Netflix, Spotify and Microsoft are usually associated with the subscription economy. But today, the subscription model is adopted even by businesses that offer offline products and solutions, such as Hook Coffee’s subscription service and Access by BMW car subscription offering.
Instead of requesting a lump fee upfront, subscription businesses charge customers a recurring fee to access a product or service. They can provide customers with value, convenience and personalised offerings while fostering stability and growth.
This business model, however, comes with a risk: an increased chance of fraudulent activity occurring.
According to “The State of Online Fraud” study by financial infrastructure platform Stripe, 72% of subscription businesses think they will lose more money to fraud this year than in 2021.
Consumer-facing subscription businesses tend to be more affected, with more than three-quarter of them reporting that they had to divert more resources to fight fraud last year.
“We believe that these consumer-facing businesses have more brand awareness, meaning the stolen goods or services are easier to resell — such as buying a digital subscription with a stolen credit card, then selling it for a lower price. As a result, fraudulent actors are more likely to target them,” shares Paul Harapin, Stripe’s head of Asia Pacific & Japan.
See also: 80% of AI projects are projected to fail. Here's how it doesn't have to be this way
Common types of fraud
Stolen payment methods, says Harapin, are one of the most common types of fraud that subscription businesses face. “Fraudsters will use stolen payment methods to pay for transactions, such as paying for a product with a stolen credit card, potentially resulting in a chargeback.”
Chiming in, Warren Hayashi, president of Asia-Pacific at payment company Adyen, says: “Subscription businesses are particularly susceptible to two types of fraud: card testing and reseller fraud.”
See also: Responsible AI starts with transparency
He explains that in card testing, bad actors test stolen card details to see if they can be used to buy physical goods online. This is because subscription businesses tend to offer easy sign-ups and low transaction values, making it easy to set up servers and scripts for a high-volume approach to card testing.
Meanwhile, reseller fraud will see fraudsters signing up for trial periods and then selling them to unsuspecting consumers for small amounts of money.
“In today’s age of automated account creation, carrying out fraudulent attacks like card testing and reseller fraud has never been easier. However, the traditional blanket approach of fighting fraud by stopping all suspicious transactions can do more harm than good, as it can also block legitimate customers,” adds Hayashi.
Regardless of its type, fraud can negatively affect a business in multiple ways.
For every dollar lost to fraud, the total cost to businesses is actually much higher due to increased operational costs, network fees and customer churn. More importantly, the loss of customer trust as a result of fraud is difficult to earn back.
Paul Harapin, head of Asia Pacific & Japan, Stripe
He also highlights that fraud can lead to lower payment conversion rates. The more fraud a business tries to prevent, the more likely they are to block legitimate charges as well. False positives (or false declines) are when a legitimate customer tries to make a purchase but is prevented from doing so.
To stay ahead of the latest tech trends, click here for DigitalEdge Section
“False declines can cause the business to take both a gross profit and reputational hit. In fact, we found that a third of consumers said they wouldn’t shop again at a business after a false decline,” he says.
Fraud prevention tips
So how can subscription businesses prevent fraud without compromising the customer experience?
Adyen’s Hayashi believes the answer lies in recognising returning shoppers and spotting anomalies fast, which requires subscription businesses to have a holistic view of their customers.
Catching fraud is all about context. Other than the transaction amount, card number and security code, a one-off payment gives limited information. This makes it difficult to determine what’s suspected fraud, what’s definitely fraudulent, or even a legitimate request.
Warren Hayashi, president of Asia-Pacific, Adyen
“You really need to have a single overview of your data across a certain period to form a clear profile of your legitimate customers. It’s only when we zoom out to look at a payment’s wider attributes that we can start to add context to a payment and thereby minimise false positives,” he adds.
Meanwhile, Stripe’s Harapin advises subscription businesses to use machine learning-based fraud detection solutions instead of relying on traditional methods.
He states: “Rules-based fraud detection — which operates on an ‘if x happens, then do y’ logic — was never designed for modern internet businesses and can lead to lost revenue. Businesses should leverage solutions powered by adaptive machine learning, with algorithms evaluating every transaction and assigning a risk score, then blocking or allowing transactions based on the risk of fraud.”
Australian e-commerce business shipping carrier Sendle is one company that has benefitted from doing so. By combining Stripe’s machine-learning algorithm and Sendle’s custom rules, Sendle optimised its fraud protection and got the company back on track for its US expansion strategy.
This led to an ROI of 11x and prevented a fraud loss of nearly 30% of its US business revenue. Sendle is now confident of managing increased package volumes during busy e-commerce periods without worrying about financial losses from fraud.
Subscription businesses, says Harapin, should also manually review high-risk payments, so that they can take action more accurately and before a potential dispute occurs. However, he notes that this can be labour-intensive as it calls for a team of fraud analysts to assess risk based on various factors such as transaction details and customer history.
“There’s no such thing as a silver bullet [for fraud prevention]. You want to reduce fraud but not frustrate customers with declines when the fraud settings are too strict. We believe the best way for businesses to protect shoppers is by having a hybrid risk model that combines different techniques to make the best risk decisions,” concludes Adyen’s Hayashi.
