MRC Vegas 2022: Insights from Sift Trust and Safety Experts
In-person events are back, and Sift was excited to exhibit and speak at MRC Vegas, one of the most influential events in the payments and fraud prevention arena. Merchant Risk Council’s annual conference gives our team the opportunity to discuss ideas with global thought leaders and solve tough challenges facing merchants and the fraud industry.
This year, two of our Trust and Safety Architects, Brittany Allen and Jane Lee, shared their deep knowledge of the fraud industry up on stage. During a 3+ hour Fraud 201 workshop, Allen joined Elena Michaeli, Fraud Fighter at Shutterstock, to discuss all things payment fraud with more than 70 merchants, vendors, and issuers. The session covered everything from the origins of fraud to negotiating with engineering and product partners. Lee discussed the many fraud factors merchants need to consider when it comes to alternative payments.
During the four-day-long conference, our team heard directly from merchants and other industry experts about why (and how) fraud keeps them up at night. This is what they learned.
Account takeover gets the spotlight
Payment fraud gets the most attention from risk teams due to its clear link to lost revenue. But merchants are beginning to realize other forms of abuse deserve, and require, dedicated fraud-fighting resources. And in many cases, cracking down on suspicious activity at the account creation or account takeover stage can prevent cybercriminals from committing payment fraud through that merchant down the road. It’s been a wake-up call for many businesses, and the focus is finally shifting towards end-to-end fraud prevention to secure the entire customer journey.
This shift in focus couldn’t come at a more crucial time. Data from the Sift global network shows account takeover fraud soared by 307% between 2019-2021. And just between 2020-2021, ATO fraud exploded by 850% in the fintech sector alone. Our trust and safety experts forecast these numbers will continue to climb if businesses don’t take ATO seriously.
Companies unite against first-party fraud
Merchants have long shouldered most of the responsibility when it comes to chargebacks. They are held liable for card-not-present disputes, meaning the merchant takes the loss and gets hit with chargeback fees. Fraudsters and consumers alike know they can game this system by going directly to their credit card companies instead to file a dispute.
“Credit card companies usually provide a positive resolution for the consumer in order to increase customer satisfaction. And because consumers know their payment providers will take their side, there’s little to stop them from filing chargebacks whenever they feel inclined,” explained Brittany Allen.
But our trust and safety team learned some companies and networks, like Discover, are working on better first-party fraud (or friendly fraud) detection. More companies are uniting forces against chargeback fraud—a welcome change in the eyes of merchants.
Refund and return fraud run rampant
In addition to friendly fraud, refund and return fraud have exploded since the onset of COVID-19, and subsequent increases in online spending. It’s much easier to commit these types of fraud through digital transactions due to the challenges of user identification, and fraudsters are taking full advantage. According to a National Retail Federation survey, U.S. merchants lost $78.4B to return abuse and fraudulent returns in 2021, representing a whopping 10.3% return fraud rate.
Alternative payments take center stage
Consumer and merchant interest in alternative payments, such as digital wallets and buy now, pay later (BNPL), was top of mind at MRC. Both have experienced increased adoption and soaring fraud rates in recent years. Between 2020 and 2021, Sift data showed attempted payment fraud jumping 200% in digital wallets and 54% in BNPL.
Nefarious actors are exploiting BNPL by compromising existing accounts that have been authenticated by a BNPL provider, or by creating new accounts using stolen personally identifiable information (PII). Two potential entry points mean the fraud problem facing merchants and alternative payment providers has at least doubled. Merchants and providers must ensure they’re stopping true fraud and minimizing false positives.
“Make sure you have a great relationship with your BNPL provider. Just because your alternative payment provider may currently cover your fraud does not give you an excuse to be negligent when it comes to fraud. If you send too much fraudulent traffic to your provider, you risk losing your processing power,” advised Jane Lee.
The fraud industry navigates new privacy rules
Apple’s “Hide My Email” feature has ruffled feathers in the fraud industry, especially those relying primarily on email addresses to measure the risk of users. The new privacy initiative was announced with Apple’s iOS 15 update and lets users easily create anonymous email addresses that automatically forward to their personal inbox. Although the feature helps consumers avoid spam, it makes it more difficult for some fraud prevention providers to verify customer legitimacy.
Rules-based fraud tools that rely on single identifiers, such as an email address, simply can’t keep up with this changing technology. It’s time to retire legacy point solutions in favor of a flexible approach that harnesses thousands of fraud signals and real-time machine learning.
Fraud teams need Digital Trust & Safety
As fraud tactics get more complex and the digital transaction landscape continues to advance, fraud teams need to constantly be evolving their strategies. Leveraging Digital Trust & Safety means not having to decide between keeping fraudsters at bay and creating frictionless customer experiences. Exceptional fraud platforms should accurately prevent fraud, streamline team efficiency, and improve business operations—leading to retained revenue and opportunities for growth.
“The surface area of fraud continues to expand. Fraud teams are fighting more than just external fraud, they’re battling siloed teams and tool proliferation,” said Kevin Lee, VP of Digital Trust & Safety at Sift. “To fight back, teams need to invest in platforms that enable their team, tools, and data to seamlessly interact so they can make the most accurate decisions possible.”
Take our Digital Trust & Safety Assessment to get more insights and custom recommendations for your business from our trust and safety experts.
