In their attempts to compete with online-only merchants, many brick-and-mortar merchants focus on building their digital operations and offerings. They see it as the key to omnichannel success. While a robust online footprint is critical for competitiveness, it’s not a panacea. By concentrating solely on what they lack, these brick-and-mortar merchants are losing sight of one of the few real advantages they have over online-only competitors: their physical locations. As a response to these customer demands, many merchants now offer buy online, pickup in store (BOPIS) offerings, also known as click-and-collect, or in-store pickup (ISPU). Merchants can catch two birds with BOPIS: improve their staff and inventory efficiencies while simultaneously generating additional in-store revenue, as customers make unplanned purchases during in-store pickup. This is why Amazon is rushing to expand its physical footprint with Amazon Go and 4-Star stores. Alibaba, China’s answer to Amazon, has launched the Hema offline superstore, featuring robots, apps, and overhead conveyor belts. From Warby Parker and Away to Casper and Glossier, direct-to-consumer brands are committing to offline flagship stores while expanding their suite of pop-ups across multiple markets. To minimize overhead and maximize store space even further, a growing number of merchants including Walmart and Home Depot are installing lockers instead of assigning staff and storage space for BOPIS orders. But there is a caveat: fraudsters have also realized that BOPIS is a huge revenue opportunity for them. Our data showed rates of attempted BOPIS fraud at some of our merchants rose by as much as 250% in 2018. Just a year or two ago we would have told merchants that BOPIS sales were extremely safe but that’s no longer the case. In this blog post, we will explain how many omnichannel retailers are managing their BOPIS and BOPIL strategies in a way that ruins customers’ shopping experiences. Read on to learn about a completely different approach that allows merchants to avoid this. Don’t Treat Customers Like Criminals @PicknPay your online shopping sucks. Staff is unprofessional and you end up standing in queues anyway for click and collect. This is at Ottery Hypermarket. — Atia Adam (@AdamAtia) November 24, 2018 Shoppers choose to click and collect because they want the convenience and the immediacy. They don’t need to wait for shipping and can also return the product in the store if they decide they don’t like it. While BOPIS is challenging to execute, the benefits for merchants can be significant. According to iVendi Retail, 61% of shoppers and 75% of millennials who come into the store to collect their online order make an unplanned purchase. Consumers are 67% more likely to browse or shop in a physical store after having visited it to return items originally purchased online, BigCommerce 2018 Omnichannel Buying Report concluded. . However when execution is poor, as was the case for Ottery Hypermarket, BOPIS generates diminishing returns. One of the main reasons why shoppers end up waiting in stores for a long time to pick up an order purchased online is because of the additional steps the staff take to verify the order details, payment method, and the identity of the individual picking up the order. Many merchants add friction to BOPIS, seriously hampering the customer experience and requiring huge amounts of time from their sales associates. One of our competitors, for example, requires their clients to institute multiple in-person verification processes in order to guarantee their BOPIS orders from fraudulent chargebacks. @ted_baker Guys, you really need to rethink your Click & Collect policy. My wife was treated like a criminal in Cheapside store because..1/3 — Simon Dale (@simoncdale) February 7, 2014 If merchants have an effective fraud management system, the initial risk assessment made at the time of the online purchase will be enough. Why add friction to both the customer journey and the in-store workflow, when an accurate fraud review system allows only good, legitimate orders to be fulfilled? Scores of complaints can easily be found on social media and other online fora under #BOPISfail, #clickandcollectfail, and countless other hashtags. Merchants should beef up their digital order review and management systems, and prevent their brands from being associated with any of these upsetting experiences and associated hashtags. Asking the shopper for identification is not foolproof, as fraudsters are more than capable of creating fake credentials. If they’ve stolen enough identity information to impersonate someone online, they likely have enough to create a fake ID to use in person. Training your sales associates to check IDs and authenticate identities is expensive and time consuming. Verifying these customers at the time of purchase – rather than the time of pickup – means sales associates can help sell, customers get their items easily and lines don’t build up. Treat BOPIL Orders Like Digital Goods Orders As mentioned earlier, more and more merchants are offering customers online order pickup at in-store lockers. With seamless execution, lockers can shorten the pickup process to 10 seconds. There is zero human involvement with no need for in-person verification or form of identification. All a customer needs to do is punch in the security code or barcode that was sent to their mobile device, app, or email. And voila! Buy online, pickup in locker (BOPIL) orders are attractive to fraudsters for the same reasons they are attractive to legitimate customers – speed and ease – but BOPIL orders add another challenge for fraud prevention. These orders don’t require a shipping address and shorten the amount of time a merchant has to review for fraud. This means that merchants should treat BOPIL orders the same as they treat digital goods transactions and not as physical goods orders. The order review management system must be trained to evaluate an order of a smartphone placed online for same-day pickup at a locker as if it were a digital gift card delivered via email. The focus of fraud prevention in BOPIL orders must be shifted to digital measures and abilities, instead of adding unnecessary layers of manual, in-person review mechanisms. Why? Because in the absence of a uniquely identifiable, physical shipping address, the email address serves as the delivery destination. With BOPIL orders, it is critical to correctly identify the link between the email address and the customer or accurately determine that no such link exists. Merchants must also check the distance between the locker location, billing address, and the location of the buyer as indicated by the IP address. Fraudsters will connect to the Internet via proxy servers to mask the true location of the computer from which they are placing the order. Different proxy servers have different “tells.” Riskified has developed a multilayered system to detect proxy connections, and this is one of multiple fraud detection technologies included in our full-stack solution. However, there are many standalone tools that you can integrate into your systems which provide a “proxy score” – an estimate of how likely it is that a certain IP address is in fact a proxy. Behavioral analytics is essential for determining legitimate versus fraudulent shopper interaction with merchants’ eCommerce sites and mobile apps. At Riskified we use a Storefront Beacon, a snippet of code embedded in customer-facing web pages and apps, that tracks the behavior of visitors to that page. It also gathers data about their device and shopping behavior. When these browsing patterns are analysed and cross-checked against millions of other shopping sessions, they can help differentiate between legitimate and fraudulent purchases. Lastly, merchants should monitor how shoppers are arriving at their eCommerce site or mobile apps. Shoppers coming from a referring site are significantly safer than those who typed in the store URL. In fact, we see over twice the rate of fraud attacks in direct traffic orders. Device type, and other device fingerprinting data, can be provided by 3rd party analytics sites, like KissMetrics, Piwik or Google Analytics. Even apart from the traffic source context, it’s valuable to know whether an order was placed on a desktop or a mobile device – this is definitely a variable worth considering. Omnichannel may feel overwhelming, but it doesn’t have to be. Being smart about when to leverage technology versus when to utilize offline assets, such as physical stores, will make all the difference. Ecommerce is extremely competitive and merchants have to do everything they can to meet their customers wherever and whenever they are shopping. Reach out and learn more about how our full-stack solution and standalone tools can help you focus on increasing revenue, minimizing overhead, and making customers happy.