The fraud arms race: What’s coming in the world of payments fraud

Online fraud is becoming, all at once, democratized and sophisticated. As soon as new technologies or solutions are leveraged to combat fraud, malicious actors seek new ways to elude them. Businesses need to anticipate emerging fraud threats and invest in intelligence, real-time pattern detection, and modern payments analytics to help keep them at bay.

The rise of online fraud

According to a worldwide study in cooperation with Juniper Research, the value of eCommerce losses to online payment fraud worldwide has risen from $17.5 billion in 2020 to an estimated $48 billion in 2023¹.

So, it is not surprising that fraud mitigation has increasingly become a major priority at for large enterprises. Here is a look at ecommerce fraud trends and how they are impacting businesses today.

What to expect this year in fraud

In the coming year and beyond, increases in fraud are being driven by new and more sophisticated fraud methodology and trends. These include:

• Identity theft: In 2023, the Federal Trade Commission (FTC) received 5.7 million identity theft and fraud reports, with total losses reported to be about $10.2 billion2. With fraudsters increasingly using advanced technology to commit identity fraud, this represents a major security concern. It is estimated that the market for identity theft services is set to be worth $28 billion by 2029².

• Fraud as a Service (FaaS): This is where scammers use the services of fraud ‘providers’ in a dark echo of third-party providers in the mainstream economy. These FaaS providers are becoming more adept all the time, conducting research and development to discover new ways to commit fraud on a global scale. They provide their services, which even include fraud training courses and customer support call centers, to less sophisticated scammers, in essence democratizing the ability to perpetrate fraud for the masses.

• Biometric deep fakes: Fraudsters are increasingly able to imitate any person’s face, behavior, or voice. Forbes reported a recent example of biometric fraud where scammers were able to use deepfake voice technology to imitate an executive’s voice and authorize fraudulent bank transfers to the tune of $35 million³.

• ‘Friendly fraud’: Likely because consumers are feeling inflationary economic pressure, and because of the unprecedented increase in online commerce with generous return polices, there has been a sharp rise in so-called ‘friendly fraud’ since the pandemic. Also known as ‘first party misuse’ or ‘customer abuse’, consumers are fraudulently disputing credit card charges at an alarming rate, falsely claiming problems with merchandise or not to have received it at all . Visa reports friendly fraud incidents rose between 20-30% in 2022⁴ and, according to a report by the National Association of Credit Management, 59% of credit professionals have experienced customers fraudulently disputing a credit card charge⁵.

• The use of new payment tools: The adoption of tools like Buy Now Pay Later and One Click Checkout has created new opportunities for criminal and friendly fraud, largely because of a lack of robust regulations, standards, and merchant experience with these payment methods. Where there is innovation in commercial transactions, there is corresponding innovation in fraud to abuse it.

Merchants are experiencing increasing challenges in managing eCommerce fraud. Effectively using data and analytics to manage fraud has become a particularly pressing challenge and a key focus area for improvement.⁶

These emerging fraud trends will have a major impact on the profitability of enterprises. The true cost of fraud goes much deeper than simply lost revenue. According to a study carried out by PayPal, organizations are experiencing an average of 679 chargeback frauds each month, which take an average of 31 hours to deal with⁷. With increasingly complexity fraud tactics, there is corresponding complexity in the fraud solution landscape. Knowing which enterprise fraud solutions to invest in is challenging.

The role of AI in the arms race: Merchants vs. fraudsters

The democratization of artificial intelligence with the advent of new tools like ChatGPT is on everyone’s mind – including fraudsters’. This will be key battleground; the future of fraud prevention will be based on AI and machine learning. it has incredible potential for both causing and resolving fraud in the commercial space.

For example, AI is allowing fraudsters to test a far greater number of card number combinations and at a faster higher rate, helping them to learn which card numbers are valid and which details need to be valid for a transaction to be authorized on a given site.

There has been a major increase in the number of enterprises making use of sophisticated technologies including automation, artificial intelligence, and machine learning. According to a study by Tech Jury, 35% of businesses are using AI and a further 42% are exploring its possible future use⁸. The availability of huge streams of relevant data and analytics can support these advanced solutions to enable fraud prevention and detection.

The key battle for businesses is to stay a step ahead of the game, arming themselves with the latest in artificial intelligence fraud detection and machine learning tools to keep pace with emerging fraud trends. For more detail, see our article on the power of AI for payment fraud detection.

Preparing for future risks

Facing these increasingly complex security challenges makes implementing effective fraud prevention trends more critical than ever before. However, by leveraging technologies that effectively detect risk signals, implementing strong security measures, and through continuous monitoring, it can be more feasible for large enterprises to fight fraud. Businesses should be aware of the following fraud management strategies:

• Utilize advanced technologies: Adopt cutting-edge fraud detection and prevention tools such as AI and machine learning to detect suspicious activity in customer accounts. PayPal’s Fraud Protection Advanced and Chargeback Protection uses machine learning and rules-based methodologies to combine technology and human review for optimal outcomes.

• Leverage high quality data: AI technology can analyze vast amounts of data to spot trends in real-time. But machine learning is only as good as the data it is learning from. PayPal’s Fraud Protection Advanced is powered by data from 400 million+ PayPal consumers, 35 million+ merchants, plus the data we see from our merchant customers’ end customers. For every transaction, we evaluate 350+ real-time data signals from enriched data, device intelligence, geolocation, consumer behavior across payment methods and channels, and more to make more accurate risk decisions. And merchants can use our dashboards to see transaction trends and case linkages, as well as integration health scores, top filters, A/B testing for rule comparisons, and historical data simulations.

• Implement multi-factor identification: Methods such as biometric or two-factor authentication can add more layers of security, such as 3D Secure authentication services. As 3DS adoption is increasingly required by regulators in Europe and being adopted banks and merchants all over the world, PayPal has developed implementation approaches that mitigate the impact of 3DS friction on the customer experience.

• Keep up security protocols: Stay updated on the latest security trends, ensuring all systems are regularly updated, conduct independent audits, and train employees sufficiently on data and security policies, and work with vendors that are strictly compliant with the highest data protection standards. PayPal is PCI-compliant, meeting strict standards for credential storage, maintaining a secure network, conducting vulnerability assessments, and regularly testing security systems.

• Leverage the latest in tokenization and encryption: ‘ Network tokenization’ is innovative technology that uses card network-issued tokens to replace card credentials to enhance security and keep card data as fresh as possible, with proactive updates from card networks. PayPal has issued well over a billion tokens, helping leading merchants implement the new network token scheme successfully.

• Team up with experts: Work with providers that give you direct access to fraud experts. Fraud management is not something you can “set and forget,” so ensure you will have ample support as new threats emerge and risk strategies change. PayPal, as a merchant of record for its own digital wallet business with 400 million+ active consumers, has over two decades of experience battling fraud, mitigating payment friction, and optimizing acceptance rates for good transactions. And with our advanced fraud solutions, you can have access to risk data scientists to provide support.

Meeting the challenge of fraud

As fraud gets more sophisticated, so do the tools to fight it. Stay ahead of the curve with tools that match or exceed those being used by fraudsters, and protect your customers’ data and your bottom line, without causing unnecessary friction at checkout.

Monitoring and understanding fraud trends can provide valuable insight but seeking assistance from industry experts is always beneficial. Learn more about our AI-based fraud prevention tools and our powerful, proprietary data set to help protect against evolving fraud risks. Or schedule a free consultation with an expert today.