Julie Fergerson, CEO of the Merchant Risk Council, has over 25 years of experience developing and promoting internet-based technologies.
As e-commerce continues to expand, online shoppers are becoming more aware of how to protect themselves. Customers are learning that precautions like complex passwords, two-factor authentication and biometric identification can go a long way toward frustrating fraudsters.
But what happens when it’s the customer themselves committing fraud?
Welcome to first-party misuse, often referred to as the misnomer, friendly fraud. This is a complex and widespread form of fraud that’s committed by customers every day, on a staggering scale.
What Is Friendly Fraud/First-Party Misuse?
First-party misuse occurs when a customer makes an online purchase, whether for physical or digital goods, and then initiates a chargeback after receiving those goods. The complexity of first-party misuse stems from the difficulty in ascertaining if the chargeback request was legitimate or fraudulent.
Let’s illustrate with examples:
A parent gives their phone to their child to play a game. The child, whether intentionally or not, uses the credit card tied to the phone to buy high-value in-game items without the parent’s consent. The parent sees the transactions, is upset and disputes the purchases despite the fact they were made legitimately.
Consider a more malicious example: A customer orders a pair of shoes from a merchant, pretends they never received the delivery and initiates a chargeback, fully intent on keeping the item.
Identifying first-party misuse can be challenging for a merchant because it’s difficult to ascertain intent on the part of the customer. It’s especially challenging when the merchant has so few options for recourse.
Regulations such as the 1974’s Fair Credit Billing Act were designed to protect customers, but now make it onerous for merchants to dispute fraudulent transactions. An almost 50-year-old regulation is not equipped to mediate modern e-commerce transactions, and rules such as these have resulted in regulatory holes that facilitate higher volumes of first-party misuse.
The Cost Of First-Party Misuse
These illegitimate disputes are both extremely costly and surprisingly common.
According to the most recent Global Fraud and Payments report from Merchant Risk Council, surveyed merchants attribute 16% of fraudulent disputes to first-party misuse, with 61% of those disputes being an attempt to obtain free goods or services. In one survey, nearly 1 in 5 (17%) of consumers who have filed a chargeback dispute have committed first-party misuse, and this has resulted in enormous cost to merchants globally. Some estimates put the cost as high as $48 billion dollars annually.
It’s a serious problem, and not only for merchants. It also impacts consumers, who are dealing with higher prices resulting from this enormous cost.
What’s Being Done?
For too long there has been a regulatory impasse on first-party misuse, but two recent developments indicate positive steps in the right direction.
The first is an industrywide move to change the name from “friendly fraud” to “first-party misuse.” This type of fraud isn’t friendly, it’s often clear-cut fraudulent behavior, and the shift to the more descriptive and accurate name demonstrates how the perception around the issue is evolving.
Another significant development is card network Visa’s acknowledgment of the problem and willingness to empower merchants to fight back.
Put simply, Visa’s updated dispute rules provide more opportunities for merchants to leverage data to prove that certain chargebacks are first-party misuse. With these new Compelling Evidence 3.0 rules, merchants will now have more opportunities to supply evidence proving a transaction was initiated by a consumer and potentially shift liability back to that consumer where it belongs. Before this rule change, there was little the merchant could do to win claims against consumers committing fraud.
When a card network like Visa implements an update, the competition (i.e., Mastercard) will often follow suit. This could be the beginning of a radical transformation in the way merchants handle first-party misuse and should help strengthen e-commerce fraud mitigation efforts across the board.
Steps Merchants Can Take
It’s constructive to examine first-party misuse through an industrywide lens, but what can individual organizations do to limit their exposure?
One of the most effective solutions is ensuring an accurate merchant description on any consumer-facing documentation, like credit card or bank statements. If a customer sees a description of a charge from a source they don’t recognize, they are much more likely to initiate a chargeback, even if the purchase was legitimate.
This issue can be alleviated by making the name of the company clear, along with any services provided, on any transaction list the consumer might encounter. This means clearly identifying the company name, potentially including a phone number and/or a URL, and even including an order number if possible. It’s much better to have a customer call to confirm a transaction directly with a merchant than to go through the costly and time-consuming chargeback process.
The clearer a merchant description, the less often a customer can use ignorance as an excuse for initiating a chargeback.
Carefully Considered Consequences
If a merchant is certain that a consumer is attempting to commit first-party misuse, there are thoughtful disciplinary measures that can be implemented to limit exposure.
Some merchants “claw back” a purchased product (for example, an in-game item). Others use collection agencies to recover funds, and some even block a consumer from accessing a game or service by blocking their account for a set amount of time or in perpetuity.
This process can be complicated when discussing physical goods, but at a minimum, if a merchant is certain that a consumer is making a fraudulent claim, there should be an attempt to repossess the goods sold and block that consumer from future sales.
Movement In The Right Direction
Gaining an understanding of the widespread and complex nature of first-party misuse is critical for anyone operating in the e-commerce space. Hopefully these insights into what’s being achieved to counteract the threat prove this is not an insurmountable problem.
With the collective force of the entire payments industry finding new ways to reduce the threat, optimism for a future without first-party misuse is increasingly warranted.
That’s good news for everyone.
Forbes Finance Council is an invitation-only organization for executives in successful accounting, financial planning and wealth management firms. Do I qualify?