The soaring popularity of Buy Now, Pay Later (BNPL) platforms has attracted not only eager customers but also opportunistic fraudsters. Buy Now, Pay Later is so popular with consumers that its overall market valuation is expected to reach $3.98 trillion by 2030.
As the BNPL space expands with new vendors and products, the risk of fraud targeting poorly secured account opening and login flows has become a pressing issue. This fraud not only threatens the financial security of both BNPL companies and their customers but also hampers the growth potential of these companies by inhibiting their capacity to extend further credit. This article dives into the various types of fraud plaguing BNPL companies and the challenges in combatting these threats. Moreover, it further explores how advanced identity solutions using facial biometrics and tokenization technology can provide a robust solution to mitigate fraud risks, safeguard customers, and foster increased lending for BNPL companies.
The Rising Tide of BNPL Fraud
Studies have revealed alarming statistics regarding the vulnerability of Buy Now, Pay Later (BNPL) consumers to fraud. These fraudulent practices threaten consumer security and negatively impact BNPL providers by undermining their credibility and resulting in substantial financial losses, inhibiting their capacity to grow and serve more customers. PYMNTS reported that in 2021, 23% of US consumers who fell victim to application fraud had their information exploited to open fraudulent BNPL accounts. BNPL consumers often fall victim to fraud due to their failure to change account passwords regularly. Nearly half (45%) of users admitted using the same login credentials across multiple BNPL accounts, unwittingly granting fraudsters easy access to create fake BNPL accounts using stolen credentials. Moreover, the study discovered that 22% of respondents unknowingly signed up for a fraudulent BNPL account, while an additional 20% fell victim to account hacking. The most prevalent method employed by fraudsters was the establishment of fake BNPL accounts using legitimate user credentials, impacting 26% of users, as reported in the study's findings.
Furthermore, the study highlights that consumers would place greater confidence in using a BNPL account if offered by their bank rather than a standalone BNPL provider. The growing fraud risk emphasizes the importance of trust and customer protection in the BNPL industry. It is crucial to note that the regulatory oversight that traditional financial institutions are subject to is currently absent in the BNPL sector, providing cybercriminals with an environment ripe for exploitation, where consumer protection can be compromised.
Common BNPL Fraud Types Affecting BNPL Businesses
In the Buy Now, Pay Later landscape, several forms of fraud pose significant threats to businesses and consumers alike. These include Account Takeover (ATO) fraud, Synthetic Identity fraud, and SIM Card Swapping, each with unique approaches and implications.
- Account Takeover (ATO) Fraud: Through account takeover tactics, malicious actors gain unauthorized access to a user's BNPL account, allowing them to commit fraud on any merchant that accepts the provider. Account takeover fraud significantly impacts BNPL businesses by inflicting financial losses and damaging their reputation. This type of fraud allows criminals to misuse credit lines, leading to an increase in unpaid debts, loss of trust with the merchant, and a reduction in the willingness of potential customers to engage, all of which stifle the business's growth and profitability. Due to the delayed payment nature of BNPL, the actual consumer may remain unaware of the fraudulent activity for weeks.
- Synthetic Identity Fraud: Fraudsters can exploit stolen information to perpetrate synthetic identity fraud within the realm of buy now, pay later transactions. This form of fraud involves the creation of fictitious identities that enable fraudsters to establish new accounts and make purchases through BNPL providers. Synthetic identity fraud poses a substantial risk to BNPL businesses as it allows fraudsters to establish credit lines with fake identities, leading to significant financial losses due to unpaid debts. Additionally, as these synthetic identities can pass initial checks and continue operating undetected for extended periods, they can undermine the credibility of the BNPL provider and erode trust among legitimate customers, further hindering business growth.
- Sim Card Swapping: A SIM swap attack is a malicious tactic employed by fraudsters where they deceive a cellular service provider into transferring the target's phone number to a SIM card controlled by the attacker. Once they have control of the phone number, the attackers can bypass security measures such as two-factor authentication by intercepting one-time passcodes. This leaves the victim's BNPL account vulnerable to unauthorized access and fraudulent activity, creating credit risk and unpaid debt.
The Urgent Need for BNPL Fraud Mitigation Solutions
Considering the escalating prevalence of these fraudulent activities, it is reasonable to anticipate a corresponding increase in bust-out events and associated credit losses. Therefore, fraud prevention is paramount for BNPL platforms, as the consequences of failing to address these risks are severe. So, what are the viable solutions? In the ensuing sections, we will explore the range of available strategies.
How Trust Stamp Provides a Solution
Trust Stamp offers state-of-the-art digital identity technologies that empower BNPL providers to protect their businesses and customers from identity fraud risks such as Account Takeover Fraud, Synthetic Identity Fraud, and Sim Swap Attacks.
To prevent Account Takeover Fraud and Sim Swap attacks, Trust Stamp adds biometric authentication to a company’s fraud prevention stack. Rather than relying on identity bound to a device - through a phone number, Trust Stamp’s Biometric Multi-Factor Authentication (MFA) binds an identity to a biometric. This biometric is converted to Trust Stamp's Irreversibly Transformed Identity Token (IT2), which facilitates facial comparison without storing a photo or biometric measurements. Since identity is not just bound to a phone like a one-time passcode, this makes account takeover and sim-swap attacks much more difficult. Utilizing a facial match with liveness detection, Biometric MFA ensures that only legitimate customers can access BNPL platforms. This approach adds an additional layer of security, effectively mitigating data breaches, identity theft, and fraud.
- One of our top partners was able to reopen 83% of their closed accounts that had failed knowledge-based authentication (KBA) and were flagged as potential fraud but were actual customers.
- One of our top partners saw 7-figures in fraud savings after integrating our solution into their onboarding process.
Trust Stamp's Greylisting and Duplicate Identity Detection serve as an effective strategy in mitigating synthetic identity fraud. By incorporating a greylisting approach, financial institutions, and BNPL providers can designate questionable or suspicious identities as 'greylisted' for a specific period. Using Trust Stamp’s Irreversibly Transformed Identity Token (IT2), identities can be added to a greylist without storing sensitive personal information or biometric templates. During this time, any transactions or activities associated with these identities are closely monitored. This allows institutions to identify patterns consistent with synthetic identity fraud, such as the sudden proliferation of transactions or unusual behavioral trends. This proactive stance not only identifies potential synthetic identities but also deters fraudsters by introducing additional uncertainty and risk to their operations, consequently disrupting synthetic identity fraud's lucrative and deceptive nature.
Closing thoughts
As the BNPL market continues to expand, the need for robust fraud mitigation solutions becomes increasingly critical. Trust Stamp's comprehensive suite of identity solutions, including facial biometrics and tokenization technology, equips your BNPL company with the necessary tools to protect customers, secure transactions, and maintain your reputation. By implementing Trust Stamp's cutting-edge technologies, BNPL providers can effectively combat fraud risks, increase lending, and foster trust among customers and retail partners.
Take a proactive step to secure your BNPL business with advanced and trusted identity solutions. Reach out to Trust Stamp today to learn more!