Monica Acree joined Forter in January 2020 as Vice President, APAC. She is responsible for expanding Forter’s footprint in the region and will drive Go-To-Market strategy including partnerships across the diverse and fast-growing markets of APAC. An accomplished senior leader with more than 15 years in the payments and technology sectors, Monica has a deep expertise of the APAC payments ecosystem. Monica has been in the region for the last 9 years and before joining Forter, she was Director and Head of Asia for Braintree Payments, a PayPal company.
e-Commerce businesses have begun to offer Equated Monthly Installments (EMI) purchase options to consumers in recent years. This enables buyers to make purchases now and pay later, in smaller monthly amounts at low-interest. EMI was traditionally used for big ticket purchases but has recently caught on in India for smaller purchases as it offers an inclusive method for households to access previously unattainable products.
EMI is fast becoming a widely accepted means of doing business in India and across the globe. As more consumers move to digital purchasing, the availability and uptake of EMI options are also increasing.
However, with any new payment trend comes new touchpoints where fraud and abuse can take place. In many instances, EMI is essentially an instant loan application at the point of sale – sometimes with and sometimes without the benefit of a credit check. EMI providers must make credit decisions in the time it takes for a customer to make a transaction, and this short time frame provides an opportunity for fraudsters to access tangible goods with a lower likelihood of initial detection. Some of the risks faced are as follows:
- EMI not paid: This is when a fraudster uses his or her own identity data along with stolen or fake data to pass fraud and credit checks. The fraudster has no intention of making any of the EMI repayments after purchase. The fraudster provides as little data as possible and his or her details cannot be traced, this includes information such as a fake phone number bought just for the purpose of fake transactions in order to receive a one-time password, and sometimes even a fake delivery address.
- Returns abuse: This happens when a fraudster either returns an item having already worn or used it, or returns a different item from the one that was originally purchased. This happens before full payment is made through EMI. Therefore, the responsibility for the payment then falls to the EMI provider for the full value of the items purchased.
- Card testing: This is how a fraudster confirms that stolen card information is usable. A stolen card is tested through smaller transactions before it is used for larger purchases. Essentially, what this means is that stolen card and stolen cardholder information is used to make purchases look legitimate.
- Refund fraud: This happens when a fraudster uses stolen credit card information and then asks that refunds be made to an alternate credit card. A fraudster can often trick e-commerce sellers into issuing such refunds by claiming that his or her old credit card account is now closed and therefore the refund must be put on a new card. This is a fairly simple, yet effective tactic that puts sellers in a difficult position.
- Chargebacks: This kind of fraud is when a customer makes a purchase and later disputes it with their credit card company, resulting in a chargeback. In some instances, the customer legitimately may not have recognized the purchase on their credit card, resulting in “friendly fraud”. However, many times, this is done intentionally. Where the customer attempts to exploit company policies in order to get a refund or keep the products, free of charge. This kind of fraud leads to many different costs to the company, including lost merchandise, chargeback fees, and even shipping costs.
- Account takeover: This is the most serious type of fraud and essentially equates to identity theft. A fraudster may use phishing tactics to extract personal information, steal passwords and security codes. He or she then gains access to legitimate customer accounts on an e-commerce website using the stolen information. By immediately changing information after gaining access, the fraudster can make multiple purchases and even withdraw funds from these accounts depending on the type of website he or she has gained access to. Account takeover can have an extremely negative impact on the reputation of affected sellers, and can seriously jeopardize their relationship with customers. Customers may lose trust in the data privacy and security policies of the sellers and therefore be unwilling to use the sellers’ website again.
In India, many big e-commerce service providers such as Amazon, Flipkart and Myntra have started offering EMI services. Recognizing the growing trend, in its ongoing attempt to clamp down on fraud, the Indian government has recently put in regulatory mechanisms and policies. The Reserve Bank of India has mandated that recurring auto-debits on credit and debit cards over a certain limit, must now undergo an additional factor of authentication.
To address the above mentioned risks, some businesses will introduce more checkpoints or fees that can negatively impact customer experience. Legitimate transactions may be flagged as fraudulent, and sellers may increase prices to cover for losses. Therefore, policies like the Reserve Bank of India’s new directive, along with effective fraud prevention technology solutions can help to make the interaction a smoother and more effective experience for genuine customers.
The need for fraud protection solutions that offer accurate decisions on customer trustworthiness in real-time, is important. It is crucial for merchants to strike a balance between fighting fraud and delighting customers—this is a prerequisite to introducing offerings like EMI at scale.
Fraud detection needs to be automated and data-driven in today’s digital economy. Sellers will do well by opting for a fraud protection solution that is built on a wide global network – an ecosystem of retail businesses, banks and payment processors. This allows for effective and precise identification of fraudsters and repeat policy abusers. In the long run, automation allows e-commerce companies to scale with confidence as they add to their offerings or services, or expand their business across borders.
Successful sellers will be the ones that adopt an effective fraud protection strategy that accounts for regulatory policies and optimizes customer experience and revenue.