Digital marketplaces require two separate entities to function; a customer and a supplier. DoorDash isn’t actually preparing that burrito you had for lunch, it was merely a platform that connected a supplier and a customer. When we think about fraud in this space, we typically focus on the customer side. Card Not Present fraud can take place with stolen account credentials, credit cards and other nefarious account takeover schemes. Chargeback fraud is also a reality that marketplace platforms deal with regularly on the customer side.
But what about the supplier? Is there a situation in which suppliers could exploit loopholes to defraud these platforms while hiding in plain sight? There is, today we’ll examine what supplier fraud is, how to spot it and how to stop it.
Supplier fraud can be defined as any number of schemes that cheat marketplaces in order to boost earnings. We will define specific instances below, but the way marketplaces lose out is two-fold. In addition to unearned payouts to fraudster suppliers, supplier fraud severely impacts the customer experience. Lost orders, long wait times and confusing fees can cause genuine customers to lose faith in a platform and turn to a competitor. This double-edged sword can be devastating for marketplace platforms and cause profits to plummet. Here are the schemes that fraud departments at global marketplace platforms need to be on the look-out for.
Many marketplace platforms offer suppliers incentives to join. In addition to paying out a flat fee per order, some marketplaces offer referral fees or cash bonuses once a certain milestone is cleared. In this scenario, the supplier would create fake accounts and place legitimate orders that are lower in value than the associated earnings. For example, if a supplier offers a menu item of ‘bottled water’ for one dollar but receives a $5 delivery fee, the delta of that transaction would be $4 in the supplier’s favor.
If the supplier was five orders short of hitting a payment benchmark (let’s say after 1,000 orders the marketplace pays out a $1,000 bonus) at the end of the month, five fake accounts could each order that one dollar bottle of water. These specific transactions can be hard to spot, because believe it or not, there are actual people out there that will order a bottle of water delivered to the house.
For platforms that offer cash on delivery (COD), a supplier can place an order with a fake account. The marketplace will advance the money to the supplier and then the supplier can cancel the order through the platform. Some marketplaces will even pay out an additional cancellation fee. This type of fraud won’t make any supplier rich overnight, but legitimate cancellations happen all the time. With tens of thousands of legitimate orders processing every day, marketplaces have a hard time tracking down these fraudulent cancellations.
Sometimes the supplier and the customer are in cahoots, jointly committing fraud. For example, think of a high ticket item like a television. A supplier could list the item on a marketplace and the customer could agree to use a stolen credit card to purchase the item for $10,000, quite a bit higher than market value. The marketplace processes the payment through the platform, the supplier takes $10,000 of a third party’s money, the ‘customer’ gets a free TV.
Additionally, marketplaces can be used for straight money laundering. Fraudsters have already started using micro-transactions in video games to launder dirty money. Marketplaces make this approach even easier. In the previous example, actual goods traded hands, but they don't need to. A supplier could start a front company on a marketplace and also create fake accounts to 'buy' these goods, essentially sending money back and forth (minus a small fee) to themselves. This money then goes on to fund drugs, crime and even terrorism.
One unique issue marketplaces run into is that suppliers are essential to their ecosystem. Not only are many of these schemes hard to trace, but a marketplace that starts banning any supplier that takes part in dubious transactions won’t be a marketplace for long. Alternatively, a good way for product managers and fraud departments to think about supplier fraud is to eliminate fake and duplicate accounts.
The phone numbers used in fake account creation are likely to be VOIP, burner phone or SIM cards acquired from a SIM farm. Certain digital identity APIs such as TeleSign’s Score and PhoneID can inform marketplaces when a user is trying to register with one of these dubious phone numbers. Additionally, TeleSign can help platforms identify unique phone numbers. If a supplier is creating multiple accounts with their one (legit) phone number, TeleSign can inform the platform. If an identity fails some of these checks, that could be an alert to the marketplace to flag a particular transaction. While this will not end supplier fraud, digital identity can close some of the loopholes that enable it in the first place.
By remaining vigilant, marketplaces can scale securely, onboarding good users and suppliers and continue to service the stakeholders that enjoy their convenience so much in the first place. A strong security infrastructure will improve the user experience for all.
TeleSign has been connecting and protecting online experiences for over 15 years. We support the largest web properties in the world and we’re prepared to help you. Contact TeleSign now and for all of your security needs. As the pioneers of phone-based security, we are a one-stop-shop for all of your digital identity and programmable communications needs.