The realm of retail has been forever changed by the rise of buy now, pay later (BNPL) platforms. These services, offered by companies like Klarna, Affirm, and Afterpay, allow consumers to split purchases into installments, often without interest. This ease of access has fueled a surge in BNPL's popularity. 

Juniper Research predicts a surge in BNPL users, with the number in the United States alone expected to surpass 94 million by the end of 2024. This represents a staggering growth of over 40 million users in just three years. On a global scale, BNPL users are projected to reach a whopping 900 million by 2027. Apple has even joined the BNPL party, recently inviting users to test its new Apple Pay Later microlending service.

While BNPL offers undeniable advantages for both consumers and retailers, it also creates a unique target for fraudsters. Unlike traditional credit card transactions, BNPL transactions often involve lower security barriers and a stretched-out payment schedule, introducing vulnerabilities that fraudsters can exploit. Let's go deeper into the specific challenges of BNPL fraud and examine the strategies providers can use to combat it.

3 Reasons Why BNPL is Susceptible to Payment Fraud:

There are three main reasons why BNPL is susceptible to payment fraud:

1. Lower Security Friction: 

BNPL providers prioritize a seamless user experience, often at the expense of strong security checks. Unlike traditional loan applications, BNPL onboarding processes can be swift and involve minimal friction. This might involve less stringent credit checks or quicker approvals, but it also creates an opening for fraudsters to slip through the cracks.

Furthermore, the extended payment schedule inherent to BNPL creates multiple attack points. A single fraudulent transaction in a traditional credit card purchase is easily identifiable. However, a BNPL transaction might be spread out over four or more payments, making it harder to detect if a user has no intention of completing them all.

2. Extended Attack Surface:

Traditional credit card transactions typically involve a single payment. However, BNPL transactions can be broken down into multiple installments spread over weeks or even months. This creates more opportunities for fraudsters to strike. For example, a fraudster might gain access to an account, use a stolen credit card to make the first payment (to avoid raising suspicion), and then leave the account holder responsible for the remaining installments.

3. Increased Popularity: 

The growing popularity of BNPL creates a larger target for fraudsters. As the user base and transaction volume surge, so too does the potential for fraudulent activity. Juniper Research estimates that over 94 million people worldwide will use BNPL services in 2024. This massive and growing user base makes it easier for fraudsters to hide amongst legitimate customers. 

Additionally, the holiday shopping season often sees BNPL providers relax their security measures slightly to accommodate the increased traffic. This creates a prime opportunity for fraudsters to exploit these temporary weaknesses.

Further reading: How Businesses Mitigate Compliance Risk with Youverify Full Cycle AML Solution

 

How can BNPL Providers combat Payment Fraud?

BNPL providers have a range of tools at their disposal to combat fraud. The key lies in implementing a strong risk-based fraud detection strategy throughout the user journey.

• Onboarding with Scrutiny: A thorough customer profile is essential for preventing fraudulent accounts. This may involve more in-depth identity verification like device fingerprinting to identify suspicious patterns during the onboarding process. Additionally, BNPL providers should consider stricter credit checks, document checks, and verification processes to weed out potential fraudsters.

• Transaction Monitoring: Continuous monitoring of user accounts is essential.  Suspicious activity, such as rapid changes in spending habits, purchases from unusual locations, logins from unfamiliar devices or locations, or attempts to use multiple stolen credit cards, can help flag potential fraud attempts. Thus, trigger alerts and prompt further investigation.

 

Advanced Fraud Detection Techniques

Several advanced techniques can further strengthen a BNPL provider's defenses:

• Device Fingerprinting: This technology creates a unique identifier based on a user's device characteristics, such as browser language, add-ons, and screen resolution. By flagging new accounts using the same device as known fraudsters, BNPL providers can identify repeat offenders using the same device for fraudulent purposes.

• IP Checks: Scrutinizing logins from unfamiliar devices and locations is another effective measure. This can help detect account takeover attempts, where unauthorized users gain access to a legitimate account. 

• Multi-Factor Authentication (MFA):

Adding an extra layer of security with Multi-Factor Authentication (MFA) requires users to verify their identity beyond just a password. or a follow-up call from customer service can be implemented for such login attempts.

• Digital Footprinting: Digital footprinting (e.g., social media presence), can also be used to assess the legitimacy of a user's online presence, potentially revealing inconsistencies that suggest a fraudulent account. Fraudsters creating fake accounts to exploit BNPL systems may lack a social media footprint. Scrutinizing new accounts that lack an online presence can be another red flag.

• Network Analytics: Advanced network analytics tools can map connections between users and data points. This allows BNPL providers to identify networks of fraudsters using synthetic identities. By visualizing these connections, providers can expose fraud rings and take appropriate action.

• Machine Learning and Pattern Recognition: Advanced algorithms can analyze vast amounts of data to identify suspicious patterns and predict fraudulent behavior.

• Behavioral Analytics: By studying user behavior, BNPL providers can build a profile of legitimate customers and identify deviations that might signal fraud.

• Strong Customer Authentication: Implementing secure login processes, like complex passwords and CAPTCHAs, can deter unauthorized access.

You might want to read E-commerce Fraud Detection Best Practices

 

Custom Rules for Enhanced Fraud Prevention

In addition to the above measures, BNPL providers can implement custom rules to further strengthen their defenses:

• Rule #1: Device Fingerprinting at Onboarding: This rule flags new accounts using the same device as known fraudsters, helping to prevent repeat offenders from opening new accounts.

• Rule #2: Account Accessed by New Device at New IP Location: This rule triggers a review process for logins from unfamiliar devices and locations, helping to catch potential account takeover attempts.

• Rule #3: New Account Has No Social Media Presence: Scrutinizing new accounts lacking a social media footprint can help identify suspicious accounts created solely for fraudulent purposes.

 

Conclusion

The rise of BNPL market brings exciting possibilities but also demands strong security measures. By implementing a multi-layered fraud detection strategy, BNPL providers can build trust and ensure a smooth experience for both consumers and merchants. This strategy should encompass risk-based analysis, strong security measures, and advanced tools like network analytics.

Youverify goes beyond basic fraud detection. We offer BNPL providers a comprehensive suite of advanced tools. These tools can significantly strengthen defenses against emerging threats and create a more secure BNPL ecosystem for everyone. Integrate Youverify's solutions today and empower your platform to combat fraud with unmatched efficiency.