Murphy's law states that "Anything that can go wrong, will go wrong". A toasted bread will land buttered-side-down, a dropped coin will find the most unreachable spot under the table, and the technology will fail right in the middle of the final demo. If you are in the e-commerce or FinTech space, expect something of this sort, especially with respect to fraud and abuse. Any loophole you have in your systems, will be found and will be abused.
Day in day out we (Google's Risk team) deal with sophisticated fraudsters who try to defraud Google Payments either by circumventing anti-fraud system, or by finding bugs in our system, or by simply abusing our policies. Committing fraud has become much easier due to digital presence and the easiest targets are startups that are focussed on growth and haven't thought about tackling fraud. Below I highlight some key issued associated with fraud mitigation and why Startups should care about them:
1. Cost of Payment Fraud
In cases of stolen credit card fraud, most payment processors hold the merchants liable for the online payments. To make things worse, an additional chargeback processing fee which could be as hefty as $20 is also charged to the merchant. This fee could often be more than the price of the item itself.
2. Bank Declines
As the loss rate for merchant increase, the bank's risk evaluation systems deem the merchant more fraud prone and thus increase fraud probabilities for of all incoming transactions, declining more transactions. This is one of the biggest revenue loss for Google Play and other major e-commerce businesses. As a company grows, keeping the bank decline rate in check is a major challenge, especially because it depends on banks' (often ancient) systems.
3. Security & Legal
Fraud can have catastrophic implications on companies especially startups. One of the e-commerce startups "Flooz" was hit by Russian fraudsters who used stolen instruments for money laundering for mafias. The start up was finally shutdown, money laundering being one of the major reasons for the fall.
4. Trust & Customer Experience
You can charge a dollar extra, and people will not care much. But if you break users trust, the glass cannot be mended. Fraud happening due to misuse of customer accounts (for instance in case of account hijacking) can cause significant issues especially for startups that are trying to build user base.
What can Startups do?
Be proactive! Don't wait for fraudsters to abuse your systems. Think about potential fraud vectors and fraud prevention at every stage of your startup operations.
If you have a mid-sized startup, 3rd party solutions should save you the hassle of building the tools. There are hundreds of fraud mitigation startups that have built exceptional systems and that provide customized solutions depending on your needs. Some industry experts are:
- ThreatMetrix, Riskified, Sift Science: For stolen card fraud, hijacking, content abuse
- Cardinal Commerce, Accurint: For user authentication, identity verification.
- Look here for more startups in the fraud prevention.
Good luck with keeping the bad guys away!