Could Buy Now, Pay Later Payment Offerings Cost Retailers Security?
The buy now, pay later (BNPL) market continues to grow. According to a recent report, the market is expected to rise by 1,200 percent in the U.S. by 2024. Most online merchants such as Amazon.com, Airbnb, and Instacart already accepted BNPL as a form of payment, including leading options Afterpay, Klarna, and Affirm, however, additional major retailers including Walmart and Target introduced these payment options in last year's fourth quarter.
The increase in popularity can be attributed to millennials and Gen Z, who are using BNPL to access luxury consumer goods at an affordable rate. However, despite its fast rate of adoption, the new digital payment option comes with fraud risks that if left ignored could cost retailers time, money, and their reputation to resolve.
How Does BNPL Fraud Work?
Typically, BNPL fraud is executed the same way most e-commerce and digital payments fraud is. Examples include:
- Fake profile tactics: Profiles are created using fake IDs with stolen credit card information to purchase goods to be resold at full cost. Once the victim notices the fraudulent payment, he/she initiates a chargeback. And while the BNPL companies are usually liable for chargebacks, retailers could also take a hit to their reputation and be seen as an untrustworthy business if their customers fall victim to fraud on their site.
- Account takeover attacks: Login details can be stolen from bot exploitation or bought on the dark web and used to make purchases. This attack is usually relatively easy for fraudsters to carry out as a result of consumers typically using the same password across multiple accounts.
Preventing BNPL Fraud
With new digital payment solutions there's usually a universal truth — wherever the money goes, fraud will follow. There are certain steps that retailers can implement to detect and prevent fraud to stop harmful acts to their businesses and customers.
- Know your customers’ digital footprints: The best way to keep fraud to a minimum is for merchants to fully know their customers. Gathering and analyzing vital data related to their customers’ digital footprints, including email, IP addresses and social media profiles, can help identify fraudsters as they cannot match the breadth of actual customers’ online presence. Using real-time, data-enrichment solutions could ensure that the right information is captured and reviewed to reduce fraud risk.
- Research fraud tactics across markets: It's important to note that fraud is mostly regional. Therefore, merchants that operate across one or many markets should know how fraudsters act. In different countries cybercriminals specialize in different scam tactics and have different access to assets, including money, fake and stolen IDs. Learning about them is key for online retailers.
- Focus on a frictionless customer experience: With BNPL, as with most digital industries, transactions need to flow quickly and seamlessly. This allows as many people as possible to move through the sign-up and approval process and use the service. When building a fraud prevention strategy, it’s key to keep speed and security top of mind for your company's plan to provide continuous and frictionless customer experience.
The rise of digital payments, including BNPL in the e-commerce space, continues to make an impact and transform the retail industry. Where payments go, fraudsters will find a way to exploit them. Therefore, it's imperative that merchants take steps to prevent fraud from the start. Doing so will allow themselves to operate securely, avoiding exploitation of their business and keeping their customers safe.
Jimmy Fong is the chief customer officer at SEON, a cybersecurity software company whose technology combines social signals with digital footprint data to wean out false accounts and prevent fraudulent transactions from taking place.
Related story: Buy Now, Pay Later? What Regulating Payments Could Look Like
Jimmy is the serving CCO of the cybersecurity software company SEON, whose technology combines social signals with digital footprint data to wean out false accounts and prevent fraudulent transactions from taking place.
Jimmy has over 13 years within the online payments and fraud space as part of fraud tech pioneers CyberSource (acquired for $2 billion by Visa), GlobalCollect (acquired by Ingenico for $1 billion) and latterly InAuth (acquired by American Express for $250 million). His passion is mixing nerdy obsession over technology and hyper-commercial growth.