Payments networks poised to spend big to fight e-commerce fraud

An explosion in fraud has accompanied the public’s accelerated adoption of e-commerce over the past year, and payments companies likely will have to respond by spending more on security.

"In many cases where a [merchant] does something quickly, like a move online or digital, fraud prevention does not get prioritized," said Sudhir Jha, a senior vice president at Mastercard and head of Brighterion, a Mastercard artificial intelligence subsidiary. "That creates weak spots that the crooks can target."

New research reports show a boost in the number and average value of fraud attempts. Research also predicts the cost of e-commerce fraud to the payments industry will more than double by 2025.

"The move to e-commerce includes high growth in things like curbside pickup or mobile order and delivery, so there are a lot of areas where ordering and payment are happening quickly, and crooks are starting to abuse that," Jha said. "In situations where the cardholder isn't present, there is going to be more fraud than in physical locations."

For the full year, the value of losses due to e-commerce fraud will increase by 14% to more than $20 billion, according to estimates by Juniper Research. It blames insufficient fraud-mitigation efforts by merchants.

Nearly 18% of e-commerce transactions between Thanksgiving and Cyber Monday were potentially fraudulent, up from about 15% in 2021 before the holiday weekend, according to TransUnion. The credit bureau, which attributes the holiday spike to growth in overall e-commerce activity, said that 25% of consumers say they are more concerned about becoming a victim of digital fraud this year than in 2020.

Crooks are also aiming higher. The average value of attempted fraudulent e-commerce transactions during the Thanksgiving shopping weekend jumped to $1,181 in 2021 from $578 in 2020, according to Sift, a San Francisco fraud-security company.

Sift reported attempted digital-wallet fraud during the holiday weekend increased 328% in 2021 over 2020, with a 134% jump in fraud attempts on buy now/pay later apps. The number of legitimate e-commerce transactions increased 125% over the holiday weekend, according to Sift, which did not release the actual number of transactions or fraud attempts.

The trend of increased online shopping during the pandemic also appeals to fraudsters, who can take advantage of other trends such as the growth of buy now/pay later lending to make higher-value fraudulent purchases, said Brittany Allen, trust and safety architect at Sift.

Buy now/pay later, which allows consumers to split the cost of higher-value purchases over installments while avoiding accruing credit card debt, has grown quickly over the past year.

Writing for American Banker, Ruston Miles, founder of Bluefin, an Atlanta-based retail security company, said services such as buy now/pay later, which require long-term storage of payment data, raise long-term cybersecurity risk because there's more time for crooks to compromise the payment data and use it for a fraudulent purchase or other other illegal purposes.

Fighting e-commerce fraud may become more expensive as a result of these trends. The amount of money spent to fight e-commerce fraud is expected to expand from $33 billion in 2021 to nearly $70 billion in 2025, according to Statista.

As fraud attacks increase, the number of overall e-commerce payments are increasing. Mastercard projects e-commerce holiday sales for the Nov. 1 to Dec. 24 period in 2021 will be 7.6% higher than 2020 and 57% higher than in 2019, creating a larger market for fraudsters to attack.

The move of more traditional retailers into e-commerce as well as the move toward faster or near real-time processing pose a challenge to traditional fraud-prevention techniques that use rules to spot suspicious transactions, Jha said.

"Profitable behavior from consumers is often similar to fraudulent behavior. A sudden large purchase could be due to a life event and not a red flag," Jha said.

Artificial intelligence is designed to improve fraud detection as more data is accumulated. As e-commerce and related technology such as near real-time payments or faster processing expand, AI also faces challenges. Since payment data tied to a single consumer can reside in different steps in payment processing, there's less time to spot fraud for a payment that is processed in near real-time, or to identify a fraud trend that covers multiple merchants.

Mastercard is aggregating data from issuers, merchants, acquirers, shippers and other third-party partners in an attempt to add more information that its artificial technology can use to thwart fraud while not slowing legitimate transactions. Mastercard is working with partners to improve its data sourcing for both e-commerce and real-time payment fraud detection, though the card network did not identify partners.

Among other large payment companies, PayPal in an email said it uses AI and the data produced by the size of its network to identify transactions consistent with emerging fraud techniques. Similar to Mastercard's ability to draw on different parts of the payment ecosystem, PayPal says it can benefit from its "two-sided" network, which has 320 million consumer accounts and 26 million merchant accounts. Stripe also works with partners to collect data to inform Stripe's AI-driven fraud algorithms that its merchants can download.

Visa did not return a request for comment, but recently commissioned research that found expanded data sourcing for AI reduced e-commerce fraud in Australia over the past year. In an email, American Express' public relations office said the company monitors transactions through AI, and sends consumers email messages "within seconds" of a potentially fraudulent transaction taking place.

Broadening the data sourcing for AI-driven fraud detection allows fraud teams to be more precise and change their parameters dynamically, according to Allen.

"After all, fraudsters already leverage automation when staging attacks against companies, so for fraud teams to not take advantage of automation puts them at a severe disadvantage,” Allen said.

For reprint and licensing requests for this article, click here.
Cyber security Fraud Credit cards E-Commerce
MORE FROM AMERICAN BANKER