The subscription services industry has been thriving the past couple of years. After all, it’s a great way to create unique shopping experiences for your customers, build brand loyalty, and gain a steady revenue stream.
However, the subscription business model comes with a variety of fraud threats. Understand those risks so that you can maintain positive revenue growth and build unique customer experiences.
What is Subscription Fraud?
Subscription fraud occurs when a fraudster targets a business that offers subscription services with harmful schemes. Typically, these schemes involve various fraudulent activities — such as account takeovers, unauthorized transactions, promo abuse, and more.
Types of fraud scams.
No matter how subscription fraud happens, it can be devastating to your business. However, knowing the threats that are out there can help you better prepare to fight them.
Fraudsters often use stolen cards to sign up for online subscription services. They’ll create a bunch of accounts, then sell them online at a discount. When customers purchase the subscription accounts, the sellers pocket the cash.
How this impacts you: bad debt, fees, damaged reputation.
Fraudsters can sign up for services and never pay, leaving outstanding balances that you might not recover. Meanwhile, the original cardholders will most likely dispute the fraudulent transactions made with their debit and credit cards.
Fraud also makes you look bad. Customers may not want to continue doing business with you if they know you’re having problems with unauthorized payments.
Account takeover (ATO) fraud
During an ATO fraud attack, a fraudster hacks into customer accounts by brute force or by testing stolen login credentials. Once valid credentials are found, the fraudster can collect subscription boxes and resell the merchandise, steal stored value and payment methods, or sell the account credentials online.
How this impacts you: administrative nightmare.
Recovering from an ATO attack is a huge hassle, taking time and resources away from normal business operations. Plus, it can take a few weeks or longer for your fraud teams to resolve lingering issues and repair security systems.
Friendly fraud happens when customers use the dispute process incorrectly. For example, they might sign up for a free subscription trial and forget about it. When they finally notice the bill on their bank statement, they dispute the charges, claiming they never signed up for the service.
How this impacts you: revenue loss, fees, damaged reputation.
When customers dispute transactions, you end up with chargebacks. And each chargeback comes with a fee. Your processor may also issue fines and penalties — such as enrollment in a monitoring program — if your chargeback rate gets out of control.
Fraudsters and opportunistic customers can commit promo abuse. The goal is to claim as many promotions as possible — such as free trials or first box free offers — and either resell merchandise or continually use services for free. They accomplish this goal by creating multiple fake accounts to claim promotions.
How this impacts you: wasted marketing spend, revenue loss.
Promotions are meant to bring in new customers and reward loyal ones. You may take a financial loss in the long run by offering discounted or free items, but it pays off in the long run. However, when people take advantage of your generosity, you wind up giving these promotions to people who won’t boost your bottom line. In the end, you don’t get a return on your investment.
It’s common practice for users to share their passwords to streaming or subscription services with friends and family. If you don’t allow account sharing of any kind, you could be losing money. And if you do allow this practice, customers may abuse these policies by selling their account credentials online.
How this impacts you: revenue loss.
The more monthly subscription sign-ups you get, the more money you earn. When customers share passwords en masse, you miss out on new streams of revenue. Over time, this loss can add up.
9 Ways to Reduce Subscription Fraud Risk
Fraud can be scary, confusing, and unfair. You work hard to make your business profitable, and sometimes people take advantage of that. Fortunately, there are ways to minimize risks and tools you can implement to help manage fraud.
1. Disclose the terms of service and cost of subscriptions.
Minimize the chances of a customer filing a dispute for a subscription by being transparent about the terms of service, billing cadence, and subscription cost. That includes:
- Providing easy options for canceling subscriptions or turning off auto-renewal at the end of a free trial.
- Sending confirmation emails to customers before each billing statement.
Also pay attention to policy changes from card brands. For example, Visa and Mastercard now require merchants to gain cardholder approval at the end of a free trial before they start billing for the subscription.
2. Avoid deceptive marketing tactics.
While online subscription services are a great way to boost revenue and customer relationships, converting and retaining customers can be difficult. Some companies have resorted to deceptive tactics to increase conversions — such as automatically enrolling customers after they make a purchase or making it difficult for them to cancel services.
Customers will likely dispute those charges, claiming they never signed up for a monthly subscription plan. And some banks have made that process easy for customers. All they have to do is click a button in their mobile banking app and the unwanted recurring charges will stop.
The best thing you can do is to be transparent and honest with your customers. Make it obvious that they are signing up for a monthly subscription. Short term wins — like tricking someone into signing up — only causes long-term trouble.
3. Set controls around new account creation.
Offering free trials or sign-up bonuses is a great way to attract new customers. But without the right controls in place, you could waste a lot of money on these marketing efforts. To offset the potential risks, put limits on the number of accounts that can be made from a certain device or IP address.
For example, if a user creates an account with you and attempts to create another account from the same IP address just minutes later, you can set up web controls to block that attempt as well as future attempts.
4. Implement identity verification protocols.
Knowing who you’re doing business with can help mitigate the potential for fraud. And you do that by confirming your customer identities when they interact with your brand. Some ways you can verify customers include:
- Knowledge-base authentication: prompt users to answer security questions tailored to each individual.
- Two-factor authentication: require users to submit a token as a form of identification in addition to entering a password. A token is typically a code sent via text to the user’s mobile phone.
- Biometric verification: use facial recognition, voice recognition, iris and retina scanning, and fingerprinting tools to authenticate users.
5. Encourage strong passwords.
Account takeover attacks happen all the time. Part of the problem may be that businesses don’t have strong account security protocols in place. But the larger issue is that customers typically set up weak, easy-to-guess passwords used on all their online accounts — making them vulnerable to ATO fraud.
Plus, when customers share passwords with multiple people, their credentials are more likely to fall into the wrong hands. Thus, leading to a higher possibility of an ATO attack.
You can help stop these attacks by encouraging customers to create strong passwords when they sign up for your services. Strong passwords are usually 8-14 characters and include a combination of letters, numbers, and special characters.
6. Limit account sharing capabilities.
Allowing customers to share accounts typically means you miss out on revenue. However, in some cases, it may be beneficial to allow customers to let other household members share one account. Depending on the subscription you provide, you can set up policies to limit account sharing.
For example, if you offer streaming services and want to allow account sharing within one household, you can limit the amount of devices that can login from a single IP address.
However, if you offer a subscription that includes expensive items — like a monthly box of merchandise or online learning courses — you may not want to allow any account sharing. In that case, you can create rules to block login attempts that do not follow your policies.
7. Get tools to help manage chargebacks.
Chargebacks are an inevitable part of doing business. But they don’t have to be a detriment. Prevention is key to minimizing the impact chargebacks can make, and fortunately there are a variety of tools out there that can help you.
The top chargeback management tools we recommend include:
Disputes often become chargebacks because banks don’t have all the information they need to clarify charges on a cardholder’s bank statement. Order validation helps clear up that confusion by providing banks with additional details about the transaction that they can use to resolve disputes for you — all without the need for issuing a refund.
Chargeback prevention alerts give you advance notice of transaction disputes so that you have extra time to decide what to do. For example, you can resolve a dispute right away and avoid a chargeback by issuing a refund.
Rapid dispute resolution (RDR)
RDR allows you to automatically refund disputes so that chargebacks don’t happen. You set limits around the disputes you are willing to refund — such as cases with certain reason codes or transactions under a certain dollar amount. Then the bank automatically refunds any dispute that meets your criteria.
8. Focus on the customer experience.
A less obvious way to reduce fraud is by learning about your customers and creating positive experiences. Building trust and loyalty can encourage them to reach out to you directly whenever there is an issue instead of going to their banks.
Improve their experience with your brand by personalizing offers and product recommendations. Customers are less likely to take advantage of brands that get to know them and learn their likes, dislikes, and product preferences.
9. Invest in fraud prevention technology.
As a subscription business, you have the unique challenge of staying fresh and relevant. Each month, you need to provide new value to your customers. That doesn't leave you with extra time to research fraud trends and build a strategy to respond to evolving threats.
Save yourself the stress and hassle by letting technology do all the hard work. Machine learning systems can identify and respond to new threats quickly and efficiently — with little to no intervention needed.
Want Help Fighting Subscription Fraud in real time?
At the end of the day, fighting fraud is a difficult, sometimes losing battle. And you have better things to do with your time — like finding ways to attract new customers! There are experts who can take on fraud management for you, like Kount. We’ve been in the industry for decades. We know what works, we know how to get the best results possible, and we’re happy to share fraud knowledge with you.
If you want help reducing fraud, reach out to us! We can come up with a strategy that’s right for you.