Ways to Fight Online Payment Fraud

Sumsub Team

All-star

Anti-fraud is important. Above all, it is important for AML, as fraudsters go out of their way to launder money, and businesses need to protect not only their finances but the reputation of the platform.

Here are some of the steps to prevent different types of payment fraud, make sure your business is running well and let your clients avoid malicious scams.

Cases of online payment fraud and what you can do about them

Fraud differs by its focus—it can be targeting a customer or company. However, in both of these cases, the company takes the hit. If you are a company and your user gets robbed, it is not only your reputation that gets damaged—you will also have to take responsibility and pay for the inflicted losses.

Here are the most typical fraud cases and how to avoid them.

1. Impersonation of trusted services

A user receives a call from an imposter who introduces himself as an internet provider and informs the user of a refund. To receive it, the user has to give over his card details, which he does. Later that evening the user realizes that money was stolen from his account.

What can a company do to prevent fraud:

Urge clients not to disclose their account details over the phone unless the contact is confirmed as legitimate.
Warn customers not to share sensitive information via social media.
Provide clients with guidance to the most common fraud cases.

2. Stolen card details

A user orders a bunch of Christmas decorations off of AliExpress and a week later receives a notification of a big purchase allegedly made by her in China. She, of course, knows nothing about it.

What can a company do to prevent fraud:

Validate that the purchaser is the cardholder via card security codes, address verification service (AVS) or other anti-fraud systems.
Make sure IP location matches credit card address, track unusual purchase geolocations.
Verify the payment method. Ask users to add a payment card to their user accounts, submit personal data and a selfie of them with the card itself. Services like Sumsub can automatically scan the photo for traces of editors, put the data through existing fraud databases and verify the identity.
Contact cardholders directly to authenticate an order or transaction.

3. Unprotected bank transfers

A user wants to buy an iPhone 8 for £400 through an online marketplace. The seller asks for a bank transfer instead of the website’s payment channel. The seller ensures Paul it would be quicker and there won’t be any fees to pay. The user paid, the phone hasn’t arrived.

What can a company do to prevent fraud:

Use an anti-fraud system to track payment card numbers, IP addresses and email addresses associated with fraudulent transactions.
Encourage customers to make payments only through trusted services.
Flag orders with quantities or transaction values beyond the norm.

4. Chargeback fraud

A user calls his credit card company to request a chargeback on a TV he says he never ordered. The merchant apologizes without suspecting a scam and transfers the money back. The fraudster gets both, the purchase and the money.

What can a company do to prevent fraud:

Analyze each charge for fraudulent patterns and suspicious payment history.
Demand users to confirm their payment method by a selfie with a relevant document as a part of general onboarding or activate a letter per transaction mailout, confirming each transfer with your electronic signature. Sumsub team will be happy to show and explain the flow.
Screen data against leaked to the Dark market documents, compromised email addresses, phone numbers and the internal databases of blocklisted users.
Document transactions with copies of emailed receipts, that can help prove customers’ authorized charges.

To safeguard your company, its budget and reputation, it is better to have multiple security layers by using sophisticated automated tools. Sumsub fights real cases of payment fraud for years, in fintech, gaming, trading and e-commerce.