Buy Now Pay Later (BNPL) is gaining steam amongst consumers worldwide. BNPL's ability to help customers spread purchase costs without incurring interest has attracted scores of users to these apps. However, with increased interest comes security risks.
As with everything digital, security is paramount. BNPL providers face unique risks in this regard and might be left with hefty penalties if they don't mitigate them. Here are X reasons why BNPL providers must invest in online fraud prevention right now.
New Account Fraud
BNPL providers make accounting opening and purchasing goods a breeze. However, they face a unique risk in that they don't charge interest, thereby lending an air of free money to the whole process. Malicious actors can open new accounts en masse, complete purchases, and leave BNPL apps holding the bag when the time comes to pay.
Stringent KYC and AML processes are not enough to prevent this risk. For instance, a scammer might use stolen customer data to set up a legitimate-looking account, only to defraud the BNPL provider at a later date.
To combat this risk, install a rule-based assessment engine. In the above example, this engine would explore the account opening patterns emanating from the fraudster's IP address and region. It would deliver a numerical score quantifying the risk associated with approving that account, giving onboarding specialists additional insight into fraud prevention.
These engines also monitor new account activity minutely. For instance, if a new account engages in a large number of expensive purchases shortly after opening, the engine will flag these purchases for manual approval. With a framework like this, BNPL security teams can prevent online fraud.
Identity Fraud
Identity fraud is on the rise as people become more comfortable sharing data online. Fraudsters often combine fake names with legitimate social security or personal identification numbers to fool BNPL apps into granting them new accounts.
Rules-based engines can prevent these occurrences, along with continuous account activity monitoring. In addition, real-time activity monitoring can reveal user behavior during onboarding, purchasing, and checkout.
These datasets augment the ones you receive from the rules-based approval engine and paint a holistic picture of user activity. For example, instead of imposing a blanket ban on users from particular IP regions and losing out on potential business, BNPL providers can onboard users and filter out the malicious ones.
Modern online fraud prevention tools offer a deep degree of insight into user behavior and present data to back conclusions. As a result, BNPL providers can scale their businesses and increase security concurrently.
Chargebacks and Transaction Laundering
Every online payment services provider is familiar with chargebacks. This scam refers to a user purchasing goods, receiving them, and falsely claiming some deficiency in service or product quality. Merchants unaware of this tactic typically refund the purchase while the scammer keeps the goods.
Chargebacks are costly to process and merchants that incur too many of them run afoul of payment processor guidelines. BNPL service providers are vulnerable to chargebacks, like every other online payment services provider.
In addition, they face a more serious form of fraud called transaction laundering. BNPL providers usually do not have access to a merchant's data and this leaves them vulnerable.
Instead of conducting payment fraud from the user's standpoint, malicious actors might impersonate a legitimate merchant to defraud users. This leads to legitimate chargeback requests that the BNPL provider has to bear.
For instance, a user might purchase goods from a website posing as a legitimate merchant. Their credentials might also check out due to the fraudster using the legitimate merchant's validation information. Upon processing, the fraudster vanishes with the user's money, leading them to press chargeback claims.
As a result of their services agreement, BNPL providers must bear these costs. In some cases, both the user and the fraudulent merchant might work together to defraud the BNPL platform. Online fraud prevention tools are essential to stopping this kind of crime.
Aside from real-time user monitoring and rules-based checks, BNPL platforms must invest in tools that offer them real-time payment analytics. These dashboards reveal payment trends and chargeback request trends, helping them drill deeper into issues.
Trojan Horse Fraud
Trojans are a widely-used term in the cybersecurity industry. This term refers to a malicious piece of code disguised as a harmless one. In BNPL, Trojan attacks often occur using legitimate credit card numbers and activity.
Here's how this fraud plays out. An attacker uses a legitimate card and pays for their initial purchases, causing the platform's engine to classify them as a non-malicious user. However, at some point, the user switches card numbers to a stolen one and executes purchases.
Most of these purchases fly under the radar since the BNPL platform doesn't automatically reclassify user profiles. Real-time monitoring is critical to preventing this fraud. With real-time monitoring, BNPL platforms can quickly prevent such user activity before incurring significant liability charges.
Online Fraud Prevention is the Key to Bnpl Growth
BNPL offers consumers several benefits, but they're moot if not backed by stringent security processes. The risks detailed in this article pose severe threats to BNPL providers, and installing the right security tools is the need of the hour.