Ever since parents started sneaking broccoli into mac and cheese, fraud has been a problem in the world of food. Unfortunately, the fraud dilemma has not only evolved with the times, it’s also grown up to have some very adult consequences.
Today, fraud makes all the ways that customers shop rife with peril and frustration, whether they’re buying groceries, using gift cards
or mobile apps for morning cold brew, or even just ordering a casual lunch from a nearby hamburger joint. As retailers have fine-tuned their business models for the eCommerce and mCommerce markets, scammers have adapted with them
, turning fraud in the food and beverage industry into a multimillion dollar problem. In this post, we outline how Card Not Present (CNP) fraud schemes are affecting the food industry and offer up a shrewd menu of strategies to keep both merchants and customers from starving.
How eCommerce fraud cooks up trouble in the food industry
Generally speaking, CNP fraud in the food industry isn’t much different from fraud in other industries. Episodes ranging from simple promo code abuse
to more sophisticated attacks like account takeovers
are built into the risk of doing business online, whether you’re a mom-and-pop cafe or P.F. Chang’s or Trader Joe’s. The difference, however, comes down to the stakes.
: Food industry merchants, by nature, succeed only by dint of speed, accuracy, limited friction, and consumer satisfaction—all in high-pressure, time-sensitive situations. While other merchants aspire to capture the same-day shopping set, restaurants and grocers often have to get their products in a box, out the door, or on a plate within an hour. This means it’s critical to make lightning-quick decisions on whether a transaction is legitimate while avoiding any interruptions that soak up valuable time. At Riskified, we pride ourselves on being able to deliver decisions in less than a second to help merchants keep their operations running smoothly.
: On top of revenue lost to fraud, inefficient fraud-prevention measures introduce the specters of customer friction, revenue lost to false declines, and wasted customer acquisition costs. Unlike haute fashion concerns or electronics powerhouses, the profit from transactions in the food industry typically relies on razor-thin margins, which magnify each and every loss. The bite of fraud or even sluggish performance of an inefficient fraud-management system mean the difference between red and black.
: Because food industry goods are generally priced lower than most consumer goods, fraudsters often target restaurants and their online ordering systems to test stolen credit card numbers
purchased from the dark web. “Card testing” is a nightmare for consumers who may have their cards charged at multiple places at once by bots, but it’s also a major problem for merchants. According to our recent consumer survey, a surprising number — over 20% of shoppers
— blame the merchant who accepted the payment from a stolen card. With angry customers and chargeback fees factored in, even a $3 box of nuggets ordered with a stolen card becomes an exponentially bigger loss.
How Card Not Present fraud threatens the food industry’s explosive growth
With eCommerce and mCommerce adoption poised to surge among consumers worldwide
, the food industry in particular stands to gain from new customer willingness to purchase goods online. Whether it’s dinner via delivery, meal-prep supplies collected through a buy-online-pick-up-in-store (BOPIS) system, or lunch ordered ahead through an app, there are more unique possibilities than a menu at a Greek diner.
One example is the grocery industry where, according to a recent study by Commonsense Robotics, online growth rocketed by 35%
between 2017 and 2018 alone. By 2023, as much as 10% of all grocery sales in the US may be conducted online. Meanwhile, in Europe, the click-and-collect (BOPIS) has firmly taken hold. In 2017, 42% of customers across France, Germany, the United Kingdom and Sweden purchased groceries ahead of time online
. (Roughly another 25% actually made an additional purchase while collecting the groceries.)
For quick-service restaurants, a 2018 survey showed that nearly 40% of customers
had ordered through a smartphone app in the previous 90 days. And even they do, retailers have reaped major benefits. Take Taco Bell, which sees 30% higher order values on mobile
. For a business that lives and dies on 89-cent tacos, that can add up to a lot of cheese.
Then, there are app-dominant loyalty programs like Starbucks Rewards, which have come to account for 39%
of US company-operated sales. (That’s in addition to the 12% of sales through order-ahead on mobile and the 27% of total in-store purchasing executed on the app.)
For forward-thinking merchants, there are plenty of exciting trends to prepare for. But with great growth comes great consequences. Sadly, with 130% more meals ordered on mobile
around the world between 2016 and 2018, fraud will also scale as the market expands—with the potential to overwhelm operations and wipe out new gains.
Protecting against food fraud
Unfortunately, fraud is not a fixed threat. The schemes and dangers change and mutate as quickly as technology allows and defensive measures adapt to them. Here are some ways for restaurants, grocers, supermarkets and other online food merchants to stay ahead of CNP fraud.
Learn the behaviors
: Not all that long ago, a mismatched signature on a physical credit card was proof that a merchant might be dealing with a fraudster. Advances in technology have created new angles for scammers every single day. Paying attention to how these tactics shift is crucial to avoiding the costs of fraud.
At Riskified, we constantly track the newest trends and use behavioral analytics
to ensure that we can put our guarantee behind every transaction. Right now, we know that someone ordering a pizza at 2 AM isn’t really that suspicious and that tipping online is usually a good sign that an order is valid. That is, until it’s no longer true. Having a fully automated fraud solution that constantly learns from new data in real-time will make sure that someone has your back when scammers near college campuses start mimicking students’ habits.
Prepare for account takeovers
: With many fraud trends emerging out of new technologies, there are still some broader strategies that cybercriminals have come to rely on to stay ahead of fraud-management systems. One of the biggest threats today is account takeovers, which cause billions of dollars in fraud losses
and have accounted for over a third of fraud incidents since 2016.
Account takeovers are not only hard to see and costly, but are damaging to a merchant’s credibility because they often emanate from payment or profile data stored by the merchants. At Riskified, our Account Protection service uses our web beacon, dynamic linking and bot detection tools to determine whether an account is being logged into by the legitimate account holder or an opportunistic scammer. We’re able to block those bad login attempts to keep accounts secure and prevent the fraudster from even reaching checkout, preventing loss and maintaining merchant reputations.
Every growth has its thorn
: The nearly countless new ways for goods to be ordered and fulfilled offer endless opportunity for revenue. But each new innovation has a vulnerability — a fraud ring
, porch pirate
, liar buyer
, BOPIS troll
, or a delivery deviant
waiting in the wings to cause damage.
Studying the potential pitfalls of each innovation in the distribution system can help you better prepare for the inevitable disruption. But taking a long view of the work of fraud management in this hectic ecosystem is vital. When it comes to fraud, it’s worth a serious investment to avoid wasted labor and spent time, lost goods, and a damaged reputation. Riskified partners with merchants to assume the risks of digital growth so that food retailers can maintain focus on the core aspects of business like keeping costs down, quality up and providing excellent customer service. While the challenges of being a merchant in the food industry have never been greater, neither have the opportunities.
Read more on our blog
and in our Resources