How Retailers Can Combat Rising Digital Fraud Rates

Digital fraud is at an all-time high, and in no other industry is the threat more pronounced than retail. In the first half of 2023, a TransUnion analysis found the rate of suspected digital fraud attempts in retail was 10.6 percent globally. That’s not only enough to lead all industries; it’s double the global average rate of 5.3 percent and represents a 183 percent increase in retail fraud from its pre-pandemic (first half of 2019) level. Although the rate was lower for retail transactions originating in the U.S., at 5.7 percent, that’s still well above the overall U.S. average of 4.3 percent.

These numbers aren't surprising. With the rapid increase in digital transactions, fraudsters naturally want in on the action.

In general, the retail industry has performed well in minimizing data breaches compared to other industries. However, retailers are still vulnerable to account takeovers (ATOs) executed with data stolen elsewhere — and data breach volumes continue to rise (up 5 percent in the first half of this year vs. 2022). It has become much easier for fraudsters to perpetrate attacks, as new techniques like algorithms that attack multiple types of accounts at once can be combined with the ability to sell credentials on the dark web, ensuring a strong pipeline for ATOs and other forms of fraud.

While retail executives typically cite ATOs as their most significant fraud challenge, an analysis of TransUnion evidence type data suggests that the top fraud type is promotion abuse (e.g., a customer creates multiple accounts to take advantage of a one-time discount many times).

Synthetic identity fraud is another key risk. Retail credit cards represent a relatively small share of the total credit amount that synthetic identities have access to — $126 million in the first half of 2023, compared to $1.8 billion for auto loans and $994 million for bank credit cards. However, retailers likely have significant additional exposure through buy now, pay later (BNPL) platforms. Many fraudsters have shifted their attention to BNPL because it offers higher credit limits than retail credit cards but has less mature fraud-detection mechanisms and less strict customer controls.

So, what can retailers do to stem the rising tide of fraud?

First, embrace multifactor authentication (MFA). Many retailers still resist using MFA, as they're concerned about introducing additional friction into the purchase process and causing consumers to abandon their carts. However, surveys show that customers are used to MFA and expect it. In fact, they prefer it, as they want to know that their information is safe. A recent TransUnion report on back-to-school shopping indicated that a majority of U.S. consumers expect retailers to protect and verify their identity and personal information by using a one-time passcode (61 percent), using biometrics such as FaceID or a fingerprint (19 percent), or requiring customers to create an account before shopping (19 percent).

Second, consider device fingerprinting and other forms of device proofing. These solutions assess the risk level of the device in use and the behavior associated with that device. Behavioral analytics can flag, for example, if a person is taking too long to enter basic details or searching between tabs for information that they should know, which could mean that a fraudster has gained unauthorized access to the account. Using IP information in combination with device fingerprinting and behavioral analytics can further support fraud prevention efforts.

Customers want retailers to verify their identity and protect their data. It's possible to use tools such as MFA and device proofing in the background in a way that minimizes disruption for legitimate customers while flagging suspicious users or devices for closer attention. The goal is enhanced fraud-fighting capabilities and a friction-right experience — and the two need not be mutually exclusive.

Cecilia Seiden is the vice president of TransUnion’s retail business, where she develops industry growth strategy and leads a cross-functional team dedicated to helping companies understand, reach and protect consumers across their omnichannel journey.