March 31, 2020
Recently, Kount has tracked new and rapidly evolving fraud variables related to social distancing measures and changing shopping patterns caused by the Coronavirus pandemic. One striking development is the jump in customer demand for “Buy Online Pick Up in Store” (BOPIS). As businesses deploy or increase BOPIS options, they must adopt specific fraud prevention measures.
Purchase behaviors and fraud patterns in the BOPIS channel
Consumers appreciate the convenience of fast browsing and easy access to products through online shopping. As the Coronavirus pandemic affects lifestyles, and with many residents instructed to “stay safe at home,” digital access to consumer products, such as soaps, cleaning supplies, and paper products, becomes essential.
The BOPIS buying trend within non-U.S. geographies is referred to as “Click and Collect,” and in the restaurant industry as “Mobile Order Ahead.” The concept covers the combination of physical and digital experiences that engage consumers with easy ways to connect with brands. BOPIS shopping benefits retailers because it drives online traffic to brick-and-mortar locations, where there’s a high chance the consumer will purchase other goods as well.
Bad actors have followed the popularity of the BOPIS shopping trend and are taking advantage of its structure: they use stolen credit cards or stolen account credentials, place an order online, pick up the goods at a store, and then either keep the items or resell them for a profit. Since BOPIS pickups often require minimal proof of purchase, it is easy for fraudsters to get in and out without detection.
Businesses, regardless of industry, are seeing the impacts of this fraudulent behavior and require strategies to protect themselves from this type of fraud.
Two reasons why the BOPIS model is attractive to those who commit fraud
First, BOPIS fraud bypasses a standard method of basic fraud detection solutions. Fraudsters in the BOPIS shopping structure avoid the comparison of the billing and shipping addresses. Fraud detection programs without sophisticated artificial intelligence and identifiers rely on delivery address information in combination with other data points (such as a computer’s IP address) to detect the probability of fraud. Lacking the ability to compare the billing and shipping addresses of an order can impact the ability of fraud prevention programs to determine transaction risk.
Second, the speed required for BOPIS limits the time available to detect fraud. Excellent customer service is essential in BOPIS, which typically requires a fast turnaround time for approvals. The industry refers to this as the 180-minute purchase-to-pick-up fulfillment window. This means that there is less time available for fraud analysts to perform manual reviews to catch fraud based on suspect purchase details.
Part of the reason why consumers love the BOPIS buying approach is that it is fast – it reduces the time they must spend on acquiring goods. When consumers are instructed to stay six feet away from others and limit their exposure time to other people, increasing customer friction at pick-up isn’t the answer. Being asked for additional verification information while sitting in their vehicles in a drive-up window can reduce customer satisfaction. If a customer experiences additional friction, they are going to remember that delay the next time they shop online. Instead, they may simply choose to drive down the street to the competitor grocery store where there is easier parking and a faster pick-up process.
This seems like an impossible problem to fix, so what’s the solution? Upgrading digital fraud prevention technologies networked data and real-time decisions can help confirm the legitimacy of a customer — and their order.
3 concepts form the basis for a successful BOPIS fraud control strategy
- The data is different and the difference is data.
Experienced fraud analysts know that predicting risk is about the quality of data available for analysis, yet not all data is equal. That’s where Kount holds an impressive advantage. Kount’s Identity Trust Global Network has a deep and comprehensive breadth of data that is based upon signals from 17 billion devices and 32 billion annual interactions across more than 75 industries, and 50+ payment processors and card networks, all combined with decisions from thousands of fraud analysts. Kount’s AI links billions of fraud and trust-related data signals using supervised and unsupervised machine learning to deliver accurate identity trust decisions in milliseconds.
One example of a data element essential to weighing BOPIS risk is location and geography. Kount’s models and decisions factor in many different locations for a fine-tuned approach. For example, location analysis extends beyond where the order was placed to:
- Location of the device that was used to place the order
- Device location proxy
- High-risk geography (acquired through unsupervised learning)
- Payment geography
- Billing location
- Shipping location
- Billing phone location
- Shipping phone location
- Fulfillment location
- Cell tower location
- IP location
- Mobile device latitude-longitude
With advanced AI, Kount analyzes these specific location and geography indicators to give a prediction of risk or trust for a single purchase or event within milliseconds.
Consider a fraud scenario: a four-person fraud team sits in a cargo van parked outside a store. They have two hundred credit cards, 10 devices, and an unlimited ability to acquire more of each. Based on this situation, distance, location, and geography indicators now have a completely different meaning. When multiple data elements are weighed, Kount’s risk score can return a more accurate view of the trust level of a single transaction.
- Avoid a rapidly closing fulfillment window.
Due to the 180 minute – from order to delivery – window, BOPIS orders need rapid approve/decline decisions. As a result, a laborious manual review approach won’t be able to catch potential fraud within this limited timeframe. In order to make smart BOPIS decisions, a rapid conversion is essential. Additional friction at the pick-up window isn’t the answer, since friction carries a lot more brand damage than one might expect. An automated, AI-driven fraud prevention solution that can return fast and accurate fraud decisions is the only way to scale BOPIS operations.
- Connect fraud prevention teams with customer-facing teams.
Although they perform distinct functions, an invitation to fraud analysts to meet the customer-oriented, front-line professional is an important step. Mistakes can occur when the corporate fraud prevention team is either putting too much pressure on the in-store teams to weigh fraud or enacting policies that put in-store personnel in difficult positions when standing in front of the customer.
The best way to resolve this point of internal tension is to block the fraud before it is ever placed in front of a customer service team member. Employees who are focused on customer service are typically not trained to respond to tactics used by seasoned criminals. By preventing fraud at the digital point of sale, not when the package is delivered or the order is picked up, customer service teams can focus on what they do best – giving customers a positive brand experience. The strategic and detailed fraud prevention approach can stay “behind the brand curtain.” A strong partnership with corporate fraud prevention and customer service will make both sides stronger.