The Supply Side: Retail fraud up 7.3% from last year as online commerce grows

With the COVID-19 global pandemic, more retail sales are occurring online as consumers stay in their homes. A recent report by legal software firm LexisNexis Risk Solutions found that the average monthly fraud attack volumes were significantly higher for specific retail segments that responded to the survey.

The survey found midsized to large general merchandise retailers selling physical and digital goods had, on average, 70% more fraud attempts per month than those surveyed before many states shut down in March.

Businesses that continued operations during the pandemic — which had higher mobile purchase transactions with in-store pickup — experienced more fraud volume and coinciding higher fraud costs. Those retailers had to rely on store employees for identity authentication rather than solutions designed to detect mobile fraud, the report states.

“Retailers and e-commerce merchants should be prepared for increased fraud attacks and costs for the foreseeable future,” said Kimberly Sutherland, vice president of fraud and identity management strategy at LexisNexis Risk Solutions.

Sutherland said it is unclear how the pandemic will shape the purchasing landscape over the next few years, although “we do know that fraudsters will continue to shift tactics quickly in response.” She said the most effective way for businesses to fight fraud and protect their consumers is by performing a more complete assessment and combining physical and digital identity data.

The LexisNexis report found increased fraud volumes translated into a 7.3% increase in the cost of fraud year-over-year for U.S. e-commerce and retail merchants. That comes on top of added costs of operating amid the pandemic concerning increased safety protocols and reduced hours for many brick-and-mortar stores.

The LexisNexis Fraud Multiplier — the total amount of costs related to fees, interest, merchandise replacement and redistribution per dollar of fraud for which the merchant is held liable — showed that fraud now costs companies $3.36 for every dollar lost to fraud, compared to $3.13 in 2019 and $2.40 in 2016. That is an increase of 96 cents over five years. The report also points out that U.S. costs are significantly higher than the $2.87 lost for every $1 among Canadian retailers.

The True Cost of Fraud Study is a comprehensive survey that compares fraud rates, impacts and challenges related to fraud detection and prevention year-over-year and during COVID-19. Sutherland said the average volume of monthly fraud attacks rose 9% for U.S. retailers year-over-year. The average number of successful monthly fraud attempts increased by 45% for midsized to large retailers and 27% for smaller retailers.

Attack volumes were already trending upward before the pandemic as mobile and online channels have higher fraud rates. Some of the growth follows increased transaction volume with the temporary closing of brick-and-mortar retailers during the pandemic, Sutherland noted. The study also looked at the average number of successful fraud attacks against the number of unsuccessful breaches because of defenses already in place by retailers. Across all U.S. retail, more than 788 fraud attempts are defended on average per month, but there are 727 successful fraud attempts in a typical month. This success rate is up 28% from a year ago.

E-commerce-only retailers had an average number of prevented attacks of 118 per month, while 226 attacks were successful. Overall, online attacks are up 24% from a year ago. Those retailers having the most cases tend to be midsized to large with brick-and-mortar and digital services. On average, this cohort experiences 3,593 fraud attempts in a typical month, up 23% from a year ago. The group said it prevented 1,910 attempts on average, which is more than half, but 1,653 attempts are typically successful at some level of breach.

Small retailers with a digital business said they experienced 2,450 fraud attempts in a typical month. They have success at fending off the majority of hacks, but 916 hacks manage to break through security. The number of successful hacks in a typical month increased 27% this year, compared to 2019.

While fraud is higher at stores also offering digital sales, brick-and-mortar-only retailers also saw an increase in year-over-year fraud activity. The typical month among midsized to large retailers in this cohort said they experienced 1,900 attempts, and over half (1,000) were prevented, while 930 of the fraud attacks were successful. According to the report, this cohort saw a 43% yearly increase in successful fraud attacks on their business.

Sutherland said online transaction volume has increased for retailers, along with being a source of fraud costs. While some of this relates to COVID-19 shutdowns, there was an upward trend before that. She said mobile transactions with e-commerce merchants have also increased amid shutdowns, and mobile browsers account for a larger share of fraud in this shopping channel compared to a year ago. The report also found increased international transactions completed through mobile devices have also seen a significant increase in all fraud cases relative to 2019.

She said identity related fraud remains a sizable part of overall fraud losses. That involves taking over someone’s account or creating a fraudulent account in their name. Among U.S. retailers, identity related thefts account for almost one-third of fraud cases. For online retailers, that number is 40%.

The report states that retailers continue to struggle to keep pace with fraudsters who are becoming more sophisticated. Retailers find it difficult to distinguish legitimate customers from malicious bots while balancing fraud prevention with risk-appropriate customer friction. That becomes even more complicated when purchases involve third-party, non-bank payment providers where transaction speed and volume are high and transparency into complex payment chains and end-customer profiles is low, the report states.

Midsized to large retailers selling digital goods find it more challenging to detect and prevent fraud with these payment types. The report found that 58% of retailers selling digital products said differentiating synthetic identities is a top verification challenge.

“A multilayered strategy can protect retailers and e-commerce merchants throughout each buyer experience,” Sutherland said. “Every transaction channel and type carries unique risks. Using different solutions to support fraud detection at various points in the consumer journey will strengthen overall defense.”

EDITOR’S NOTE: The Supply Side section of Talk Business & Politics focuses on the companies, organizations, issues and individuals engaged in providing products and services to retailers. The Supply Side is managed by Talk Business & Politics and sponsored by Propak Logistics.