May 2010 – Cover Story: Fighting the Good Fight

Merchants’ Battle Against Friendly Fraud Will Be A Protracted One–Across Two Fronts

By Bob Botelle

The 2009 LexisNexis True Cost of Fraud study contains a wealth of merchant-reported experience in the war against fraud in commerce. A common cause for concern among those experiences? Friendly fraud accounts for more than one-third of the total fraud for online-accepting merchants–or, according to the study, .4 percent of total annual revenue. More than one in five merchants are experiencing increases in friendly fraud. It’s the greatest source of fraud for online-only merchants, representing over one-third of their total fraud losses–and about 24 percent of total fraud losses for the largest e-commerce merchants.

Of all threats to merchants, friendly fraud is perhaps the most insidious. It’s not a function of global competition, margin pressure, customer satisfaction or criminal activity. It’s an ongoing source of fraud loss for merchants in card-not-present/customer-not-present industries, particularly those in e-commerce and direct response. Unlike other forms of fraud, friendly fraud is very difficult to detect at the front-end of a transaction and–as a result–hard to stop before it happens.

Increasingly, many merchants and providers alike view tacit acceptance of friendly fraud as tantamount to decriminalizing theft. There is even growing clamor to create global databases of bad customers.

While there is certainly room for improvement in the prevention and recovery processes that support merchants–particularly within the systems designed to resolve transactional conflict (e.g., the charge-back process)–the potential brand-damaging implications of returning friendly fraud’s volley with a “friendly fire” approach is questionable. More about that shortly.

Getting Around Friendly Fraud
While the term “friendly fraud” means different things to different merchants, its broadest, and perhaps best, definition is this: any transaction, contested by a customer, where the merchant suspects that the customer or a personal associate (child, spouse) legitimately authorized the transaction in question.

Stepping back even further, many merchants will tell you that there’s little distinction between friendly fraud defined as a cardholder who knows they’re responsible for a purchase while refusing to pay for it, and other forms of fraud, particularly return fraud. Ultimately, the merchant faces not only the lost revenue, but also the costs associated with recovery.

Despite the value of many fraud-prevention and screening tools available across the payments industry, there is no magic bullet for tackling friendly fraud. Certainly, the basic, ubiquitous and proprietary solutions for matching card and cardholder, verifying address, etc., still apply. The biggest decision for most merchants is choosing the “front” on which they will battle friendly fraud and the amount and type of investment they will devote to the fight.

War on Friendly Fraud: Two Fronts
The two clear fronts on which friendly fraud can be fought are prevention and recovery. On the prevention battle line–and despite the plethora of fraud-detection and screening tools available today–the reality is that friendly fraud remains largely a challenge of managing the problem versus eliminating it. Prevention methods–such as advanced order scoring and manual order review, as well as high-hold handling–are still a function of the type and ticket value of the good or service that a merchant sells. After all, advanced scoring can kill good orders, and high-hold handling can get quite expensive. Recovery, driven in part through the established charge-back/re-presentment process, is also a balancing act of investment versus return.

Mitigating friendly fraud on either front becomes a function of the people, processes and tools in which merchants invest.

On the prevention front, the people element is comprised of your call center and customer-service staff. Process here is predicated upon the merchant’s risk model, driven by, among other things, choices in customer service training and improvements, velocity-checking management and high-ticket/high-touch policies and procedures. Tools on the prevention front include IP geo-location, device fingerprinting and negative customer lists.

On the recovery front, people investments include those made in legal teams, collection agencies, delivery providers and attorneys general. Process is largely driven by policy or the dollar value of the goods and services sold. Tools include regulations and reporting (the collection of data/proof points used in the chargeback and/or legal process).

Remedies for Success–Education and Persistence
One of the best defenses that any merchant, retailer or service provider can leverage to combat friendly fraud is systemic supplier education. It sounds simple, maybe even trite to some, but think about it in the context of these next questions: Have you ever ordered something from a catalog or a website? Was there ever a time when a call center representative “forgot” to ask you for a card identification number? Was there ever a time when your web purchase did not include a specific box at checkout to include that same card identification number? If you’re a frequent customer-not-present consumer in the card-not-present world, chances are you answered “yes” to one or both of those questions.

This is a first-gate failure of one of the simplest fixes–identify and screen data that indicates a card is in the hands of its rightful owner. Identify and screen matches for address. Collect all that is yours to collect to give you the comfort that the somebody buying is the somebody who’ll be getting.

Pushing education through an entire retail provider chain is critical. What’s more, it’s one of those not-so-conventional areas in which the suppliers themselves can take arms on the merchant’s behalf. Payments partners in their role as the ultimate transaction processor can play a major role in working with a merchant’s chain-of-order management, fulfillment, web sales and marketing and call center providers.

Truly, this remedy supports the prevention side of the battle best, but indoctrinated best-practice behavior comes with the side benefit of extraordinary documentation that can be used, when the time is right, on the recovery front.

Survey most merchants and they’ll tell you that this approach is still not allowing them to prevail in the fight. Yet calls for more controversial approaches are not only likely to be ineffective–they’re likely to be downright damaging to your bottom line.

Negative Lists and the Bad Customer
For years, merchants have used their own, so-called “negative customer” lists to screen orders from customers whose negative order, refund and/or chargeback histories raise flags. This is a sensible and worthy mechanism allowing a brand to weigh its experience with an individual consumer against that same consumer’s lifetime value to the brand. For most merchants, this approach to both customer relationship and brand management has been an asset and not a liability.

Increasingly, however, merchants’ frustration and the lack of a true industry agenda against friendly fraud has helped promulgate a new form of the negative list: the global bad customer list or database.

However, a global database as a new truth-seeking shield shared broadly across, between and among merchants, stands to do more damage to brands and their relationships with consumers than it thwarts friendly fraud.

In fact, these global lists could potentially create a friendly firestorm on the field of commerce. Potential ramifications include consumer alienation, customer loss and–ultimately–damaged reputation. Merchants and consumers routinely have justifiable disputes; most resolve themselves adequately, and the consumers certainly don’t want to be labeled as “bad” because of a negative experience with one transaction or one merchant. Consumers appearing on such lists may have had only one dispute with one merchant. Yet the potential exists for such lists to brand those consumers as bad across a global band of merchants. This ultimately is in no one’s interest–particularly not the merchants’. The rapid evolution of Internet-driven, word-of-mouth consumerism can create brand damage in a fraction of the time required just a few years ago.

Driving a Friendly Fraud Agenda for Merchants
Let it be said in the event that it is not obvious: there is no commerce without merchants with goods and services to sell. And there is no commerce without all of us as consumers to buy these goods and services. But, unfortunately, friendly fraud liability drops squarely in the laps of merchants.

Solutions are not likely to be found in promoting antagonism in commerce: seller battling buyer. This is the principal reason that bad-customer approaches will ultimately be ineffective.

The solution is much more likely to be found in a systemic education process benefiting all fronts on which merchants fight friendly fraud. Solutions should also be found in a stakeholder-inclusive, industry-wide agenda. It will take payment processor, order and fulfillment management systems, call center voices, acquirers, issuers and merchants to promote the educational and programmatic agenda that will help stem–and hopefully reverse–the significant operating costs and revenue losses associated with the enemy known as friendly fraud. It is likely to include the efforts of these same parties to improve systemic dispute resolution processes in cases of suspected friendly fraud.

Bob Botelle brings more than 20 years of direct marketing, customer service and operations experience to Litle & Co. As executive vice president, merchant services, Botelle leads the front-line organization responsible for delivering Litle’s pledge of best-in-class customer service to card-not-present merchants. Botelle can be reached at bbotelle@litle.com.