top of page
Writer's pictureJustin Pike

Combatting fraud: Why AI is costing online merchants more than fraud (and how to solve this)

Yes, you read the headline correctly. AI is indeed causing online merchants to lose more money than fraud. Ten times more, to be exact. What makes this statement even more unbelievable is that many of the AI systems online merchants use are designed to mitigate fraud. 


To best explain, we need to look backwards…


A brief history of payments, and fraud

Fraud has always been an issue. As soon as some form of currency was introduced into society, people looked for ways to illegally gain a financial advantage. 


It wasn’t so long ago that cash was the main currency. And it didn’t take much for clever forgers to increase the sophistication of their illegal copies so that they were readily accepted, which created a significant issue for anyone dealing in cash.  So, the banks devised an excellent workaround – cards.


The reliance on cards increased exponentially as the level of technical proficiency needed to clone them was significantly higher than forging notes. However, with just a magnetic stripe and signature in the way of the fraudsters, they overcame this hurdle too. 


Enter Chip and PIN. 


The digital certificate in the chips means they cannot be cloned, and unless someone figures out how to read minds, the PIN cannot be stolen. And this is what makes Chip and PIN the most enduring and safest way to pay, ever. 


Now, in the digital age where customer experience is key, and everything needs to be as frictionless as possible, Contactless payments entered the equation. This game-changing technology has sped up the payment process, making in-store checkouts faster and easier. In the UK, the initial limit for contactless transactions was £10, then raised to £30 and subsequently £50.  During Covid the Contactless limit was raised to £100 to support a more hygienic process. But of course, this also increased the amount that stolen cards could purchase. So, a safety limit is in place whereby a PIN is required every 3 taps or £150 – the cardholder is required to input the card and enter a PIN to safeguard against fraud. 


And of course, we now also have digital wallets like Apple Pay and Google Pay to further improve the payments process, which are purely Contactless transactions with a biometric component, such as face ID or fingerprint.

 

The endless cycle of fraud

Einstein’s 1st Law of Thermodynamics says that “Energy cannot be created or destroyed, it can only be changed from one form to another". It’s the same with fraud – it never goes away, it just changes to another form, as evidenced in the above history. 


Chip and PIN has significantly reduced the advent of fraud for in-store/in-person payments because cloning a card is impossible. And so, fraud has now mostly moved online, where payments are deemed by banks as ‘card not present’. These transactions come with much higher merchant fees because it’s so much easier to complete fraudulent transactions. And it’s a significant global issue. Let’s take a moment to look at some sobering figures:


  • The cost of chargebacks (which is when a consumer disputes that an online purchase was made on their card and the merchant has to refund the money even though the goods have been sent) to merchants is currently $40 billion globally.

  • The cost of false positives (which is when fraud detection software deems that an online transaction is fraudulent and blocks it, when in fact the purchaser is legitimate) is $443 billion in lost sales per year. 


The average online merchant uses (and pays for) five fraud detection tools to reduce the risk of fraud. And judging by the figures above, the AI isn’t doing that good a job… or perhaps too good a job, if you see it that way. Either way, it’s stopping legitimate transactions too. 


So, here’s the question. If Chip and PIN has done such a good job of combatting fraud in-store (and who ever heard of an in-store false positive?!), then why don’t we use it online? Seems like a very simple answer to a very big problem.


The solution: Bringing the terminal back to the consumer, but in a new way

Everyone has a phone. And there are excellent payments solutions out there that turn phones into payment terminals to help merchants accept payments anywhere – on a street, at events, at someone’s home. Literally anywhere. So, if merchant’s phones can be turned into secure payment terminals, then surely we can turn anyone’s phone into a payment terminal?


The answer is, we can. Or at least, we at Burbank, can. Because we’ve developed a way to turn consumer devices into terminals that can accept card-present payments over the Internet (CPoI). And card-present payments make fraud very difficult in any channel – in person and online. Here’s how it works:


  • Burbank’s CPoI turns the customer’s device into a PCI-compliant payment terminal. Merchants only need a card-present agreement.

  • At checkout, the customer taps their card against their own device and securely enters their PIN to complete payment. Just as they do in-person / in-store.

  • These transactions use Burbank’s unique patent-pending technology and existing payment messages to offer merchants and consumers the safest way to pay online.


The fascinating thing about all this, is that while technology can (and does) improve so many aspects of our lives by making things more accessible, faster, and easier, sometimes it also makes things more complex, harder, and in the case of payments, riskier. 


The irony is not lost on me that the solution to 100% eliminating false positives and significantly reducing chargebacks is to go back a step and use technology that has been around for twenty years – the trusty, proven, familiar, and universal Chip and PIN. Often the pendulum swings too far in one direction and has to right itself to get the balance back in order. And that’s exactly where we’ve landed with Burbank’s CPoI. By bringing the terminal to the customer in any channel, we’ve enabled the same, safe, simple, and secure payment process for anyone, anywhere.

 

And the even better news is that it’s ready to go!


If you’re interested in hearing more about CPoI, reach out to the Burbank team

Comments


Commenting has been turned off.
bottom of page