Fighting Friendly Fraud

Fully verified customers commit anywhere between 60 and 90% of fraud in financial services.

This is often called friendly fraud (or first-party fraud) in the industry. It’s called friendly because the person committing the fraud is someone the Fintech or financial institution knows. It doesn’t sound so friendly anymore.

Friendly fraud is anything but friendly.

In the past year, fraud rates have skyrocketed.

Most tools to prevent this fraud are aimed at merchants and e-commerce, but Sardine has built unique signals and ML focusing on Fintech and wallet use cases. We have some unique ways to prevent friendly fraud before it happens and detect it before it becomes a loss.

The head of Fraud at Novo reports some impressive statistics

Sardine achieves these results in true partnership with our clients. And the more we all know about fraud, the better we get together.

So how can up to 90% of fraud come from fully verified customers? Let’s dig in.

Types of Friendly Fraud

Example 1: Chargeback fraud

If a consumer buys a product online and it is not delivered or sees a transaction they did not wish to approve via their credit or debit card, they can start a chargeback process. All issuers of debit and credit cards (like Neobanks and banks) must investigate the complaint from the consumer and refund them if they find something wrong (e.g., the goods were not delivered).

Friendly chargeback fraud may occur as follows:

1. A Fintech wallet or bank card user buys goods or services from an online merchant
2. Goods are delivered, or the merchant completes the service
3. The user raises a chargeback claiming the goods were never delivered or there was a fault in service
4. Due to the high cost of investigating a chargeback, many companies will instantly refund the user to avoid additional costs
5. The user now has both the items they “bought” and a full refund

This customer is fully verified, passed KYC, and may even be using their real identity. These attacks often target smaller Fintech companies that may not have the experience or funding to perform deep investigations

For many consumers, chargebacks are strong protection from damaged goods or issues they may face from merchants. Protections like chargebacks are one of the key reasons cards are so trusted by consumers and widely adopted.

However, the business case for investigation also makes chargeback fraud one of the most common attacks they will suffer. It may be more expensive to investigate and challenge the chargeback than to refund the customer.

Brands also face tension if they challenge a legitimate user on the chargeback. If a user was scammed or is in distress and their Neobank or bank doubts them, this can add to an already stressful situation and create a reputational risk for the brand. This isn’t easy, and it’s expensive.

Example 2: “Insufficient Funds (NSF)”

In this example, a user is looking to fund a Fintech app like a Neobank from their main bank account using the ACH payment type. An ACH payment typically takes 2 to 3 days from initiating the payment to the money landing in the account. To improve the experience, some Fintech companies pre-fund the consumer wallet, assuming that the money will come from the consumer's bank account in two days.

A friendly fraud NSF process looks like this:

1. A consumer connects their bank account to a fintech and loads money into the fintech wallet.
2. The consumer takes the money out of the bank account used to fund the fintech wallet.
3. The Fintech company may instantly credit the consumer’s Fintech wallet ahead of receiving the funds from the bank
4. The Fintech company attempts to retrieve the funds from the consumer's bank account (which has been emptied after the payment was authorized) but cannot.
5. The Fintech company gets a Not Sufficient Funds (NSF) return from the funding bank.
6. Effectively, the consumer has doubled their money by starting a transfer with money in the bank, but moving it before the Fintech company could retrieve it

Like the previous example, the customer is verified and passed KYC. In most cases, they may be using their real identities. It’s hard to detect because the “attack” can be innocent or legitimate in many cases.

It is important to distinguish between the innocent NSF, where a consumer forgets the incoming ACH debit and moves the funds out of their bank account, vs. friendly fraud, where someone does this willingly.

As consumers face mounting pressures in a troubled economy with high inflation, their cash flow can be tight, and many are simply struggling. Frustratingly, fraudsters will also use this market environment to claim the “free money” on offer from Fintech companies that do not have adequate fraud protection. Fintech companies have a catch-22 of not wanting to penalize the customers who simply do not have cash available, especially those that focus on helping low-income segments build credit and reform their finances.

Willful friendly fraud is the more nefarious attack vector,  which, when performed at scale, can easily wreak havoc on the profitability of using ACH to fund wallets.

Ways to prevent

The more data we can gather before the attack about the user, the more confidence we can create that a chargeback or NSF is either legitimate or fraud. A common pattern for Fintech companies is to check the account balance (via aggregators like Plaid, MX, and Fincity) before pre-funding a wallet.

Sardine has additional ways to collect data and this enables us to be much more accurate

1. Customers leave clues in every interaction that they could be a friendly fraudsters. Sardine uses the powerful signals left behind in devices and how they’re used as an anchor to understand customers across the lifecycle. From onboarding to funding to everyday activity, small changes in behavior can have a massive impact on detection. Our proprietary device intelligence and behavior biometrics solution is always-on and has proven effective at detecting this.
2. Repeat offenders can be spotted at account opening. Often a customer committing friendly fraud will do so as a pattern and at many Fintech companies. Large banks prevent this by sharing data, but smaller Fintech companies have not historically had access. Sardine has a network of data partners that can see bank consortia data, as well as Telco, email, and other data sources for user reputation. We add this to devices we've seen in the past and can build a robust picture of a user and their device before they sign up for an account
3. Working as a team Sardine has a Fraud Ops and Client Support team that is actively helping our clients reduce scams and fraud risk. We combine our visibility into the entire Fintech and Crypto ecosystem with in-house expertise to act as an extension of our client's risk and fraud teams.

The business case

Chasing every chargeback and NSF gets expensive, and in an environment where every company is managing costs tightly, the appetite to build and maintain a sophisticated tech stack is not something companies are entertaining.

Sardine had one customer who had built a sophisticated internal fraud tech stack that was, from our perspective, excellent; however, the cost to maintain it and the internal team was becoming prohibitive. Sardine reduced their cost by 10x and delivered at least equivalent performance in a PoC.

As Matt from Novo points out above, the total ROI across 4 companies he has implemented Sardine was 8.4x. Sardine really is the fraud and compliance team you hire as an API.

If you want to manage friendly fraud without penalizing good customers, contact us.