We’re living in the era of instant gratification. On-demand apps have changed the meaning of “fast delivery” and given consumers the expectation that certain services can be provided within minutes. These apps make users’ lives more convenient, but they also introduce ample opportunity for cybercrime. How and why are on-demand apps being exploited to commit fast fraud? Let’s take a look at the issue as it pertains to ride service apps.
Backseat fraudsters take businesses for a ride
Ride services across the globe are targeted by fraudsters – both drivers and passengers – looking to manipulate the app for cash or to defraud users. Indonesia has been hit particularly hard, as drivers find ways to illegitimately inflate their numbers for bonuses. They either set up or purchase fake driver and rider accounts to create bookings and pretend to complete the trips. Fake accounts are so easy to come by they can be purchased at stalls in Jakarta malls.
In India, London, and New York, drivers manipulate surge-pricing by going offline at popular locations to create false demand, and going back online once fares increase. In Malaysia, drivers often accept lower cash fares under the table and tell passengers to cancel their booking so they don’t have to give a cut of the ride to the company. When Uber was operating in China, fraudsters exploited the company’s bonus payouts, which could be as high as three times a driver’s fare earnings.
Across the U.S., Uber has been tackling a sophisticated scam: fraudsters request a ride, a driver accepts, and the fraudster then calls the driver and pretends to be an Uber Support member. The fraudster asks the driver to cancel the ride, telling them that they will get a $200 bonus for having a good driver rating. Because Uber randomizes both driver and passenger phone numbers, drivers have no way of knowing whether the caller is the same person who placed the ride request. The driver is then asked for their Uber login credentials to get their $200 bonus.
Once the fraudster has the driver’s login credentials, they quickly access the account, change the associated bank account, and drain the driver’s wages. Because many Uber drivers don’t cash out their wages at the end of the day, but instead wait until their earnings are pushed to their bank account on Sundays, many drivers have days if not an entire week’s worth of earnings sitting in their accounts – ripe for stealing.
In our webinar, Accelerating On-Demand Business with Trust, we discussed how ride service apps are the perfect platforms for fraudsters to test stolen credit card information, due to the low average fare price. And because these costs tend to be small, they more easily blend into a consumer’s legitimate purchases on the same platform; if a consumer isn’t regularly checking their transaction history, these charges can go unnoticed.
Passengers expect rides within minutes, drivers expect instant fare cash out, and ride service companies try to provide services with as little friction as possible – all of which fraudsters take advantage of to commit crime, fast.
What can I do to protect my on-demand business from fraud?
If you’re concerned about fraudsters affecting the reputation of your on-demand company, download our ebook, Trust & Safety for On-Demand Businesses. You’ll learn how to tackle the unique fraud challenges faced by on-demand businesses, the best solution for catching fraud at a low cost, and more.
Angela Marrujo, Content Marketing Manager at Sift, is a lifelong gamer with a deep love for Nintendo, in particular. Illustration and music are her other passions.
Angela is a San Francisco State University alumna and, prior to Sift, worked in PR and Marketing in the video game industry.
Stop fraud, break down data silos, and lower friction with Sift.
Achieve up to 285% ROI
Increase user acceptance rates up to 99%
Drop time spent on manual review up to 80%
Your information will be used to contact you about our service and subscribe you to our direct marketing communications. You can, of course, unsubscribe at any time. Please see our Website Privacy Notice.