Stay Ahead of Fraud in the Digital Goods Space


The world of digital goods—from emerging tech such as the metaverse and NFTs to the more familiar like ticketing—is rapidly expanding. However, growth has also come with some significant challenges. After all, not all buyers are loyal, legitimate customers.

According to our data, total payment volume (TPV) for the digital goods and services industry grew 51% between 2020 and 2021, and 2022 is on pace to finish 65% higher than last year. Payment volume is reflecting the profound growth of the industry, and also the reliance on digital commerce in general. Even social media giants like TikTok have posted jobs that hint they are expanding in this direction.

As the digital goods industry grows in variety and complexity, it’s important that retailers keep a pulse on fraudulent activity to enhance the customer journey and protect bottom line. Here are four trends that are worth keeping an eye on this year.

1. Events and Ticketing

The pandemic caused a temporary halt on live performances, but ticketing bounded back faster than predicted in the past year. Unfortunately, the rise of in-person events also brings about ripe opportunities for fraudsters. Ticketing has qualities that make it particularly attractive to scammers:

  • Format – The goods are digital and are therefore easy to receive without being detected. Scammers can buy in bulk and resell tickets without leaving their homes or handling any physical merchandise.
  • Expectations – Consumers are used to buying tickets secondhand via specific resale websites or crowdsourcing efforts. Fans who are eager to get a ticket may not even think to check the artist or show’s website to buy a ticket directly. Resellers can also employ bots to purchase large quantities of tickets, then upsell them for a small fortune.
  • Timing – Last-minute purchases are standard in ticketing, and event sites know that and need to accommodate. Fraudsters love last-minute checkout because it is unlikely that a customer will notice anything anomalous before it’s too late.

All three factors put manual review teams in ticketing and event organizations under a lot of pressure.

2. Account Takeover (ATO) Isn’t As Popular

ATO is a form of fraud when a bad actor gains access to and ultimately takes over, an account using stolen or hacked credentials. There’s a common misconception that ATO and digital goods go together hand-in-hand. While this is true when a fraudster already has access to an email account, this methodology does represent an extra step of effort. ROI-conscious fraudsters may not find it worth the exertion, as digital goods are usually sent to the customers’ email addresses and it is immediately identifiable.

The truth is, most attacks against digital goods websites use the process of stolen credit card (or other payment methods). When card testing, fraudsters use the merchant’s website to see if the credit card still works. Digital goods are ideal because fraudsters can expect instant responses, and low-dollar purchases are not abnormal. They are less likely to be detected by the consumer or the merchant, and it is the account’s good reputation that makes the purchase more likely to be approved at checkout. Since the fraudster isn’t interested in the goods they’re attempting to purchase, the fraudster’s access to the email is irrelevant. It is a step in the process.

Unfortunately, once they have a credit card that works, they can be off to the races. Thus, this is a method that is more disastrous for the consumer and can snowball into a nightmare for the merchant in the long run.

There is one exception to the “no ATO” trend. ATO is often successfully used for the methodology of “card testing,” which is the most common tactic for fraud we see in the digital space.

3. Bots and Scripts

Another emerging trend is the prevalence of bots and scripts. Because of its success record, a card testing attack can significantly impact a company’s decline rate when combined with bots and scripts.

A higher decline rate may reflect the successful blocking of a wave of card testing and serve as proof of profit protection. Not only is monitoring these trends good for understanding when potential waves of attacks happen, but it’s also essential to have a pulse on the industry to anticipate the needs of your organization instead of new products, seasonal trends in e-commerce, and more.

4. Seller Collusion for Fraud

Seller collusion is not a trend that is expanding dramatically, but its rate does seem to keep pace with the growth of digital goods in marketplaces.

Collusion is a simple term used for various illegal activities, from money laundering to selling illegal items or feedback padding—all of which boost the online profile of the account. One of the methods that can be used to identify seller collusion in marketplaces is by recognizing that the purchaser and the seller are linked and, in fact, the same person. This is a trend that online commerce is particularly susceptible to, and is interesting to monitor to see how it evolves with the advancement of e-commerce. We estimate this particular form of fraud constitutes around 1 to 1.5% of total volume on marketplaces. While it is not by any means a majority of volume, it still makes up a part of the entire picture.

How to Stay Ahead of Fraud

While the online world evolves and consumers spend money on digital goods more often, it is important to recognize that fraudsters will see more opportunity and take advantage of unprotected spaces. Bot deployment, card testing, and ATO are only some of the ways scammers show up in the marketplace. As technology advances, so will fraudsters’ methodologies. To put trust into the online payments process, digital goods vendors should find an automated fraud prevention solution that analyzes consumer behavior to identify who is a legitimate customer without causing friction to the buyer’s journey.


Source link