Fraud.net is a leading eCommerce fraud prevention that puts collective intelligence, Ai/machine learning, and real-time analytics all in one place. It recently released a report with new data on fraud in the travel industry, sourced from billions of transactions processed through its Collective Intelligence Network.
We sat down with Cathy Ross, Co-Founder and President of Fraud.net, to discuss a number of findings from the report including how to minimize false positives for high-price airline tickets, how airlines should be approaching high-risk countries, and more.
1. You write that “smart fraudsters chase the highest potential payoff that requires the least effort”. Can you share some best practices merchants should be following to increase the amount of effort fraudsters need to put in to successfully attack?
A fraud prevention and analysis system is table stakes for OTAs, airlines, or frankly any type of business that is transacting a lot of business online — the volume and variety of attacks is so high, that vendors can get cleaned out by fraudsters on a successful exploit before a human-based response can be put together. Someone once asked the famous American, Depression-era thief Willie Sutton why he robbed banks. His blithe reply: “Because that’s where the money is.”
Fraudsters will also go where the money is. Companies that sell or accept payment online need to be vigilant to avoid those types of incursions. At a minimum, that means having a rules-based fraud prevention system. Best-case, they should have an AI-linked system that can recommend, create, and adjust rules in real time to avoid fraud, while not upsetting good customers engaged in real transactions.
In terms of known trouble areas, OTAs should keep close supervision on last-minute tickets that are on higher-priced routes, since they present both a higher potential payoff, and increased odds of success for fraudsters. Also of special interest to criminals are tickets that are easily refundable or exchangeable, because these are easier to monetize.
Lower ticket items (in this case, lower-priced tickets) are more often the target of friendly fraud — that is, items that are purchased by a legitimate customer, who then claims it was an unauthorized charge when they are no longer a good deal. (A common example of this is when a ticket is purchased, and then contested when the same route goes on sale at the last minute.)
In a way, this latter problem is one of the OTAs own making. Because the buyer is seeing huge price fluctuations on the same route — sometimes on the same carrier and even the same flight — buyers feel less compunction to commit this type of friendly fraud against a company that they feel is exploiting them.
For all these types of fraud, especially friendly fraud, it’s really important to have collective intelligence built into the system — that is, a way to see fraudulent transactions at other providers and payments operators, not just the company’s own transactions.
In many cases, you can actually see a customer contesting a charge, and then buying a lower priced version of the same item (in this case, an airline ticket) at another venue. This additional data, combined with a robust analytics package and AI, can help OTAs and other travel businesses flag this type of fraud before it hits their bottom line.
2. On the same theme, another key takeaway is that fraudsters focus on higher-priced tickets. Of course, merchants want to minimize the number of false positives for high-value orders as much as possible. What are some best practices to meet both of these goals when reviewing a large ticket item?
Better rules make for better fraud prevention, which also won’t get in the way of legitimate transactions. The collective intelligence and analytics we mention above is a big factor in creating rules which have this level of sophistication.
It’s interesting — you would think that travel would have lower levels of fraud. When a fraudster buys a physical item online with a fake credit card, they get the item delivered, and they’re in the wind. When you’re a travel fraudster, you actually have to show up at the place of business and engage with the company you’re ripping off for hours and hours.
Still, travel sees an extremely high level of fraud.
The reason is that airline tickets are almost as good as cash — most are very easy to refund. It’s so easy, in fact, you could almost use them as a proxy for cash in places where there’s a lot of financial instability.
In addition the ubiquity of business travel creates situations where a fraudster can use stolen credentials to buy multiple tickets for a group without raising eyebrows. Of course, on the day of the flight, the “buyer” — a victim of identity theft — doesn’t end up taking the trip but all the other people on the itinerary do.
The bottom line is that you need sophisticated rules, and a certain level of diligence (often supplemented by artificial intelligence) to check how well rules are performing.
Eventually, fraudsters will figure out a loophole in even the most sophisticated rule, and will keep hitting it (even sharing the information with their criminal colleagues) until that loophole is closed.
3. You report identified specific airline routes particularly susceptible to fraud. I’m wondering how merchants should factor the time of year into account when reviewing orders as well? Or did you find that fraud rates across departure/destination combinations stayed relatively steady throughout the year?
If you’re wondering about our findings about the Vegas to LA route — which is seeing an incredible 15% rate of fraud attacks — that is a statistic we see all year round. The reasons for the high rate of fraud aren’t totally clear, but we think that it’s a function of the fact that there’s a lot of promotions and discounts on that route. More than that, those promotions and discounts are aimed at a group of people that tend to be more impulsive and risk-tolerant than the rest of the population. And, because impulsive people act impulsively, it’s harder to parse that behavior from fraud.
To be sure, there are routes which see higher levels of fraud linked to seasonal travel. Certain routes see big spikes in fraud around major travel times — Thanksgiving, Christmas, Father’s Day, and the summer holidays.
Also, in countries that are seeing increased levels of economic instability, airline tickets become proxies for hard currency and, thus, local fraudsters from those regions have increased incentives to steal… and are tapping the routes that they are most likely to succeed with given where they are based.
4. Similarly, you note a wide disparity in fraud as a share of transactions, even amongst large national airlines (Delta, Emirates, Air Canada, Lufthansa). Why do you think this is? Why are some airlines better at fighting fraud than others?
A lot of those airline-specific fraud results are a function of routes, which we address above.
More than that, it is often due to a series of attack vectors which are discovered by a fraudster and exploited until it is detected — a certain airline might fall victim to this “fraud lottery” one day, and then it will be another airline another.
Fraudsters are surprisingly creative and resourceful in testing new attack vectors. They’re also somewhat “charitable” in their way; if they’re seeing success in a particular type of fraud, they often go online and share the information with other fraudsters. (Their goal isn’t so much altruism, but to cover their own tracks by creating more successful incursions with a particular fraud channel.)
Fraudsters are sharing information. It’s critical that Airlines and OTAs share information as well.
Airlines will always be targets for fraud, but by sharing information through collective intelligence, and analyzing findings using AI, we expect that the overall level of fraud will decrease, and will be more evenly distributed across carriers.
5. Your data states Air France is the target of an incredible 4% of all travel fraud attacks. What makes this specific airline so attractive to fraudsters?
It’s hard for me to give a specific answer here — Air France isn’t our client, and we don’t have any special insights into that airline. What we think is happening is that you have higher-value routes on an international carrier and buyers who span the globe… particularly regions that have higher rates of fraud. That creates a combination where Air France is a juicer target for fraudsters, and it makes fraudulent purchases harder for them to catch.
6. Moving to the payments side of things — the wild fluctuations in fraud rates by card issuers is very interesting. What causes fraudsters to choose one type of card over another? Are there any known vulnerabilities that merchants can look out for when processing these transactions?
Although there are some special cases with cards that are particularly susceptible to fraud, there tends to be a higher correlation between higher credit limits and higher rates of fraud.
There are also issues around specific issuer banks, which may have been penetrated by hackers, and either don’t realize that they’ve been breached, or feel it’s cheaper to ignore the problem. (Vendors, not banks, usually bear the brunt of the expense on chargebacks.)
The proof is in the pudding. If you go on the dark web, those higher-limit corporate cards cost the most to purchase and are the most sought after.
7. Similarly, you found that nearly 8% of airline fraud attacks come from ‘titanium’ level cards. Why do you think that is?
Once again, this is the “Willie Sutton philosophy” of fraud that we reference above. Fraudsters are going where the money is.
Specifically, fraudsters are leveraging cards with higher credit limits and, just as important, cards where a vendor may be reluctant to flag the transaction to avoid offending an important, affluent consumer.
Those transactions are always going to be a juicy prize for fraudsters because they generate a higher level of return, and have a higher probability of success.
8. You note that cards issued in the Dominican and Russia have a 12.4x higher attack rate than those issued in the US. With chargeback thresholds being so low, does that mean airlines should be banning transactions from those companies outright to avoid being placed in a high-risk category?
Those high numbers should definitely give online sellers pause. To be sure, there are many good customers using these cards, so it’s really important to create rules looking at multiple attack vectors — not just a single vector — to avoid losing out on these ‘good’ transactions.
9. If you could give airlines one piece of fraud prevention advice, what would it be?
I will give two pieces of advice, because they really go hand-in-hand: Make sure that you’re seeing all the data across a collective intelligence network, and use Artificial Intelligence to scale the human interventions and insights that are shaped by this information.