In the first article of our series on types of card fraud we gave an overview of the Brazilian market and talked about card-not-present fraud. It is undeniable that the shift from traditional retail to e-commerce has opened the door to a wider variety of card fraud. In physical stores, there are several ways for merchants to verify that the person using the card is the actual cardholder, particularly with the advance of EMV cards which requires a PIN to confirm the transaction. The online environment, on the other hand, offers a series of challenges for merchants and payment service providers. In many cases, even utilizing advanced fraud prevention tools, it is difficult to be certain the person using the card is the cardholder. Furthermore, there is one particular type of card fraud that can be very troublesome for online merchants: Friendly Fraud.
What is Friendly Fraud?
In general, unlike other types of card-not-present fraud, with friendly fraud the buyer is the actual cardholder. This card fraud occurs when the buyer makes a purchase but intentionally reverses the charge once the products or services are received.
Overall, friendly fraud presents itself in two forms: intentional and accidental. The first type falls into the above description and it is the online equivalent of shoplifting. However, the accidental type of friendly fraud usually takes place because the cardholder cannot identify the charge on their card statement. In many cases, such mistake is caused because a person close to the cardholder has made a purchase using their card without their consent. Another situation that can lead a customer to mistakenly dispute a charge frequently is the lack of, or not very clear, information about the company and the product or service purchased on their card statement.
In order to avoid accidental friendly fraud, it is important to define a message to be shown on the card statement. Also called a soft descriptor, such a message is crucial to help buyers identify the purchase. PagBrasil, for example, allows its merchants to personalize such soft descriptors with a case sensitive text, limited to 13 characters, including spaces. The company also requires its merchants to inform the customer on both the confirmation page and by e-mail the message to be shown on the card statement.
Friendly fraud is nearly impossible to detect, because in most cases the payments themselves are legitimate. Therefore, it is recommended that merchants take the time to learn more about the buyer before capturing the transaction and sending the goods or providing a service. For that reason, PagBrasil offers its clients a pre-authorization option allowing them to reserve an amount on the buyer’s credit card and capture it later. Such option gives online merchants time to perform additional verification and reduce fraud levels.