Blog > How to Make BNPL Platforms More Secure for Merchants

How to Make BNPL Platforms More Secure for Merchants

How to Make BNPL Platforms More Secure for Merchants - featured image
Share

Customers enjoy the buy now, pay later (BNPL) market because it allows them to make flexible payments. Merchants love BNPL because it allows them to increase their basket values by allowing them to sell more expensive or high-end products to more customers who are willing to pay over time. Consumers and merchants aren't the only ones who are smitten with BNPL platforms. Even bad actors are smitten. They are using BNPL platforms to commit fraud and do not intend to pay for their goods.

What is BNPL?

BNPL is a short-term payment plan that merchants provide to customers when they make large purchases. Customers pay for their purchases in installments (usually up to four). Customers can choose BNPL as a payment option during in-store or online checkout and will be subjected to a brief approval process based on a basic credit check. Payment plans are usually for a few weeks or even months. Many of the plans are interest-free. Because BNPL is a type of lending, missed or late payments may result in late fees. They can also have an impact on a customer's credit score.

The BNPL model is similar to layaway programs offered by some merchants. However, in a lay-away model, merchants keep purchased goods until the customer pays in full. Customers receive their goods immediately under the BNPL model and pay off their balance over time.

BNPL Platforms: A Market Snapshot

According to recent research, the global BNPL market will reach $680 billion USD in transaction volume by 2025. According to the same study, US consumers are more likely to use BNPL platforms to avoid using credit cards or make purchases that exceed their budget. Furthermore, BNPL payments in the United States are on track to reach $82 billion later this year.

According to UK Financial Conduct Authority research, BNPL is also popular among younger age groups, with 25% of platform users aged 18 to 25 and 50% aged 25 to 36. (FCA). Female customers, who account for 70% of all users, love the platforms. Approximately 90% of the goods purchased are for clothing and footwear.

Given the current size of the BNPL market, it’s important to understand how platforms are vulnerable to fraud and work to keep them secure.

How Fraudsters Target BNPL Platforms

Fraudsters typically rely on two key tactics when targeting BNPL platforms: synthetic identity (ID) fraud and account takeover.

  • Synthetic ID fraud: During the BNPL platform account opening stage, fraudsters use synthetic ID fraud. aThey will create a fake profile by combining real and fictitious information such as identification documents, addresses, social security numbers, and so on. After creating a false identity, fraudsters use BNPL to purchase goods using someone else's personal information or payment information. Once they have obtained the desired goods, they will simply vanish, leaving the customer or merchant to foot the bill.
  • Account takeover fraud: To deceive a BNPL user, some fraudsters play the long game. They look for people with good credit who have taken out BNPL loans. Account takeover (ATO) assaults are used by fraudsters to get control of the account and purchase more expensive things, utilizing the real customer's strong history with the BNPL provider.

How BNPL Fraud Can Harm Merchants

BNPL fraud affects merchants who partner with BNLP providers in two main areas.

  1. Merchant reputation If a consumer is cheated by a merchant's BNPL service, the customer is unlikely to do business with the merchant again. Furthermore, the scammed customer is likely to tell their friends, family, and social media followers about their experience. This scenario raises severe concerns about merchants' ability to protect their consumers' sensitive information.
  2. Financial repercussions. While most merchants will not be required to pay the cost of chargebacks for fraudulent transactions, they must address the issue with their BNPL provider. Many BNPL providers have security breach clauses in their merchant agreements. This means that merchants may have to bear the cost of the fraudulent transaction.

Tips to Secure BNPL Platforms and Merchants

With the ongoing evolution of BNPL platforms, both BNPL platforms and merchants can take several steps to keep their transactions secure.

Look for inconsistencies in the data

This is especially true during the account opening process. BNPL platforms and merchants should review data from a variety of sources to ensure that the information provided makes sense. Is the submitted phone number, for example, associated with a different user? Is the information provided consistent with the customer's credit file? Examining the data provided for inconsistencies is an important step in mitigating the effects of synthetic ID fraud.

Consider Device Hygiene and Reputation

This is a critical step in reducing the risk of ATO attacks on BNPL platforms and merchants. Examine the user's device and the geolocation from which they accessed their account. Consider whether they are logging in from a normal location or if they are in an unusual location. However, don't stop with geolocation. Consider how they hold and use their devices as well. For example, are they holding it in portrait mode rather than landscape mode as they usually do? Is their interaction with their screen unusual? These factors can help to determine whether the user is who they claim to be and can help to thwart a potential ATO attack before it reaches the transaction stage.

Understand the Consumer’s Lifecycle

The account opening stage is critical in determining the risk level of a customer. However, this is not the final stage. BNPL platforms and merchants should continue to monitor the risk level of their customers throughout the duration of their relationship. BNPL platforms and merchants should continue to monitor their customers' risk levels and watch to see how different events change their overall profile, rather than treating the customer's risk assessment as a one-and-done task or something that only needs to be performed annually.

account takeover

More Articles

5 Tips for Banks to Prevent Fraud Right Now
You've heard stories about how fraud affects real people through scams, identity theft, account takeover attacks, and other means. What can financial institutions do right now to protect their businesses and customers from fraud?...
How New Tech Eases the Burden on Fraud Teams
Because it is a low-risk, high-reward endeavor, online banking fraud has grown into a massive industry for cybercriminals. The sheer volume of fraud alerts received by banks and other financial institutions overwhelms fraud teams. The volume of false positives and negatives generated by traditional anti-fraud solutions exacerbates the situation. A new approach is urgently needed to save fraud teams time and money....