Reducing friendly and malicious fraud

Once you’ve isolated what is driving your chargebacks, you can start figuring out how to reduce them. In this article, you’ll learn the high-level approaches to reducing malicious fraud and tricks to reduce friendly fraud. While friendly fraud isn’t directly targetable, this article will outline what you can do to reduce the likelihood. However, the most impactful way to fight friendly fraud is to create a strong chargeback response.

 

Malicious Fraud


Malicious fraud is when someone purchases items without the intent to pay for them, typically through means of stolen credit cards or accounts. Good news, it is absolutely preventable.

There are two different ways to approach fighting your malicious fraud: build an internal fraud prevention team or outsource to a fraud prevention company. Critical disclaimer: you must understand your entire chargeback portfolio before you should look to outsource. Each company offers different protections, you need to understand whether those protections will actually help or hurt you.

At a previous project I worked on, we found that most of the fraudulent chargebacks were actually friendly fraud, not malicious fraud. A lot of fraud resolution companies specialize in malicious fraud. Outsourcing to one those companies would have left us with no protection from the majority of the chargebacks.

Build your own internal fraud prevention team

This means creating a system that can find bad people and reject or refund their orders before they become chargebacks.  Building an internal fraud prevention system means you will likely utilize tools from other fraud companies for pieces of the process, but ultimately, you control the system. You’ll need a team that manually reviews suspicious orders, as well as a team that reviews chargebacks to find new trends to update your prevention model.

The following steps are critical process pieces you will need to successfully build a fraud prevention team.

  • Isolate potential fraud
    • Specifically, you will need a way to highlight fraudulent trends that flag suspicious users for manual review. Machine learning models are pretty fabulous here, I’ve always used Sift Science for this. I highly recommend you check them out if you go this route. However, there are plenty of other companies that do this too.
  • Manually review potential fraud
    • From there, someone actually needs to review the flagged orders and decide to process or reject them. You can build an internal manual review queue or utilize tools to do this through companies like Sift Science.
  • Periodically adjust your signals for fraudulent behavior
    • You need to circle back to step 1: isolating the potential fraud frequently. As you develop rules, fraudsters will develop new tactics. You should periodically review malicious fraud on your platform and in the industry. With this, implement new rules and keep your system up to date. Since you control the process internally, you also must control finding new patterns. 

In upcoming articles, we will dig into these stages. Stay tuned.

Outsource the entire process

There are tons of companies that will receive your orders and tell you which to reject/accept to prevent malicious fraud. Some of them even help you resolve the fraudulent chargebacks that they let through.

  • Riskified – uses Machine Learning (ML) to isolate fraud and reject risky orders. They offer chargeback protection via 100% money back guarantee for any (malicious) fraudulent chargebacks that do occur.
  • Sift Science – uses ML model that predicts fraudulent activity, you decide how to use it. You train a ML model with your own data, so its fraud detection based on your unique user base. You can set up rules to auto-reject based on the ML. It’s a flexible tool but doesn’t offer chargeback protection or resolution. I find it most useful as an aid in building your own internal system as opposed to completely outsourcing to them.
  • Kount – uses AI to review transactions and reject malicious fraud. They use worldwide data for fraud protection, as opposed to making a unique model for your user base. They don’t offer chargeback protection or resolution help to my knowledge. However, they say that they can reduce chargebacks by up to 98%. Overall, they are pretty damn smart and proactively follow new fraud trends, constantly updating their AI. Definitely worth reaching out.
  • Chargebacks911 – not a malicious fraud detector to outsource to, but very worth noting. They focus on a more holistic approach, starting with chargebacks to dissect the source. Chargebacks911 primarily helps resolve chargebacks once they occur, not with rejecting suspicious orders. They instead focus on understanding driving factors and building a strategy to reduce. They specifically help with friendly fraud, which is very rare.

I’ll dig into details of outsourcing in my next article, but one really cool benefit from some companies is full chargeback protection from fraudulent chargebacks. Double edge sword, though, as they also control which orders they reject since they are liable.

As mentioned, most companies might not be able to prevent friendly fraud. They also won’t help with chargebacks filed for product or service issues, such as delivery or refund problems. There are a lot of options out there and each has a unique offering. Once you know your chargeback portfolio, you can start reaching out to different solution providers and understand how each can help you.

 

Friendly Fraud


The key aspect with friendly fraud is that the customer is generally a good user. When it comes to fraud prevention, it’s critical that you minimize the friction for good users. As such, targeting friendly fraud is exceptionally difficult. These are good looking users that you would not expect to file a chargeback. You don’t want to flag all of your good users for fraud analysis. Nor do you want to make them all jump through hoops to verify their order.

Instead, you should focus on ensuring that your charges are recognizable and validate charges that seem abnormal for this particular user. In addition, there are steps post-chargeback that can be taken to help reduce further risk.

  • Make sure the charge statement is easily recognizable. Include your business name and name of the purchaser. This can help customers recognize a charge, particularly if placed by a family member.
  • Validate orders that seem slightly abnormal. Sometimes a good user can go on a spending spree, for example, with a family members credit card. Reach out to them if their purchase behavior changes. Record all communication, as it might aid in your chargeback response.
  • Record as many data points for your orders as possible. Some examples include:
    • Proof of delivery
    • Service/product reviews and ratings
    • Customer communications
  • Once a user files a chargeback, ban them from continuing to purchase and let them know how to proceed. You can email customers who file a chargeback and state that their account has been restricted until the chargeback is resolved. Friendly fraud purchasers might withdraw the chargeback to continue to use your service. Likewise, if a customer simply didn’t recognize the charge, they now do. This could lead them to withdraw the chargeback.
  • Circling back up to outsourcing recommendations, Chargebacks911 is one of the only companies that will help you resolve loss to friendly fraud. If you’re seeing lots of friendly fraud and aren’t sure where to start, you can reach out to them.

Friendly fraud is an unfortunate chargeback to receive. You cannot manually review potential orders and reject friendly fraud in the same way you can for malicious fraud. That being said, the aforementioned steps do help to reduce the overall chance that you will see friendly fraud. You cannot directly prevent these chargebacks, but you can win them. The key aspect of friendly fraud is to collect the right data and build a stellar chargeback response. The response should clearly outline why you accepted this order and why you believe the customer is who they say they are.

Luckily malicious fraud, which is likely the bulk of your chargebacks, is preventable before the chargebacks are even placed. In later articles, we will dive deeper into outsourcing fraud to illuminate when you should outsource and who you should outsource to. We will also outline what it means to create your own internal fraud team.

One thought on “Reducing friendly and malicious fraud

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s