Order Risk Reviews Should Also Focus on Friendly Fraud, Refund Fraud and Abuse

It is understood that manual order reviews are a critical component of fraud prevention strategies, but like risk strategies overall, manual reviews tend to focus on third party fraud and often neglect other forms of fraud and abuse. The harsh reality is that fraud is a broader problem than identity and third party payment fraud. Since the onset of the pandemic, other forms of fraud, such as refund and promotion abuse, have increased. Manual reviews need to broaden the scope accordingly.

Fraud seems to always be increasing, but it’s also increasingly more diverse. This became even more apparent in the wake of the COVID-19 pandemic. A survey from fraud solution provider Ravelin found that 39 percent of merchants reported increased online payment fraud activity between August 2019 and August 2020. However, friendly fraud increased by 41 percent, promotional abuse by 49 percent, and refund abuse increased by 51 percent over the same timeframe.

Traditionally, fraud prevention strategies have primarily focused on online payment fraud or third party fraud, the use of stolen payment credentials online. Friendly fraud, refund and promotional abuse is often more difficult to prevent because the perpetrator is typically providing their real identity information. This makes their order look low risk on the surface, and puts more emphasis on strong data management and analytics to detect when wardrobers, refund fraudsters or promotional abusers return.

Risk management strategies often include negative lists and positive lists, also known as blacklists and whitelists. But the world isn’t just black and white – there’s a lot of gray area in between. The same can be said for fraud prevention, and the use or warmlists should be part of a risk management strategy as well. The challenge, however, is that it can be more difficult to identity refund or promotional abuse. When a shipping address is associated with multiple hard fraud chargeback reason codes, the decision to blacklist that shipping address can be automated. When a shipping address is associated with some returns, it may require a closer look. When does return or refund activity become excessive?

We tend to think of fraud agents as performing order risk reviews to determine whether or not to accept an order with mixed risk signals, but they can also provide insights in the “gray areas,” to assess more qualitative metrics and draw the distinction between customers who have legitimate refund reasons versus those committing return fraud or abuse.

Here’s how this could look in practice: When a customer or data point is associated with multiple returns, add them to a warmlist. If they attempt another transaction it is flagged for manual review, indicating potential refund abuse. The review agent then reviews this order and considers all past orders from this customer including whether or not a refund was initiated and looking for any patterns or similarities across orders that were returned. The agent can make a determination on whether this customer is a serial returner, potentially moving them from the warmlist to negative list.

For more information:

Ravelin Survey: Online Merchant Perspectives