Have You Heard of “Friendly Fraud”?

Published by Yana on

Friendly fraud is real and it's actually super common. So - let's talk about it!

In payments and e-commerce industry, "friendly fraud" is a scenario where someone from the “friends and family” circle of the "victim" gains access to their device, passwords or email account, and can initiate transactions or access financial services appearing as a true owner. The most typical known case is where teenagers would use parents’ phone and/or credit card and purchase a computer game or similar. It's extremely difficult to differentiate scenarios when the victim is really the victim and where the victim and the fraudster colluded in order to "game the system".

 
Why is friendly fraud so harmful to small businesses? 
 
All businesses are monitored for their fraud rates, dispute rates and chargeback rates by their payment providers. If performance deteriorates, payments provider can and probably will do the following:


  • require risk reserves (fixed or rolling);
  • hold reserves longer (some revenues won't be accessible to a small business for up to 3-6 months);
  • charge higher processing fees; or even
  • refuse to continue the relationship.
When your business is small, even one large chargeback can substantially impact performance metrics, so SMEs have a higher risk to be impacted, just because they don't have huge numbers that would be balanced out by larger volumes.
 
Also, SMEs are not super important for payments processing companies (unlike airlines or large retailers), so the decision to decline them is easier. SMEs just don't have the same bargaining powe
r.
 
What steps can SMEs take to prevent friendly fraud? 

  • really read carefully your contracts with payments providers and understand what happens in cases of fraud claims and disputes.
  • some payment providers offer "seller protection" for SMEs (e.g. PayPal) - so there is a way to pay to your payments partner for handling this risk
  • insist on strong authentication to be enacted by your customers (but it may impact your conversions) combined with instant notification to the owner, so that they are immediately notified when a transaction happens
  • it could be pricy, but there are fraud management tools that are able to detect unusual behavior of customers (e.g. how they move their mouse or type - and block the transaction before it happens, if there is a high indication of risk) - Kount, Simility, Sift.

If you are looking to enhance your risk and fraud management policy framework, consider using my Risk Management Bundle that includes Risk Management Policy, sample documentation of the company's risk appetite and risk acceptance decisions, SWOT analysis and Enterprise Risk Assessment template.

>