Buy now, pay later (BNPL) payments have become the latest target for fraudsters. In this article, explore why BNPL is becoming a difficult (and costly) service for merchants to offer.
Offering “buy now, pay later” payment options is the latest trend for eCommerce businesses. On the surface, it seems like a great idea. If a customer doesn’t have the funds to pay for a product in its entirety at the time of purchase, they can split the payment into four separate installments. BNPL payments are appealing to consumers because unlike using a credit card to buy something, they don’t need to pay interest on the purchase.
However, businesses offering BNPL payments are becoming a target for fraudsters due to security weaknesses that are being exploited.
In this article, we’ll explore why BNPL purchases have become a target for organized fraud attacks, and what merchants can do to protect themselves from the risk of fraud when offering this payment option.
How Does Buy Now, Pay Later Fraud Occur?
As you might guess, this type of fraud occurs when someone uses false or stolen information while purchasing a product or service online. BNPL fraud is more difficult to handle than traditional fraud since the merchant must approve or deny the transaction by the time the customer has made their purchase.
In practice, someone might use compromised credit card information in order to make an online purchase through BNPL. Since this type of service is specifically offered for people who may not have the money to purchase the product outright, it’s often much easier to get approved.
What Are the Risks for Merchants Who Offer Buy Now, Pay Later Online?
The primary risk that merchants experience is dealing with fraudulent chargebacks. In this scenario, one of two events typically occur:
- The owner of the card quickly notices that it was used to make an unauthorized online purchase
- The current owner made a purchase on their own and then attempted to claim it was fraudulent
Chargebacks are both expensive and damaging to your reputation. So, it’s essential to avoid them at all costs.
Merchants also run the risk of experiencing “never pay” fraud. In this situation, the fraudulent buyer uses a combination of legitimate and false information to facilitate the transaction.
In the process, they are essentially creating a fake identity that is nearly impossible to trace.
How Can You Prevent This Type of Fraud?
Too many business owners prioritize whether or not the customer can repay the cost of the transaction. The focus in this situation should instead be on whether or not the information provided is legitimate.
Having strong authentication practices in place is the most effective way to prevent BNPL fraud from damaging your business. Customers should be required to complete a 2-factor authentication test to verify their identity and prevent fraudsters from using stolen credit card credentials to complete a purchase.
Vesta supports risk-based assessments to either invoke a biometric/passwordless authentication (fingerprint, face ID) or a 2-factor authentication challenge using SMS/email. We use our machine learning algorithms to provide a risk-based approach to 3-D Secure 2, and Software Composition Analysis (SCA).
First appeared on Vesta’s Blog on eCommerce Fraud.