Many companies accept cards as a payment method in card-not-present (CNP) scenarios, often necessitating an integration gateway with Stripe, Braintree, PayU or another similar service feature. Specific benefits, fraud risks and consequences accompany each card transaction:

• Benefits
  With low friction, cards easily support recurring payments, provide immediate payment confirmation and facilitate support for refunds. The versatility of cards makes this payment method suitable across verticals, including SaaS, online stores and professional services.
  
• Fraud Risks
  Credit card numbers are easy to use to make online purchases; a chargeback request will likely be initiated if a fraudster purchases something without the cardholder’s authorization. Chargebacks occur when a transaction is disputed and payment is returned to the card. With credit card payments having the highest dispute rate of all payment methods, you need to stay on top of transactions with a strong payment screening and transaction monitoring system.
  
• Consequences
  Chargebacks are extremely costly, and incurring too many fraudulent transactions and chargeback requests means that Visa or Mastercard may prevent you from accepting payments with their cards –  an almost inevitable death knell for many businesses.

Gift Cards, Loyalty and Reward Points

Popular and increasingly enticing payment methods, reward cards and the like are attractive targets for fraud due to lower security measures. From duplicating physical cards to hijacking loyalty point accounts, this format of card and point-based transactions presents unique vulnerabilities. Unlike traditional bank transactions, these systems lack a robust authentication process, making manipulating and accessing these accounts more readily available for fraudsters’ exploitation.

• Benefits
  Reward cards and loyalty points programs significantly enhance customer engagement and retention by offering value-adding experiences to encourage repeat business. With these programs, companies can gather valuable customer data to fuel targeted strategies and increase sales.
  
• Fraud Risks
  With minimal security measures, gift cards and reward point programs are particularly susceptible to account takeovers. Once a fraudster gains access and empties an account of funds, it’s challenging to revert any financial loss, leaving customers lacking a recourse that undercuts confidence and loyalty.
  
• Consequences
  From financial loss due to unauthorized redemptions and the need to compensate affected customers to less tangible impacts such as reputation damage, businesses face specific fraud risks with reward card and loyalty point systems. Additionally, companies may face legal challenges and regulatory scrutiny if their program violates consumer protection laws or if customer data is compromised. 

Digital Wallets

Digital payment fraud has skyrocketed 25 percent in the last several years. E-wallets like Apple Pay, Google Pay and AliPay offer streamlined and user-friendly payment experiences, simplifying transactions to just a tap or click. Other fintech giants like PayPal are synonymous with convenience, enabling users to make purchases effortlessly.

With the ease of use comes inherent risk – and the very features that make digital wallets attractive to users also make them susceptible to cybercriminals seeking to exploit vulnerabilities in digital payment systems. No stranger to chargeback requests, PayPal, in particular, historically sides with customers, leaving online retailers exposed to friendly fraud.

• Benefits
  Digital wallets provide immediate payment confirmations, facilitate hassle-free recurring payments and expedite refunds with minimal friction. These wallets enhance security through multi-layered authentication mechanisms, including biometrics, SMS verification and two-factor authentication (2FA).
  
• Fraud Risks
  Two main fraud risks for digital wallets are account takeover (ATO) and high chargeback rates due to friendly fraud. The first occurs when a fraudster acquires a user’s login information, and the latter, also known as chargeback or first-party fraud, occurs when consumers dispute a legitimate transaction in an attempt to get a refund. Both risks cost companies millions of dollars a year.
  
• Consequences
  As digital wallets continue to rise as a popular payment method, negative customer experiences through ATO attacks or credential stuffing can have significant repercussions, lowering customer trust and damaging your brand reputation.
  If an account holder is exposed to fraud, they will likely believe that your business did nothing to stop the fraudulent payment, making you an unwitting accomplice. Further, your company may lose out on chargeback dispute costs, and in worst-case scenarios, your business account may be frozen beyond your control. 

Bank Debits

Referred to as pull payments, bank debits occur when customers input their account details on your website, enabling the direct withdrawal of funds. Many merchants use a third-party integration – such as Plaid – to process these types of payments.

The danger with bank debits is simple: there’s no chargeback protocol in place to protect customers. If account details are stolen, fraudulent transactions are lost forever. Additionally, bank debits operate on delays, often taking up to four business days to process.

• Benefits
  Payments through bank debits typically exhibit a lower dispute rate than card payments.
  
• Fraud Risks
  Account details hold immense value for fraudsters, who can exploit the information to make payments without triggering chargeback requests. It is not uncommon to find login credentials listed on darknet marketplaces, as criminals are highly motivated to obtain account data through phishing, social engineering or advanced hacking techniques.
  
• Consequences
  While processing orders paid for with stolen account information may not lead to legal consequences for your business, it does pose ethical challenges. The legitimate account owner could rightfully request a refund, putting your business in a tight spot. Many bank transfers end up in the wrong account, and financial institutions stay uninvolved, leaving your company to handle and resolve the situation autonomously. 

Country-Specific Authenticated Bank Debits

Authenticated bank debits add a layer of security for each debit event. These payments are usually specific to certain countries but offer faster and more secure processing times, making them a preferred choice for recurring, automated transactions. For instance, in the UK, 14 percent of authenticated bank debit transfers are processed via Bacs Direct Debits, a reusable, delayed notification payment method. This method takes three working days to clear, can only be used for GBP payments and includes an evergreen dispute policy.

Likewise, the US’s Automated Clearing House (ACH) is one of the largest and most dependable electronic fund transfer systems. ACH facilitates transfers with a processing time that extends up to five days and is safeguarded by federal law, provided that customers report issues to their bank within a 60-day timeframe.

For Belgian customers, Bancontact is a payment service platform that combines direct debits with mobile QR codes and pin confirmations, allowing users to retrieve bank account details for SEPA direct debits.

Lastly, in Australia, BECS Direct Debits is the preferred method. Like the UK, BECs can process payments in up to four business days. 

Buy Now, Pay Later

Emerging as a prominent category of payment methods, Buy Now, Pay Later (BNPL) options provide customers with instant financing. Like credit cards, the funds are repaid over time, often in fixed installments. 

Leading companies, such as Afterpay, Klarna and PayPayl’s BNPL solution, capitalize on late fees, interest rates and service charges, leading many to come under recent fire for encouraging irresponsible spending. However, it is essential to recognize that their service is akin to that of microloan lenders, offering accessible borrowing and financial flexibility to those in need.

• Benefits
  This payment solution contributes to increased sales by safeguarding against fraudulent transactions. Currently, the provider offers refunds to the customer and the merchant in case of a fraudulent payment. The system also employs rigorous internal credit checks, deterring potential fraudsters attempting to create accounts within the platform.
  
• Fraud Risks
  Stealing information to establish a BNPL account is considerably easier than obtaining a credit card number, leading to what is commonly known as “buy now, pay later fraud.” Consequently, the risk of default or payment fraud remains a significant concern.
  
• Consequences
  BNPL is the payment method that offers the most protection for consumers and merchants, including mediation services and structured processing processes for handling complaints. However, it is important to note that by accepting these types of payments, you may face additional costs. 

Crypto

Accepting cryptocurrency payments on your website has become incredibly convenient with solutions like BitPay or Coinbase Commerce. Crypto offers numerous advantages, including minimal transaction fees and the absence of chargeback processes, making the method nearly instant, cost-effective and irreversible. The downside of the payment method is that, with its pseudonymous or anonymous nature, it is preferred by fraudsters and criminals. This can pose potential risks for your business as it may attract malicious actors. 

• Benefits
  Payments are almost immediate and are accompanied by competitive transaction fees.
  
• Fraud Risks
  There is an inherent risk of account takeovers affecting your customers, which could inadvertently aid criminals and pose legal consequences, including fines related to anti-money laundering (AML) regulations.
  
• Consequences
  Businesses can suffer severe damage from AML fines. Plus, there’s the risk of incentivizing fraudsters to target your customers’ accounts, particularly if you allow for the storage of crypto balances. 

Uniting High Sales with Low Friction and Minimal Risk

While achieving absolute payment security will always be an ongoing challenge, you can significantly mitigate the risk of fraud to protect your customers and your business better.

Each payment method is accompanied by its own set of benefits, risks and consequences, and if friction is the new battleground, figuring out how to create fewer obstacles between your customers and their purchases is key. Leveraging fraud prevention and detection technology is a surefire way to ensure your users are exactly who they say they are – while enabling the range of online payment options your customers expect.

SEON is an adaptable, real-time, end-to-end solution that shields your company from payment fraud. By gathering data in real-time – leveraging over 90 digital and social signals and deep device intelligence, paired with behavior analysis, transaction monitoring and powerful machine learning, we deliver you the most complete and accurate customer validation – and the peace of mind you need to compete for sales today. 

You might also be interested in reading about:

• SEON: Payment Gateway Fraud: How It Works & Solutions
• SEON: Payment Fraud Prevention & Detection
• SEON: The 11 Best Risk Management Software 2023

Learn more about:

Data Enrichment | Browser Fingerprinting | Device Fingerprinting | Fraud Detection API | Fraud Detection with Machine Learning & AI

Sources

1. TechWithTech – Online Stores Don’t Require CVV

2. Global Payments – Commerce Payment Trends