How chart analysis can prevent “buy now, pay later” fraud

A series of banging coordinated robberies in the San Francisco Bay Area dominated our news feeds at the start of the 2021 holiday season. Dozens of people stormed the Louis Vuitton store in San Francisco and a Nordstrom near Walnut Creek, emerging with handfuls of luxury items worth over $100,000. These attacks, according to the police, were organized on social networks and committed by people who did not know each other.

Now there’s a digital version of this organized retail theft – and it’s silent, nameless and faceless – and it uses a new type of process called BNPL. BNPL (buy now, pay later) is a type of installment loan that lets you make purchases online and pay them back in weekly, bi-weekly, or monthly installments. This method of purchase has become massively popular in the United States and Europe. BNPL services are growing at a rate of 39% per yearand even PayPal, Amazon and Square are getting in on the action and acquiring existing BNPL companies in multi-billion dollar deals. While shoppers can get their hands on expensive Xbox gaming systems, laptops and purses faster, BNPL has opened the door for potential scammers who only pay the 25% base value for a product and avoid paying the rest.

BNPL Fraud: Account Hacking, Fake Accounts and Digital Flash Mobs

BNPL fraud occurs in several different ways. During account takeover, fraudsters gain access to an existing BNPL client’s account and make unauthorized purchases. Fraudsters too open fake BNPL accounts using someone’s stolen identity. What helps fraudsters and hurts consumers are the BNPL’s lax identity and verification processes. Often, BNPL providers rely on data, internal algorithms, or soft credit checks to determine a person’s creditworthiness. This means they may miss critical fraud indicators, such as an address or phone number that doesn’t match the applicant. In addition to account takeovers and fake accounts, fraudsters can band together to make purchases. Groups of malicious actors spread over different geolocations and network addresses can attack at the same time. You can see 100 people logging on and buying $600 consoles for just 20-25% of the product’s value – and there’s no prior data linking those people. Fraudsters within this digital flash mob then turn around and sell these items at full market value.

BNPL fraud represents a new challenge for traditional banks that offer their own BNPL offer; it’s basically an instant, point-of-sale loan application, minus the credit check. This means that banks will absorb the losses from any fraudulent loans. Banks pay merchants upfront for consumer purchases, meaning they risk losing up to 100% of a loan’s value to fraud. Additionally, a fraudster could open a new account at the same bank under a synthetic identity, obtain a credit card, and start making purchases. Then the fraudster defaults, resulting in a total loss. Enterprising fraudsters can also employ wizards to test stolen credit card numbers on a mobile app. If a stolen card number worked to make a small purchase, then it could be used to make much larger purchases.

The chart can spot cheat markers

As more and more people use BNPL, the risk of fraud increases. During the 2021 holiday season alone, nearly 40% of people have used BNPL financing like Affirm or Klarna to pay for holiday gifts. How can BNPL suppliers protect their automated digital processes? First, providers can implement stricter identity verification – at account opening and payment. They may also use machine learning technology to identify unusual shopping activity that may be related to fraud. Graph analysis is a set of analytical techniques that highlight how entities such as people, places, and objects are connected to each other. The graph identifies connections, relationships, and patterns. Financial services institutions and credit card providers use graphics to detect potential fraud – during the application process as well as when purchases are made. When someone applies for a credit card, for example, the graph can take a close look at the characteristics of their application. Are there other apps that share the same email/phone/address/device? What is the number of shortest paths and connections/hops between the input application and a blacklisted application? Graph can assign each part of the application a different weight to generate a fraudulent path score. The credit card provider, armed with this score, can predict the risk of a single application, all in real time.

Similarly, we can apply the graph to BNPL scenarios to proactively “catch” fraud during the actual attempt rather than after the fact. Consider this scenario: John completes and submits an BNPL application. Meanwhile, the BNPL provider inserts its data into the chart, queries are executed, and relationships are highlighted. Graphical analysis spits out a score. A low score means high risk, while a higher score is likely to be approved. All of this can be done in real time if the BNPL provider links the graph database to its other algorithms. Behind the scenes, the graph will analyze various data points, such as John’s name, address, social media accounts, IP address, email address, and date of birth. Are John’s name and date of birth associated with fraudulent claims? Has the IP address been used for multiple (rogue) applications in the recent past? Is John even the person he claims to be?

Preventive quality control

Banks can use graphical analysis to examine the total customer behavior to detect potentially fraudulent BNPL credit applications at the point of sale. Thus, a credit request is refused before the fraudster gets his hands on the goods. Additionally, graphical analysis (aka link analysis) ensures that there are no links between candidates and previous fraud cases or organized fraud rings.

Graph detection can be performed natively if the data is stored in a graph database, but graph algorithms can also be applied on data not stored in a graph format, although in these cases queries may be slow and the results incomplete. Several libraries of graph algorithms exist for detecting and noting relationships between people, places, and events. For a public library of graph algorithms, the answer to follow is NetworkX. There are also libraries provided by some graph database vendors.

If the data is constantly refreshed and updated, real-time analytics allows an organization to find hidden patterns in the data before any transaction or credit application is approved. Because BNPL providers rely so heavily on data to grant or deny someone a loan, these companies need access to the most accurate data results available. Basically, better real-time data produces fewer successful fraudulent transactions. The implications of this are enormous for BNPL providers, who have historically borne the brunt of fraud as a cost of high volume transactions. Less fraud, in turn, translates to fewer inconvenienced customers as they wait for their money to be returned after a chargeback.

Todd Blaschka is Chief Operating Officer at TigerGraph.