How the Pandemic Changed Behavioral Biometrics in Fraud Screening
Fraud prevention technology can do some impressive things, like compare customers’ current behavior to past actions to determine whether their orders are legitimate or potential fraud. Behavioral biometrics that analyze a shoppers’ past purchases, age of their email address, typical order size, location and device can weed out sophisticated organized fraudsters who can get past basic fraud controls by impersonating known or new customers.
However, these biometric analyses rely on known patterns of good customer behavior, and when behavior changes, the biometric rules must change, too. Otherwise, merchants risk rejecting good customers, and a Sapio Research survey from March 2020 found that 39% of rejected customers will never come back.
Here are a few ways the pandemic has changed customer behavior and behavioral biometric criteria, and how merchants can adjust to stop fraud and false declines.
Brand-new online shoppers
New shoppers with no purchasing history, especially those using new email addresses, raise fraud flags because many scammers create new identities and disposable email addresses to make purchases with stolen card data. However, store closures and stay-at-home orders pushed a lot of consumers to shop online for the first time, and that created new challenges for fraud prevention.
Even in the U.S. where eCommerce was widely adopted before 2020, 9% of consumers said they’d bought a product online for the first time due to the pandemic. Rejecting such orders based only on the newness of their online presence risks turning off new customers who might otherwise become loyal.
Bulk orders for in-demand items
Bulk orders of popular or hard-to-find items—especially bulk orders with rush shipping—can be a fraud signal. Often, when an item is in demand, scammers will buy large quantities with stolen payment data and then resell the items online.
Since the start of the pandemic, however, many people started buying grocery items, disinfectants and masks in bulk, when they could find them, because of shortages and uncertainty about how long closures and the pandemic would last. Many shoppers needed these items quickly in order to feed their families, take care of loved ones and protect themselves from the virus, so express shipping was a logical choice for them.
New shipping addresses
It can be a flag when customers’ shipping and billing addresses don’t match, especially if the shipping address is located in an area where fraudsters are known to be active or if the customer has always had items shipped to their billing address in the past. It could be a gift, or it could be fraudsters posing as a good customer to get their hands on items for resale.
However, if your fraud prevention program automatically rejects these orders, your store could be missing out on a lot of revenue because of false declines—especially now. That’s because many people relocated during the pandemic—either temporarily or permanently—at the same time they were doing more of their shopping online. In the U.S. alone, 11% of the population moved between April 2020 and March 2021, compared to less than 10% in 2019.
Even among people who didn’t relocate, many changed their delivery preferences. For example, people who used to get their packages delivered to their office had to change their behavior when offices closed. Many shoppers were buying for aging parents who lived elsewhere and had trouble shopping online. And plenty of consumers were shopping for online gifts to send to friends and family they couldn’t visit; searches for “online gift” rose 80% in 2020 from 2019.
Unfamiliar device data
The devices that customers use to shop online also provide data that can help identify fraudsters. These kinds of data include the identity of the device itself, its geolocation, and how the customer is using the device—how they type or tap the screen. Before the pandemic, an order that looked like it was from a returning or known customer that came from a new device, a device in a new location or with an unfamiliar typing or tapping pattern could indicate fraud.
Now, though, there are a number of reasons these differences could also indicate a good customer. For example, someone who’s staying with friends or relatives might use their device to shop—which would also explain why they’re in another location. They might also share their login credentials with a family member so they can order groceries or other items for themselves—from their own devices.
Take a closer look at orders when behavioral biometrics raise flags
In all of these cases, automatically rejecting these kinds of orders has always carried a risk of declining a good customer by mistake. Now that customer behavior has changed so much, automatic rejections based on biometric fraud-screening data are even riskier, and the result can be a loss of customer lifetime value, wasted marketing spend, damage to the brand if the customer complains on social media and a resulting increase in costs to acquire new customers.
The solution for merchants who want to stop fraud and avoid declining good customers has always been to manually review flagged orders. It’s even more important now that customers have higher expectations for online shopping experiences and less patience with bad experiences. By taking a closer look at suspicious orders, merchants can often safely approve many orders that would have been automatically rejected. That allows them to generate more revenue, get a better ROI on their marketing spend and encourage repeat purchases.
Customer behavior has changed dramatically over the past year and a half, and it will eventually change again. To be ready for whatever customers do next without letting fraudsters through your checkout or denying good orders, now is the time to invest in your online store’s manual review capabilities.