As restaurants and grocers push into omnichannel models, expanding their suite of online payment offerings, their vulnerabilities to new types of fraud attacks also increases. Susceptibility to data insecurity in the industry became exceedingly clear when Panera revealed a shocking data leak earlier this month. In fact, food and beverage fraud climbed 117 percent last year compared to 2016 and is continuing to rise, according to the latest Fraud Attack Index from Forter and the MRC. Companies that offer online payment options for food or alcohol delivery aim to provide a frictionless and efficient service every time and need a fraud solution that can keep up with their business needs.
The opportunity that comes with expansion into online ordering also presents risks. Companies must be cognizant of whether it is in their best interest to sell directly to their diners (thereby gaining more insight into their clientele and building up a robust database of identifiable customers), or to rely on third party apps or services to provide their payment portals (think GrubHub and UberEats). The risks associated with using third party providers could mean the difference between a thriving business and one struggling to stop chargebacks from “eating away” at net revenue.
Customers expect delivery quickly and without a headache, meaning the payment portal restaurants and grocers choose must provide seamless shopping and ordering for customers. Systems that rely on time-consuming manual reviews of payments (whether internal or via third party providers), simply will not scale. For example, dinner rushes or upticks in orders due to holidays or big events, could mean high operational costs if manual reviews are applied to each order. In addition to potentially losing customers because of the time it takes to approve or decline their payments, human error often makes this system inaccurate. If a fraudulent order slips through the cracks, the restaurant generally has to refund the customer through a chargeback, which cuts into overall revenue.
Beyond worrying about chargebacks at check-out, restaurants need to be ready for new fraud techniques, as the point of transaction is no longer the only payment pain point. There is the need for a solution that can fill the void in both the cost of inaccurate manual reviews and protection against all forms of online fraud.
Click-and-collect is a prime example of how fraudsters exploit the online payment system. For example, say a fraudster wanted to purchase and resell mid-range priced alcohol. Let’s imagine this fraudster is sophisticated enough to know that if he attempted to buy dozens of the most expensive bottles the store had to offer, this could invite suspicion. As a work-around, the fraudster might instead use multiple credit cards and devices obtained online to place orders at various stores in a proximal distance to his location. By doing so, the fraudster would be able to pick up each order from the selected stores in a quick time frame and be long gone before the stores had any idea what had happened or any manual reviews could have been executed to prevent the scam. In this case, the restaurants affected would have to spend their own money to pay for the fraudster’s food.
So how can restaurants and food/beverage vendors capitalize on online delivery and payment options, while also protecting their businesses from malicious actors?
One way to avoid more friction on digital platforms is to provide real-time, fully automated, fraud decisions. Without a manual component, businesses can rest assured that even during peak purchase hours they will have a fraud solution that works instantly, every time. Instead of an order arriving in an hour or less, the review process could elongate the delivery time, making for disgruntled customers.
Beyond applying a real time solution that protects against chargebacks, restaurants and businesses will need to consider a more holistic approach to cover some of the biggest pain points they can’t otherwise protect against and may not always consider dangerous. Solutions will need to provide coverage for every action along the customer journey, protecting businesses and customers from all methods of fraudulent activity. Coupon abuse, referral abuse, and loyalty point program abuse, are all vulnerabilities for restaurants and grocers using online payment options. The exploitation of any of these types of programs on a company’s platform could mean lost revenue and diminishing lifetime value of customers. Plus, these threats aren’t only coming from experienced fraudsters. Recent research shows that “friendly fraudsters” —ordinary buyers who cheat their way into getting unfair discounts—began rivaling professional fraud techniques for the first time in 2017.
The best strategy for preventing fraud combines man and machine. For example, Forter, a leading e-commerce fraud prevention solution, has a team of experts feeding complex data into machine learning systems. If a restaurant suffers from fraudulent customers abusing their coupon service, Forter’s system is able to calibrate and adjust, aggregating thousands of data points instantly to understand that the attempt is fraudulent and prevent this bad customer from further actions on the site.
Sophisticated types of fraud call for sophisticated solutions. Manual reviews, as well as limiting fraud prevention to the point of transaction, simply doesn’t cut it anymore. Food and beverage companies must adopt more holistic strategies as they look to expand their online payment options and maintain a seamless customer experience.