The term “friendly fraud”…pretty funny when you think about it. Why on earth would we call a situation where someone is stealing from you friendly? I’ve never really understood that and most professionals within the industry say the same thing. So if you happen to know where it came from, I’m interested in learning, so let me know.
But what is friendly fraud and how does it differ from true fraud? And more importantly, how do we:
1) Identify the difference between friendly and true fraud?
2) Combat friendly and true fraud, without impacting our valid customers?
Identification is the challenging part, combating it can be a bit more manageable. This varies even when we look at the difference between frauds related to physical goods vs. digital content. But let’s speak in general terms and later we can go into details on each of the sections.
Primarily, if there is any hope at all at identifying what’s taking place within your transactional environment it’s critical that you have access to the transaction data. When I refer to transactional data it’s anything, any piece of information that can be used and linked to a specific transaction, there are some details here. If data is unavailable then identification and subsequent management of the frauds becomes much more difficult and less likely. Let’s assume for conversation sake that data is available.
Well then how is data used to differentiate between fraud types prevention of unwanted transactions?
Yes, congruency is the term that we’ll be using to help differentiate between true and friendly fraud. Why, because for starters true fraud tends to be much less congruent with your standard transactions, generally containing more pieces of data that fall outside of the standard transaction taking place. Example: A merchant has an average order of $150 which comes from within the US. Congruency takes a hit when an order is processed that is for $350 and takes place from the UK. Not saying that this is an invalid order but it lacks congruency, it’s outside of your expectation and probably warrants further inspection. That kind of characteristic is much more closely identified with true fraud vs. friendly fraud. For true fraud, the data behind a transaction is one of the best tools to identify and then combat malicious activity.
What do you think, and what have you found to be successful in the identification and subsequent cessation of activity related to specifically friendly fraud?