Given the wild success of buy now, pay later loans, it’s no surprise fraudsters have found a way to get in the game.
To help card issuers offering BNPL installment options post-purchase reduce the risk of fraud, Outseer, an authentication subsidiary of Bedford, Mass.-based data-security services provider RSA, on Wednesday unveiled a fraud-detection application. Typically, card issuers notify cardholders of BNPL-eligible transactions or flag them on their digital statement. Cardholders using a BNPL option through their card issuer typically pay a fixed monthly fee or a fixed interest rate.
BNPL loans are projected to reach $1.2 trillion in 2024, up from $500 billion in 2020, according to data and projections from Aite-Novarica Group, a Boston-based consulting firm.
Outseer’s Buy Now, Pay Later Installments solution is built on top of the company’s 3D Secure platform and uses a combination of rules- and policy-based technology, as well as machine learning. The solution authenticates a cardholder opting for a BNPL loan from her issuer online.
The solution is expected to help card issuers offering BNPL options, such as JP Morgan Chase and Citibank, fight the two most prevalent types of BNPL fraud: synthetic-identity fraud and account-takeover fraud.
Synthetic-identity fraud occurs when a criminal uses personally identifiable information to fabricate an identity to hoodwink a merchant or financial institution. In 2020, losses from synthetic identity fraud reached $6 billion, according to Auriemma Consulting Group
Account-takeover fraud occurs when a fraudster gains access to a consumer’s account and modifies personally identifiable information, then either requests a new card or adds himself as an authorized account user. In the latter case, he may also change the password. Once in control of the account, the criminal can make unauthorized transactions at will. Between the second quarter of 2020 and that of 2021, account takeover fraud grew more than eightfold for fintech companies, according to Sift, a provider of digital trust and safety applications,
“A lot of consumers using BNPL tend to have thin credit histories, so synthetic-identity fraud lends itself well to BNPL loans, because with a thin credit history, it’s harder to detect a fraudulent transaction,” says Outseer chief executive Reed Taussig.
What makes detecting synthetic-identity fraud difficult is that the fraudster has key information needed for authentication, such as an address and Social Security Number, but little or no credit history that can also be used to authenticate the cardholder’s identity, Taussig says.
Outseer’s Buy Now, Pay Later Installments technology is the first application in a planned series of customer-authentication applications especially designed for emerging payments, according to the company. Plans include developing a BNPL fraud-detection solution for merchants that work with BNPL loan providers such as Klarna, Taussig adds.
“Fraudsters follow the money, so we’re also seeing rising fraud attacks and losses in [the BNPL arena],” Julie Conroy, head of the risk insights advisory at the Boston-based consultancy Aite-Novarica Group, says by email. “Fraudsters will probe the defenses of any player in this space, be it card issuers or fintechs like Klarna and Affirm, so it’s essential for all firms that make the decision in this arena to have a robust control framework that enables them to detect fraud while not putting undue friction in the path of good customers.”