Clearsale Blog | Insights on Ecommerce and fraud

How to Identify and Prevent Policy Abuse

Written by Rick Sunzeri | Mar 2, 2023

For enterprise retailers and large ecommerce businesses, fighting fraud isn’t their only concern. Fraudsters and customers alike look for ways to make the most of the very programs and offers designed to attract more customers. Even if you’re familiar with policy abuse, there are actions that every impacted business should take to protect their organization from this rising threat to revenue.

What Is Policy Abuse?

Policy abuse refers to a group of unsavory and deliberate actions that take advantage of a store’s policies for personal gain. This includes abusing refund and return policies, coupon over-redemption, and gift card fraud. Experts estimate that policy abuse costs U.S. retailers over $89 billion each year.

As more and more shopping shifts online, policy abuse is becoming a big concern for ecommerce businesses – especially enterprise retailers that process thousands of transactions daily. It’s difficult enough to prevent online fraud, let alone track whether or not customers are abusing company policies.

How is policy abuse different from payment fraud?

Policy abuse is different from online payment fraud in that the latter involves an actual crime of theft. Ecommerce fraud typically happens when a fraudster steals from a company using an innocent customer’s payment information.

With policy abuse, there may be criminal or just unethical behavior, but the only victim is the store itself, which can make policy abuse more attractive. Customers are up to 80% more likely to shop with companies that offer loyalty rewards and coupons. These promotions can increase conversion rates by as much as 142%, making policy abuse more attractive.

In fact, there’s an entire marketplace for professional refund fraudsters for hire who will target and help customers plan purchases for a percentage of the proceeds. As a result, the incidence of policy abuse has increased 75% over the past several years.

To better understand how to fight policy abuse, it’s helpful to understand in more detail how it happens.

 

Policy Abuse Can Look Like Business as Usual

As customers become more savvy shoppers, some take advantage of companies and exploit them for free merchandise and more benefits. The four main types of policy abuse are return/refund fraud, loyalty abuse, coupon abuse, and gift card fraud.

Return/refund fraud

Return or refund abuse is an elaborate set of tactics designed to take advantage of a company’s return policy. Return abuse is on the rise and costs U.S. retailers more than $12 billion each year.

This type of policy abuse isn’t something the average fraudster knows how to do – it’s usually the work of a seasoned criminal or a business that provides fraud-as-a-service (FAAS). Finding the loopholes in a business’s policies take time and planning.

The tactics fraudsters use to perpetrate return/refund fraud vary, with the most popular being something called “wardrobing.”

Wardrobing is borrowing in bad faith

Wardrobing fraud involves purchasing high-end fashion and luxury goods with the intent of returning them after a singular use – usually for an event or even an Instagram photoshoot. An August 2020 survey by security-tag maker Secure Authentication Brands found that 37% of customers "wardrobe" clothing from retailers.

Other types of return and refund fraud

  • Returning shoplifted merchandise for full price.
  • Receipt fraud where a stolen or fake receipt is used to return merchandise.
  • Purchasing merchandise on sale at one store and returning it to another for a higher price.
  • Insider fraud where employees assist fraudsters in returning stolen goods.
  • Purchasing a replacement product and returning the damaged or defective item.
  • Bricking, which involves purchasing and stripping an electronic product of its valuable parts before returning it.

Loyalty abuse

Loyalty abuse involves taking advantage of a company’s reward program to accumulate rewards that aren’t actually earned. This is one exception where valid customer accounts are leveraged for their loyalty points.

The most common types of loyalty abuse include:

  • Fraudsters take over customer accounts to order expensive merchandise that’s shipped to the customer, and the fraudster uses the loyalty points to purchase products that can be easily resold or returned for credit.
  • Hacking into airline and travel apps and transferring points.
  • Sharing referral codes and free trials with large groups.

Coupon abuse

Coupon abuse is on the rise, with 49% of ecommerce businesses recently experiencing an increase in this type of policy abuse. It happens when a fraudster creates multiple accounts so they can use a promotion more than once. Most often, coupon abuse is the work of large-scale crime rings and mass-registered fake accounts.

Gift card fraud

Gift card fraud can happen in a few ways.

Fraudsters have learned to leverage bot technology that searches for gift card-related keywords in emails and texts. Then they hack into those accounts, locate gift card information, and use it without the customer knowing.

Even more common, fraudsters access the activation codes on gift cards displayed on end caps and rotating displays in stores. They can use the information to quickly activate the gift cards and use them to make purchases while they’re still on the racks.

When companies aren’t considering policy abuse as a possible risk, they may make the mistake of being too strict with controls.

 

How Do Companies React to Policy Abuse?

As we mentioned earlier, policy abuse is different from ecommerce fraud. However, when companies see a dwindling bottom line and don’t have a comprehensive strategy to prevent any type of fraud, they may opt for what seems like the easiest solution and restrict orders with fraud filters or purely automatic order approval solutions.

The result of either is almost never what those companies want. Fraud filters can be too strict and/or conflicting and either negate each other (approving more fraud) or decline too many valid orders. That results in fewer approvals, more false declines, and very unhappy customers. The losses associated with false declines are 13 to 1, or a loss of $13 for every $1 in false declines. Plus, about 40% of customers stop shopping with sites that decline their transaction attempts, and 34% of customers take their dissatisfaction to social media.

Instead, companies should consider ways to recognize and prevent policy abuse.

 

How to Avoid Being the Victim of Policy Abuse

Companies can take some basic steps to protect themselves from policy abuse.

Review (and update) company policies

The first place to start is to look at your return policy to make sure you’re not setting your business up to be a target. If necessary, make updates and communicate them to customers. For example:

  • Require that customers identify a reason for their return so you can spot suspicious returns and identify which products are regularly being returned for the same reason – this can also contribute to quality control.
  • Ask customers how they purchased the merchandise being returned. If you’re seeing a large number of returns (and return fraud) through your mobile app, you may want to focus on screening those orders more thoroughly.
  • Wait until merchandise is received before processing returns.
  • Limit returns to 30, 60 or 90 days. Amazon Prime Wardrobe does this by allowing shoppers free returns before the end of a seven-day try-on period to reduce wardrobing fraud.
  • Think about adjusting your returns policy and reducing free returns for holiday purchases and certain sales promotions.
  • Charge a restocking fee for luxury goods and consumer electronics with a high dollar value. This will deter the consumer who would otherwise purchase a high-end flat screen TV to watch the Superbowl and return it the following week.
  • Consider changing your policy to store credit for returns.

 

Promote loyalty points tracking

To prevent loyalty fraud, enlist customers in helping you keep fraudsters out. Let them know that loyalty fraud is a growing issue and remind them to change their passwords and regularly check their loyalty points balances for accuracy.

Think of gift card displays as cash on the floor

Think about your gift card displays as money trees, and think about relocating them to a location that can’t be easily accessed. For online gift cards, look for immediate activation as a potential red flag and track gift card data to identify suspicious behavior.

Equally important is making sure your business has a comprehensive fraud prevention solution that can identify suspicious activity of all types.

Implement a hybrid fraud prevention solution

The best fraud prevention solution offers a hybrid approach that’s designed to approve the most orders with the least fraud and false declines. That hybrid solution should combine several key steps, including:

Flag suspicious orders

This is where fraud filters add tremendous value. Specifically, fraud filters should be used to call your attention to activity that doesn’t seem right. That doesn’t mean an order is fraudulent. It just means either your team should take an extra look or the order should undergo a more rigorous evaluation algorithm.

Approve as many orders as possible

The best way to increase your approval rate is to automate as many approvals as quickly as possible with an AI-enabled algorithm that can be “taught” to recognize new patterns as they emerge.

At ClearSale, our algorithm leverages the trends, intelligence and data gathered from decades of fighting fraud in the most high-risk regions of the world. Using this technology, we can automatically approve most orders quickly and identify suspicious orders for further investigation.

Before declining an order, look for context

There will be a small percentage of orders that get flagged by fraud filters or your automated solution because something just doesn’t seem right. Where purely automated solutions would just decline those orders, flagging them instead allows for a contextual review.

For example, some orders may look suspicious because the customer is new to online shopping. Or maybe they’re buying multiples of the same item to send to friends. Understanding the context of an order as it relates to the customer’s purchasing history can help you avoid false declines and approve more transactions.

At ClearSale, our more than 1,500 fraud analysts perform contextual reviews on only about 2%-3% of orders flagged by our solution. Because our analysts are trained to identify some of the hardest-to-recognize fraud patterns, they can easily determine which orders should be approved as quickly as possible.

Policy abuse is a growing problem for online retailers, but it doesn’t have to hamper your business. Understanding how to identify and prevent policy abuse can help you protect your bottom line and best serve your loyal customers.

To learn more about how ClearSale can help your company tackle policy abuse, contact one of our fraud experts.