The last 2 years have changed many things for the retail industry, not least the shift to online selling. This move has brought many positives and opportunities such as an expanding customer base which in turn means retailers now hold an ever-increasing amount of customer data.
Privacy and security for customers and for the businesses themselves have naturally become major priorities for today’s retailers.
What’s the latest fraud method?
Running your own business demands becoming an ‘expert’ in seemingly everything so ‘Privacy Enhancing Technologies’ (PETS) might be an area less familiar to small and independent retailers and brands. Yet much like security for a bricks and mortar store, online security is critical especially as fraudsters are advancing their methods rapidly.
Retail fraud increased by “50% between 2020 and 2021, and identity fraud increased by 11% in the first six months of 2021”. The pressure is on businesses to protect their customers, but what happens when it’s the retailer experiencing the impact of the fraudster?
Determining if an online customer is authentic or only wishing to defraud you is highly challenging. Moreover, the problem is ever-changing as cybercriminals are working daily to stay one step ahead of retailers and fraud prevention teams.
According to Identiq, a fraud prevention start-up, there are three methods that stand out as the most common; promotional abuse – using fake emails to qualify for new user sign-up bonuses, “item not received” frauds – falsely claiming an item was never delivered and returns abuse – returning a fake item in place of real item or sending back an empty box.
Five areas to swot up on
Itay Levy, Identiq’s CEO and co-founder says there are 5 area retailers need to get informed about. He also warns against complacency and an attitude of “that’s how we’ve always done it.”
“That kind of attitude just doesn’t make sense for data security or cybersecurity. In fact, the opposite is true; you need to be active to keep ahead of fast-moving bad actors and ongoing regulatory changes,” he explains, going on to list the following five areas to be aware of.
1. Privacy Enhancing Technologies – if you’re not analyzing these technologies and what they can do for your business, it’s time to start.
2. Deepfakes — Levy explains: “In fraud prevention, we’ve already seen deepfakes at work helping criminals successfully steal money from businesses. Deepfake voice tech and facial recognition tech are used. Cybersecurity more generally needs to be aware of the threat posed by this technology in the wrong hands — and prepare to face it.”
3. Sharing data with third parties — “It used to be enough to just have a legal check that everything was “defensible” should anything go wrong with a third party, but increasingly that’s not the case anymore” explains Levy. This has the potential to be a much larger source of problems than retailers are currently aware of.
4. Supplier chain risk — companies need to analyze their supply chain, identify the risks, and mitigate wherever possible.
5. User accounts — Retailers should not underestimate how vulnerable user accounts can be. As Levy elaborates: “this is an often-underestimated element of risk within an organization. Companies concentrate protection of user accounts on point of sale, because protecting users’ financial assets seems especially important. Nowadays, though, with consumers so sensitive to the risk of stolen data, it’s just as important to protect access to accounts more generally.”
These increasing risks may sound daunting, but the key is being prepared. Retailers need to educate themselves around potential risks, before deciding what technologies and techniques they will use to protect themselves, their reputations, and most importantly, their customers.