Does Customer Age Matter for Fraud Prevention?
In 2020, consumers spent approximately $630 billion on online shopping, and merchants lost $12 billion to fraud. Federal data indicates that impostor scams and ecommerce fraud topped the list. Account takeover fraud, which is driven by impostor scams, increased by 50%, with no signs of slowing down in 2021.
Consumers in every age bracket are in fraudsters’ sights. However, by understanding how fraudsters target different age groups, merchants can tailor their fraud prevention programs to fit the risk profiles for their customer demographics. This approach can reduce fraud losses and improve the shopping experience for good customers.
The 2021 Javelin Identity Fraud Study includes findings on identity fraud scam approaches that criminals use on each generation:
Baby boomers — consumers over the age of 56 — are prime targets for robocalls and other phone-based tactics that impersonate the IRS, Medicare, Social Security, banks and other trusted institutions. Scammers gather financial account information and government program ID numbers to take over accounts, divert funds and commit identity fraud.
Gen X, ranging in age from 41 to 56, get targeted by robocalls too, as well as text and email phishing scams designed to steal their login credentials and payment data. Because as many as 65% of people use the same password for some or all of their accounts, phishing those login credentials makes it easy for criminals to break into more than one account per victim. Typical hooks that draw Gen Xers in, per Javelin, include messages about package tracking, interest rates and banking information.
Millennials, aged 25 to 40, are much more likely than older generations to suffer ecommerce fraud and business/government impostor scams. Like Gen Xers, they’re targeted by text scams, as well as social media scams that offer rewards, package tracking or peer-to-peer (P2P) money transfer confirmations.
The youngest group of consumers is Generation Z. Ranging in age from pre-teen to 24, these youngsters spend a lot of time on social media and messaging platforms, which is where fraudsters go after them with phishing and P2P money transfer scams to steal their app login credentials.
Source: Javelin Research
Using Customer and Generational Insights to Refine Fraud Prevention
The kinds of identity-fraud scams that your target customers are likely to suffer can help you understand and fine-tune your fraud prevention program. However, it’s important to keep in mind that the best fraud prevention programs are built on layers of screening and security tactics, so there’s no one solution for a particular demographic. In other words, you might choose to focus heavily on new account creation fraud if your customer base is baby boomers who are frequent targets of identity theft, but you still need to protect against ATO, CNP fraud and return fraud.
Keep bots out of your customers’ accounts and checkout. Most ATO fraud — which affects many Gen X, millennial and Gen Z consumers — is committed by criminal groups using botnets to stuff credentials into many sites at once, trying to find matches they can use to access accounts. Once they’re in, they can make purchases with the victim’s stored payment data and rewards points, including items for resale and gift cards they can convert to cryptocurrency to fund other illegal activities.
Screen every order, even those from returning customers. Another ATO prevention tactic is to screen all orders, including those by customers who might be on a whitelist . Use behavioral biometrics and customer history data to compare the user’s behavior during each visit to the last. This can detect sudden changes in the types of items the customer is purchasing, new locations and devices they’re shopping from, and new average ticket value — all of which can indicate ATO fraud.
Order screening that draws on a wider network of customer data can also help detect new account creation fraud of the kind that often targets older shoppers. Without a network of known consumer actions and behaviors, merchants have no way of knowing if a new customer is a real person or a fraud.
Provide integrated, branded package tracking on your site and via messaging. Fake messages that impersonate shipping companies aim to trick millennials and Gen Xers into sharing account login information for ATO attacks. Your store can reduce their risk — and reduce your losses to return fraud — by partnering with a third-party parcel tracking service that you can integrate with your site and brand with your name and logo for enhanced customer trust.
Monitor your brand for impersonation. Flag fake social accounts for removal from the platform, report text and robocall brand impersonations to the Federal Trade Commission and report fake websites and emails to their domain host. Also, let your customers know how you’ll contact them and tell them what kinds of information your brand will never request over the phone, via text or in an email.
Don’t rely on 2FA to stop fraud. Two-factor authentication is required in some markets now, but it can add friction that diminishes the customer experience, especially for baby boomers. ClearSale research from March 2021 found that 25% of shoppers aged 55 and older never have their mobile phone on hand while they shop online. 2FA also isn’t foolproof; SIM swap attacks allow fraudsters to intercept and respond to victims’ SMS messages.
Manually review all flagged orders. The flip side of stopping fraud is ensuring a good experience for your real customers. By having a team of experts quickly review suspicious orders, your store can keep fraudsters out while letting good customers shop, even if they’re using a new phone, shopping while on vacation or exploring a new product category. That’s critical, because our survey found that 40% of rejected customers won’t buy from that merchant again. Manual review can help protect your customer relationships and their lifetime value.
As consumer behavior and generational characteristics evolve, your fraud prevention strategies have to evolve too. By continually monitoring, adjusting and updating your tactics, you can build stronger relationships with your customers, whatever their generation, and build stronger barriers to fraud.