Policy abuse: how to stop fraudsters and dishonest customers from ruining your eCommerce experience

Member News
Aug 25, 2022

As eCommerce merchants continue to strive to offer their customers the best possible online experiences, it is essential to take a moment to realise just how important it is to get it right. It sounds relatively easy to keep customers happy, but numerous challenges and threats in the online domain can throw a spanner in the works and be detrimental to a company’s revenue growth.

What needs to be considered? Fraud? Naturally, to ensure a secure online shopping environment, safe from account takeovers (ATO). Frictionless shopping experiences? Definitely, to avoid checkout abandonment. Dishonest customers and unauthorised resellers taking advantage of your customer-friendly policies? These bad actors can be as equally damaging to online sellers as any successful fraud attack - and they often get away with it. It is essential to understand how various policy abuses can easily harm eCommerce merchants, why it happens and how to put a stop to it.

The customer’s [not] always right

It is natural for any business to try and keep as many customers happy as possible. Unfortunately, there are many dishonest customers (and fraudsters) that are more than willing to take advantage of an online store’s policies for their own financial gain. The abuses are many: promo abuse involving sign-up discounts and various offers, refund abuse and return abuse, and returning once-worn goods or less valuable items than those that were originally purchased. The list goes on. Such dishonest customers show they can be crafty, trying in multiple ways to make personal financial gains, all at the expense of merchants.

Without the face-to-face interaction of the brick-and-mortar shopping experience, it is easy for customers to feel they can hide behind a semi-anonymous barrier. It may feel victimless, but the damage is financial and many of these dishonest customers deem their actions to be harmless, and definitely not in the same league as that of a typical fraudster. But we know the financial losses built up by dishonest customers can be just as damaging as any fraud attempts.

Unauthorised resellers are impacting your revenue growth - and your reputation

Dealing with dishonest customers is tough in itself, but now picture small to medium-sized merchants that use bots, purchased on darknet markets, that can be tuned to make instant mass purchases of high-value goods. It seems like no rules have been broken as sales have been made, shouldn’t a merchant be happy they are making money? No, because they are losing out.

Bots are used by unscrupulous merchants, even criminal gangs and individuals, to seek out and immediately purchase goods (smartphones, for example) in eCommerce and fashion brand stores as soon as they go on general sale. By purchasing sought-after products, often at discounted prices, they are later resold at heavily marked-up prices for profit. These unauthorised sellers are making a profit at the expense of the original seller. Not only has the merchant lost out, but worse, genuine customers often have no chance of making the same purchases against automated bots.

The fallout from reseller fraud, and policy abuses in general, is that customers will immediately respond to negative experiences in various ways. They will shop elsewhere, and they will leave negative online reviews about their experiences. These negative reviews will be seen by thousands, if not millions, of potential customers who will come to the conclusion that a company with weak or ineffective internal policy controls and inadequate security measures is not worth dealing with.

Fraudsters and merchants are taking advantage of weak points

The professionalization of fraud is something that has been evident on the dark web for years. The tools and knowledge to prepare for, and conduct, fraud are readily available to access and purchase on darknet markets - all at very reasonable prices for determined criminals, or unscrupulous merchants, with financial means.

During COVID-19 pandemic lockdowns, when many people found themselves out of work, some of them with mid-level tech skills turned to fraud, being able to purchase malware online to perform fraud attempts and automated purchases for resale. The aim was to make some quick money. And it’s now easier than ever. No longer do fraudsters need to write their own programs to perform attacks - why waste precious time if the darknet is awash with such tools, promoted by sleek marketing that resembles legitimate product marketing campaigns?

The move to eCommerce by retailers was hastened by pandemic lockdowns, which has also led unscrupulous merchants to take advantage of larger eCommerce stores that have ineffective anti-fraud systems in place. The desire to ensure revenue growth and reduce checkout friction was borne of the belief that fraud systems would frustrate online customers and impact sales. The solutions to ensure safe, secure and frictionless experiences have been around for some time now.

Knowing Your Users (KYU) is key to weeding out bad actors

Legislation can be slow to keep pace with emerging types of cybercrime that affect eCommerce merchants and financial institutions. This is why the key to staying ahead of cybercriminals, unauthorised resellers and dishonest customers is to truly understand every single user behind payments and transactions. By effectively weeding out bots and automated mass transactions and bad actors, you can ensure that only genuine customers are purchasing your goods and services.

Fraud concerns are always at the forefront of securing the customer experience, but so too is the need to find equilibrium by providing frictionless online shopping experiences. Should an eCommerce merchant opt to focus on security, at the risk of losing custom through ineffective measures such as using frustrating CAPTCHAs? Or should they accept that a certain percentage of their custom will inevitably be fraudulent? The answer is to ensure both.

It is possible to wipe out fraudsters and dishonest actors using advanced fraud solutions such as Nethone’s, which can efficiently determine every user’s device setup, location, movements, operating system etc. by analysing their unique digital fingerprints. Power by machine learning models, Nethone’s anti-fraud solution can automatically analyse devices and user behaviours passively and in real-time, determining if the user is a genuine customer, or a fraudster making efforts to hide their tracks.

Dishonest customers who try to abuse eCommerce merchants' policies, for example, can be detected by their attempts to sign-up for promo abuse by using multiple email accounts and fake details. Bots can be stopped outright from completing transactions. It’s a win-win for eCommerce merchants who can ensure positive customer experiences and prevent policy abuses and serious fraud from impacting growth. Let the customer experience drive your attempts to improve your services, but don’t forget that there are experts in fraud management, like Nethone, that are always more than willing to help you steer your way to success.

Blue-tinted background of a man watching a webinar

Host a Webinar with the MRC

Help the MRC community stay current on relevant fraud, payments, and law enforcement topics.
Submit a Request

Publish Your Document with the MRC

Feature your case studies, surveys, and whitepapers in the MRC Resource Center.
Submit Your Document

Related Resources

Cookies help us improve your website experience.
By using our website, you agree to our use of cookies.