Is your online platform a target for fraudsters? What can you do about it?
In 2019, digital goods reached around 20% of overall online sales. While this is wonderful news for everyone in the field, this growth in sales did not go unnoticed by fraudsters, who are experienced at spotting these trends. Yes, malicious forces do their research and actively look for the right markets to scam, in which they will enjoy both high return on investment and relatively easy access. There are several reasons why the digital goods arena was chosen by fraudsters. The following lines will examine these reasons and other aspects of online fraud to answer some of your most burning questions
Digital goods: What they are and why they are so appealing to fraudsters
Unlike physical goods, digital goods are bought and delivered immediately online. In this day and age, the list of products that belong in this category is massive. It includes games, e-books, music, tickets, in-app purchases, e-gift cards, and more.
Here are a few of the characteristics that make digital goods particularly appealing to fraudsters:
- Anonymous: Most digital good types are not assigned to a specific person and can easily be resold
- Immediate: Unlike physical goods, which require fraudsters to appear in person and risk getting caught or give companies time to review the purchase, digital goods are delivered as soon as they are purchased.
- Easy to scale: With dedicated marketplaces for legitimate digital goods transactions, it’s easy for fraudsters to find a huge audience of eager buyers and resell the digital goods they managed to get their hands on.
- Card testing: Fraudsters also use the exchange of digital goods as sort of a “testing environment” for credit cards they have stolen or purchased, and want to validate they are good to use.
Getting to know fraudster focus-areas
Here are some of the specific types of fraud attractive goods that fraudsters focus on more than usual, and why they tend to do so.
Gift cards give fraudsters a lot of creative freedom. First, they allow the purchasing of other goods using the cards. Second, they are mostly anonymous and therefore cannot be traced back to the fraudsters who used them; and third, they are a growing industry where hundreds of millions of dollars are spent each year, and buyers can resell them online with relative ease.
The high value of airline tickets leads to a large market for discounted offers. This provides a quick and easy resell route and a very nice profit for fraudsters. Fraudsters can further use the mile points they receive from the airline to buy additional tickets that are harder to trace. It’s no wonder, then, that fraud costs the travel industry $21 billion each year and is expected to grow by 20%, reaching $25 billion this year.
Online tickets for concerts and shows are also a very popular target for fraud that affects both customers and ticket agencies. Using stolen payment means and credentials, fraudsters shop for tickets online, often on websites such as Ticketmaster and StubHub, and continue to sell them to online shoppers. These innocent shoppers are often offered discounts and benefits, as well as a last chance ticket purchase for a sold-out event. When the fraud is discovered, tickets could become invalid, a fact that innocent buyers might learn about only at the gate.
SaaS and service accounts
Fraudsters target the SaaS world using fake or stolen credit cards to open accounts and buy services which they then offer to others at a discounted price. You might say that the buyer understands on some level that this practice is not what the service provider meant for, but in many cases, they don’t suspect that the account was created using a stolen credit card. This type of fraud includes both online tools in the field of telecommunications, and online platforms like gig-services and domain purchasing platforms.
The gaming arena, which is worth over $130 billion, is extremely appealing to fraudsters. There's the possibility of taking over an account as part of a phishing scam, buying and selling game codes using a stolen account, shopping for in-game codes and upgrades, and more. Many gamers don’t protect their game account as well as they would a bank account, which makes it easier to penetrate and exploit. The effect on the gaming business is painful, with a third of players avoiding in-game purchases due to the fear of being targeted by fraudsters.
We need a different approach to fraud prevention
The current approach to fraud protection in many businesses follows the famous Pareto principle, AKA the 80/20 rule. Current solutions can identify the 80% of transactions that are not at all suspicious and clear them immediately. The remaining transactions get sent to manual review.
This, of course, cannot be done with digital goods as there is no time for implementing a delayed delivery or manual review during the transaction process. With no break between purchase and delivery, retailers are left with very little room to maneuver. Retailers are often forced to make a lose-lose decision, between adding friction to the user journey or simply declining the suspicious transactions. High friction reduces revenue and frustrates customers. Low fraud barriers on the other hand, can hurt merchants' rating with customers and payment processors, as well as entice fraudsters even more.
The need for a better fraud protection solution, one that does not lead to a high decline rate or to friction for all buyers, is clear.
Fraud attractive retailers need fraud prevention solutions that look further into the decision-making process involved in the purchase and understand the context on a deeper level, so they can give accurate results on a higher percent of transactions.
Digital goods sub-segments need to understand the reasons that make them such an easy and popular target with fraudsters and assess the risk and implications of their business falling victim to fraud. This raised awareness will form the base for a wide adoption of fraud-protection solutions that cater to the specific needs of this important online vertical.