Which MNO reduced fraud by 14x? What does PIN entry do to completion rates? And how can you tell if a $99 in-app payment is made by a fraudulent bot or an 11 year old on his Dad’s phone? These questions and more were answered in a MEF’s anti-fraud webinar…
Anyone who has seen the Ray Harryhausen film Jason and the Argonauts will never forget the fighting skeleton scene.
In it, our hero has to battle an army of relentless skeletons. Every time he ‘kills’ one, it merely rises up out of the ground ready to fight again. The special effects are amazing, even for 1963. There’s a clip here.
Watch the MEF Webinar in full
So what does all this have to do with mobile content fraud? Well, the scene popped into my head when I was moderating last week’s MEF webinar on the topic: Tackling DCB and Ad Fraud in Content Monetization.
The panel comprised:
- Anzelle Robertson, Business Development Manager, Sam Media
- David Lotfi, CEO, Evina
- John Tullai, Chief Operating Officer, Aegis Mobile
- Oliver Cooke, Head of Payments, IMImobile
The discussion turned to the relentless nature of the fraudsters. David Lotfi reflected on how they are always ready to overrun the market with scams – and how they continuously invent new kinds of trickery. It’s like they can’t be killed.
I just thought: fighting skeletons.
Happily, Lotfi also described many successful fightback against the ‘dark side’. He gave the example of Bouygues Telecom. It had all but given up on the DCB mobile content market before implementing a technological defence. The action halved complaints and reduced fraud incidents by a factor of 14.
The webinar took place just a few days after MEF’s DCB Fraud Working Group launched a white paper: Combatting Fraud in Mobile Content. The report describes the fraud problem and outlines best practices to mitigate it.
All four panellists are members of the Working Group. They are well-placed to comment.
Here are some of the key points they raised in the discussion.
Every stakeholder loses when there is fraud, but Robertson and Cooke both stated that it’s merchants that suffer most. Content providers typically pay for 100 per cent of any refund paid to end customers. They also come out badly from ad fraud – paying money for fake clicks they will never get back. And this is not to mention reputational damage.
Fraud is inevitable. It can never be reduced to zero
David Lotfi pointed out thateven the ‘safest’ payment systems support a small level of fraud. Complete eradication is a pipe dream.
If no action is taken, fraud can go to 80 per cent
In markets where there is no attempt at self-regulation or technical interference, fraudsters can –regrettably – overrun a market. According to Lotfi this is almost inevitable. Which is why action and vigilance is always necessary.
Arguably, merchants suffer most from the impact of fraud
Every stakeholder loses when there is fraud, but Robertson and Cooke both stated that it’s merchants that suffer most. Content providers typically pay for 100 per cent of any refund paid to end customers. They also come out badly from ad fraud – paying money for fake clicks they will never get back. And this is not to mention reputational damage.
Adding a PIN entry component to the payment flow can cause 85 per cent of customers to abandon
Cooke revealed that every extra step in a payment flow stops a significant number of customers from completing the transaction. A complicated PIN requirement can knock nearly all of them out.
…And yet creating extra steps is still no guarantee of reducing fraud
PIN entry and the like do not stop perpetrators of technical fraud (ie those that install malware to make invisible payments) from making illegitimate purchases.
It’s easy to cause customers that genuinely want to complete a transaction to give up
Anzelle Robertson gave the example of a PIN entry flow in Ghana. Customers are given a one-time PIN to enter, but are later asked to enter their mobile money PIN in order to complete. At this stage many enter the earlier one-time PIN – despite the best efforts of the merchants to explain that a different code is required.
Technical anti-fraud providers set honey traps for fraudsters
Lotfi outlined the efforts made by his company Evina to infiltrate fraud networks and study their methods. Evina hangs out on the dark web, buys malware with bitcoin, goes to the ‘worst’ affiliates and downloads known spoof apps.
Anti-fraud solutions require a lifecycle approach
David Lotfi and John Tullai stressed that reducing or mitigating fraud requires a spectrum of measures. These include up-front knowledge of the market participants and content, compliance education, transaction monitoring, and deep after-action analysis.
It’s easy to confuse fraud for sneaky purchases by children
In some cases, said John Tullai, customers request refunds when the real reason for the ‘fraudulent’ purchase is a lack of parental consent – e.g. when a child makes an expensive game or in-app purchase without Mom’s or Dad’s knowledge.
Having a record of customer interactions is a good hedge against bogus claims of fraud
Some content providers keep logs of activity by a given customers. They can refer to these records to infer whether the customer was fully aware of what he/she was buying.