AI Is Driving a Whole New Era of Payment Fraud: Here's How Merchants Can Fight Back

‍Artificial intelligence (AI) has been a hot topic recently. But in 2023, it captured the attention and imagination of much of the world. Since the release of the groundbreaking chatbot ChatGPT, we've seen a steady stream of new potential use cases for AI.

However, for any number of positive use cases for AI, we also see many nefarious use cases, including some related to payment fraud that you might not expect. Unfortunately, AI is enabling scammers to automate many of their fraudulent activities, transforming communications that once had to be written by humans to be convincing.

Here are the latest trends in payment fraud and some potential solutions to help small business owners protect themselves, their businesses, and their customers.

How AI is changing fraud as we know it

Developments in generative AI, like the ChatGPT chatbot, have demonstrated that algorithms can generate human-like written content targeting consumers. Data suggests 68% of consumers have observed an increase in the frequency of scams and spam in the first half of 2023, which analysts chalk up to the surge in content generated by AIs.

AI enables fraudsters to automate their efforts, which means incidences of scams and spam will likely keep rising. Juniper Research estimates that global losses from e-commerce fraud will reach $48 billion by the end of this year, marking a 16% year-over-year increase. Between 2023 and 2027, Juniper estimates cumulative merchant losses to online payment fraud will surpass $343 billion.

Unfortunately, scammers have found a way to address the rise of two-factor authentication by scamming unwitting victims into handing over their one-time passwords. A typical scam involves a deep web forum and a bot that automates the entire process.

The bot spoofs the phone number of a business and impersonates that business, asking the victim to hand over their one-time password. Once the scammer has that password, they log into the victim's account, steal their payment information, and use it to make unauthorized payments.

Social engineering scams have also exploded since the release of ChatGPT. AI-driven chatbots enable fraudsters to automate their interactions with the people they want to impersonate to gain access to their information. Industry records show a 66% increase in blocked content and blocked payments from the same fraudster between the second-to-third-quarter 2022 period and the fourth-to-first-quarter 2022-23 period.

Once the fraudster gains access to a victim's account, they can use their information to make unauthorized purchases or take over their account entirely.

Types of fraud every merchant needs to watch for

The 2023 Global Payments and Fraud Report reveals the most common types of fraud attacks that merchants should be aware of. The most common type of fraud is phishing, pharming, or whaling, with the last two types being newer variations of fishing. The survey found that 43% of merchants report experiencing this type of fraud, a significant increase from last year's reading of 35%.

In second place is "friendly fraud," perpetrated by a close friend or victim's family member. More than one-third of merchants deal with this type of fraud. The other two most common types of fraud experienced are card testing and identity theft.

However, the survey found that merchant experiences of coupon, discount, and refund abuse jumped significantly year over year, from 25% to 30% of merchants. Incidences of reshipping schemes are also on the rise, impacting 20% of merchants in the latest survey versus 15% in last year's survey. That increase brought reshipping schemes into the top 10 most common fraud types for the first time in the last three years.

On average, merchants are impacted by three different types of fraud, with small-to-medium-sized businesses typically dealing with two types and large enterprises usually facing four or more.

But here's the good news

Thankfully, it isn't all bad news for business owners. According to the MRC/CyberSource survey, the percentage of eCommerce revenue lost to fraud globally has ticked lower over the past 12 months, falling from 3.6% in 2022 to 2.9% in 2023.

Additionally, the rejection rate for domestic orders is down to 2.7% from 3.4% in 2022. Further, the percentage of domestic eCommerce orders that ended up being fraudulent fell from 3.1% in 2022 to 2.6% in 2023.

Finally, the percentage of eCommerce orders that led to chargebacks due to fraud fell from 3.1% last year to 2.6% in 2023. It's looking like savvy business owners are also reaping the benefits of the latest AI technology, which provides new and improved ways to combat payment fraud.

Why payment fraud is an increasing burden for business owners

Although some fraud-related trends are improving slightly, merchants face a disproportionate burden when dealing with payment fraud. One survey found that more than half of consumers believe they shouldn't be held responsible if they were scammed into handing over their payment information, which was then used to make an unauthorized purchase.

While 30% believe their bank should be held responsible, nearly one-quarter place the burden of preventing fraudulent payments squarely on the business where the unauthorized payment was made. As a result, the onus is increasingly on merchants to help their customers avoid payment fraud.

According to the MRC survey cited earlier, merchants spend about a tenth of their annual eCommerce revenue to manage payment fraud, consistent with the last few years. However, as scammers take business owners and their customers for larger and larger amounts, merchants now realize they need more advanced protections against payment fraud.

How AI can provide solutions for merchants

The constantly changing strategies scammers use, and the steady increase in real-time payment transactions worldwide highlight the importance of increased vigilance against payment fraud among merchants. According to ACI Worldwide's 2023 Prime Time for Real-Time report, the number of real-time payments made in 2022 surged more than 60% year over year to surpass 195 billion, further highlighting the need for merchants to focus on preventing payment fraud.

Real-time payment transactions are convenient for merchants and customers alike because they are made between bank accounts. They go from initiation to clearance to settlement within seconds, no matter the time or day of the week. Essentially, the money is gone before the victim can do anything to prevent the transaction from going through. However, the growing number of merchants using real-time payment systems presents a new set of vulnerabilities that only AI and machine learning can effectively address.

Traditional fraud detection systems are based on previously established rules, making it difficult to spot new patterns. However, while deep learning algorithms are trained on historical patterns, they are also constantly learning, allowing them to detect new fraud patterns even if they differ slightly from what came before.

As the number of real-time payments processed increases, it's becoming even more difficult for merchants to stay on top of the growing number of manual checks required by those traditional rules-based systems. Thus, using AI tools like Chargeflow to detect payment fraud reduces the manual checks required under those systems because AI is continually learning and far less likely to generate false positives than traditional fraud detection systems.

Chargeflow's intelligent algorithms sift through millions or billions of transactions in minutes, quickly spotting new or emerging fraud patterns. It also builds models that capture the typical behavior patterns and relationships between multiple transaction parties.

The algorithm then identifies unusual behaviors or relationships that could point to fraudulent payment activities. More so, it assigns risk scores to individual transactions based on various factors, including the customer's transaction history, account information, and usual payment behavior patterns. Any transactions with high-risk scores can then be blocked, preventing fraud before it occurs.

Login analysis is also important for merchants because it catches unusual logins outside the victim's home nation or region or at odd times of the day or night.

The future of payment fraud

Of course, payment fraud will continue to get more sophisticated as time goes on, making adopting and using AI and machine-learning technologies increasingly important. Merchants have broad and growing options for AI-based payment fraud detection tools.

But choosing the right system that matches your business model and can guarantee significant returns on investment will make all the difference. The AI revolution is already here with us. Merchants who are slow to adapt to using such frameworks to combat the rapidly growing problem of payment fraud are likely to be left behind due to a lack of trust by customers.

About the Author:

Michelle Jones, Editor-in-Chief of ValueWalk, a respected financial information company. She previously served as a television news producer for an NBC affiliate for eight years.