As your marketplace grows, you will catch the attention of more sophisticated fraudsters. Here are some telltale signs that your marketplace fraud prevention system needs fine-tuning:
- The number of fraud events are up. A 5% fraud rate was feasible when you were onboarding a manageable amount of users a day. Now, in full growth mode with hundreds of new daily users, that same 5% is causing a lot more problems and affecting your bottom line and reputation.
- Your workload is unpredictable. A great day in your book is when there are no surprises. Lately, cases are mounting and your usual workarounds — block lists and manual database queries — aren’t as effective or efficient in dealing with fraud. These short-term solutions are time-consuming and take up valuable company resources.
- You’re figuring out how to deal with regulations. Regulations like the INFORM Consumers Act are in effect and new regulations are being launched around the world that affect marketplaces. You’re having to play catch-up in order to remain compliant and competitive.
Note: looking for an identity verification solution to help with marketplace fraud prevention? At Persona, we’ve helped marketplaces like Preply decrease manual review time by 80% with our identity verification system. Reach out to us to learn more about how we can help you.
Four ways to prevent marketplace fraud (and when to use them)
What are the top ways to solve for marketplace fraud? You may already be implementing some of these solutions:
1. Uplevel human intelligence.
When your company first started out, you probably managed any fraud incidents that came up manually.
Manual reviews are an adequate solution to fraud detection when you’re only onboarding a few dozen users per day. Once you start growing and the time commitment to complete manual reviews increases, you might think that adding more manual reviewers will help with the workload. That could be hiring more people internally or working with an offshore team.
There is always a human element to fraud prevention. however, once the company starts growing, manual reviews become incredibly hard to scale. A strategy that can yield stronger results is upleveling human intelligence, or providing your manual review team with more information to make decisions so they aren’t as reliant on their experiences, which are not uniform. This can come in the form of connecting your verifications system to issuing databases or purchasing reports to enrich your understanding of users and reduce your manual review workload.
2. Implement more precise risk segmentation.
When you first started out, you likely segmented fraud risk based on heuristics: if the user met certain rules or a threshold, they would be categorized as fraudulent and denied an account. This is often the place to begin your fraud prevention efforts because heuristics can set limitations on exposure, which companies find beneficial.
One potential solution to preventing fraud is to implement a more advanced risk segmentation solution. This means using a tool that can determine a user’s risk profile based on checks you set, add more or less friction during the onboarding process, and actively monitor for fraud.
If you’re scaling your risk segmentation, you might be at a point where you need to choose whether to develop a more advanced solution internally or partner with a third-party provider.
Some marketplaces will choose to build their own risk segmentation internally with a team of data scientists or engineering resources. This gives you more flexibility over the product and allows you to design it exactly as you wish. The downside is that there are high costs to building, maintaining, and improving this system. It can also take longer to get it set up with engineers’ time generally reserved for revenue-generating work.
You can also choose to partner with a third party-provider that will help set this up for you. This will get a system up and running faster. Marketplaces often find this as a way to bridge putting a more robust risk segmentation in place while they develop their own expertise on the matter internally.
3. Verify users’ identity via an advanced KYC onboarding platform.
You may already have a Know Your Customer (KYC) onboarding platform in place which allows you to stop fraudsters from creating an account.
But not all KYC platforms are equal. The one you’re using might do a good job of collecting customers’ personal details and doing basic government checks, but as you scale you’ll realize you need something more sophisticated. There is a difference between doing minimum KYC to meet obligations and doing it in a way that is both user-friendly and conversion-optimized.
Ideally, you want a tool that can change the onboarding flow based on the user’s risk profile, or a tool that can also assess for account takeover fraud. As you grow, you also need a platform that can assess active as well as passive signals through link analysis: in other words, not just the person’s name, phone number, and email address, but also their IP address and geolocation.
Having a more advanced onboarding tool will help you catch more fraud and allow you to uncover and block entire fraud rings — possibly before they strike.
4. Spend more resources on educating your users.
As a platform, there’s only so much you can do to prevent fraud, and you won’t be able to stop it 100% of the time. That’s why it’s also important to equip your users with the right tools to handle suspicious messages.
As you scale, make sure to invest in educating your already onboarded users on potential marketplace scams they may encounter on your platform. Tell them what language the scammer might use, what their profile might look like, and how to protect against it. It’s also worth allowing customers to report scams themselves.
How we help marketplaces with fraud prevention at Persona
Persona is a unified identity verification platform that helps companies use advanced tools to protect themselves against fraud. We’ve helped marketplaces like MyRent, nWay, and Neighbor use advanced KYC, Know Your Business (KYB), and link analysis to combat fraud.
Here are the key features and benefits that marketplaces value the most when working with Persona:
Verify users with government IDs and selfies to catch fraudsters using stolen identities
Most identity verification vendors will allow you to verify a user’s identity with their government ID. Government IDs are a great way to verify someone’s identity since you are relying on an authoritative institution to confirm it’s an authentic document.
But what if the user is using a stolen passport or ID card? It could be that the document is legitimate and in the expected format, but the user could be posing as someone else and is committing identity theft.
By using Verifications, marketplaces can verify a user’s identity with their government ID verification followed by a selfie. By combining the two, we’re able to confirm that the ID is legitimate and the person applying for an account is who they say they are. This raises the difficulty for fraudsters who can no longer pass one of these checks or the other, but must attempt to pass both to leverage their stolen identities.
Not only does this catch the fraudster when they create an account, it also acts as an excellent reference to keep in storage. When the user submits their government ID and selfie, you can then choose to store their personal identification information (PII) with Persona. By not having to store PII yourself, you won’t have to hold the liability for potential breaches of data, and you can access it whenever required via Persona.
As a marketplace, you can then ask the user to reverify their details at any other critical part of the lifecycle where fraud may be likely. These reverification points can be orchestrated through Workflows. This is often where we uncover fraud. Fraudsters are usually generating thousands of accounts when creating an account to join a platform. If you ask them to reverify two months, two years, or at any point later, they won’t remember which ID or face they used, which means you’re a lot more likely to catch and then block them.
Identify fraud rings and networks of bad actors with link analysis
KYC and KYB will do a lot to stop fraudsters from joining your platform, but it won’t catch all fraud.
What happens when a fraudster attempts to access a legitimate customer’s account? Or when a high percentage of new accounts keep getting closed within two weeks due to suspicious activity? You also need a system that can find links between accounts and raise the signal if an account is deemed suspicious three months after it was created.
This is where our link analysis tool, Graph, comes in. This tool allows our customers to analyze information and study relationships that are not visible in plain raw data. Graph analyzes users who are linked by active or passive signals to help uncover fraud rings and proactively catch bad actors.
Active signals are those that the person has submitted: their document, a selfie, and their contact information. Passive signals are those that are not explicitly asked for, such as the person’s IP address, device ID, or geolocation.
Graph will assess both types of signals and then look for patterns and links between users. This allows users to find connections between accounts even if they are multiple degrees away. Our customers have uncovered entire fraud rings and then blocked them all at once. Visual representations of fraud rings are helpful to provide investigators with clear and direct access to these linkages, as opposed to being unused and buried in databases and tables.
Via a combination of link analysis and identity verification, you can not only shut down bad actors who commit repeated fraud, but also visualize the extent of their reach to flag entire fraud rings and sleeper accounts before they strike. You can then use this data as a starting point for an investigation, allowing you to get a better understanding of how much fraud is happening on your platform. This data can also be used by your fraud team to prove the effectiveness of your fraud program and work.
Here’s an example: imagine your company recently increased your referral promotion from $50 to $300. Initially, identifying promo abuse was easy because the bad actors used similar addresses.
With the new promo, however, you see a spike in accounts with no clear links — except they were all created on devices with the same IP address. Your review team will need to manually query and research your database, taking time and effort you might not have.
Now imagine the same scenario with the Graph tool. Graph can quickly link up different signals so your review team can promptly see these fake accounts and the links (e.g., IP addresses and other passive signals). Graph flags these users so you can then use our no-code tools (Dynamic Flow) to block them if they try to go through your flow again.
Use our platform to manage all your fraud prevention from one place
As your company scales, you may find yourself using a variety of tools to prevent fraud: government ID verification, case management, link analysis, and a lot more. If you’re using a different third-party provider for each one, you’ll end up having to manage a lot of different relationships with different vendors.
This leads to infrastructure complexity and can cause issues down the road. As you make adjustments to your fraud prevention processes — whether it's introducing new verifications or trying out new logic to reduce manual review — you will have to figure out how to keep everything in sync.
Persona offers a unified identity platform, which means you’ll get all these tools in one place. We have one of the most comprehensive solutions on the market, which means that when you partner with us, you’ll only need to manage one relationship. We take on the operative burden so you don’t have to. You’ll also only pay for the services you’re using and can even get started with certain features for free.
Not only that, Persona offers the ability to integrate third-party partners like SentiLink and Telesign via the Persona Marketplace. You can bring in risk signals from these leading vendors to use as part of your verification processes and trigger actions in productivity systems like Salesforce. By having Person be the command center for all of your identity processes, from running SentiLink fraud reports to kicking off an action in Salesforce based on the results of a verification, your team has one centralized place to configure automations or see results.
Customize your user flow to improve the customer experience
In addition to operating as one unified platform, we also work as a no-code “building blocks” platform. With our Dynamic Flow and Workflows tools, you can drag and drop your identity verification process and design a collection flow that feels native to your product — without adding a single line of code. You can also customize the look and feel of the user experience and keep your branding consistent across the entire flow: logos, colors, fonts, and buttons. This gives your customers confidence in your brand when creating an account.
You’ll be able to launch your user onboarding with minimal engineering resources as well as tailor the flow and adjust friction based on a user’s risk profile. Beyond the actual flow users see, you can create entire workflows with triggers based on a specific event (e.g., when a verification is complete) and complex if/then/else paths that result in follow-up actions such as opening a case or resolving a support ticket.
What are the most common types of fraud you’ll encounter as a marketplace? Here are the ones that our team has encountered frequently and helped customers address.
Types of marketplace fraud
There are many different types of marketplace fraud that you should be aware of. Below, we highlight some of the more common forms of online fraud that marketplaces must contend with.
Seller-side marketplace fraud
Seller-side marketplace fraud refers to any type of fraudulent activity that is conducted by the seller and which negatively impacts either the buyer or the platform itself. Examples of seller-side fraud include:
- Fake profiles: Fake profile fraud occurs when a bad actor creates a fake profile to defraud potential customers — by sending the buyer counterfeit goods instead of the expected items or never fulfilling the order, for example. Often, the fake profile will be a copy of a legitimate — and often popular — profile on the marketplace. When this is the case, fake profiles harm not only the buyer, but also inflict reputational harm on legitimate profiles, which are thencopied.
- Listing fraud: Listing fraud is similar to fake profile fraud in that a bad actor creates a fake product listing, often based on legitimate products found elsewhere in the marketplace. The fraudster then takes the customer’s money with no intention of fulfilling the order. Listing fraud is also sometimes called product fraud.
- False advertising: False advertising refers to any practice that misrepresents the products or goods being sold. This can include, but isn’t limited to, fake photos, inaccurate product descriptions and specifications, and even fake customer reviews. Unlike listing fraud, cases of false advertising typically do result in the order being fulfilled — only with a product or service that is different or of lesser quality than what the customer believed they were purchasing.
- Buyer/seller closed-loop account fraud: Also called spoofed transactions, this type of fraud usually involves a single bad actor who creates both buyer and seller accounts. They then use the fake buyer profile to place an order for products or services on the fake seller profile. The purchase is completed with stolen credit cards or debit cards, while the fraudster absconds with the funds. It can also entail second-party fraud in which the individual completes a purchase using a friend or family member’s payment information.
- Promotion schemes: Many online marketplaces offer rewards to vendors who reach certain sales milestones — for example, making a certain number of sales or referrals within a given period of time. This can incentivize some sellers to create fake buyer profiles, which they then use to hit their sales targets and pocket the reward.
Buyer-side marketplace fraud
Buyer-side marketplace fraud is any type of fraudulent activity that is conducted by the buyer. Buyer-side fraud negatively impacts the seller or the platform itself. Examples include:
- Fake accounts: One common means of scamming sellers is to create a fake account. These fake accounts can be used to leave false negative reviews on buyer listings or otherwise harass users. Sometimes, existing customers will create new fake profiles in order to gain access to “new customer” promotions or discounts. Fake accounts can also be leveraged for cyber attacks, especially if they are based on an account created by a legitimate user.
- Duplicate accounts: When users are allowed to create multiple accounts on a platform, it can make it more difficult for the marketplace to have a clear picture of who that person is due to the fragmentation of data and user behavior across multiple accounts. This obfuscation can make it more difficult to identify patterns of suspicious activity and otherwise hinder data analysis efforts.
- Transaction fraud: Payment fraud involves a buyer making a purchase with payment method information that isn’t theirs — such as a stolen credit card. This type of fraud is distinct from buyer/seller closed-loop fraud in that the seller is not aware that the payment is fraudulent. Transaction fraud is also called payment fraud.
- Chargeback fraud: In cases of chargeback fraud, a buyer completes a purchase using their legitimate payment information, typically a credit card. After they have received the product or service, they then dispute the purchase with their credit card company in order to receive a refund. This is sometimes referred to as friendly fraud.
Both sides
Some forms of marketplace and e-commerce fraud can be carried out on both the buyer and seller side. Examples include:
- Onboarding inaccuracies: In order to create a buyer or seller account on virtually any online marketplace, the potential vendor or user must create an account. Sometimes, whether intentionally or unintentionally, users provide inaccurate information during the onboarding process. These inaccuracies can make it more difficult for the platform to understand exactly who its users are. In some cases, it can also make it more difficult to police for fraud instances such as buyer/closer closed-loop fraud (above).
- Account takeover (ATO) fraud: An account takeover happens when a bad actor gains access to an account (buyer or seller) that is not theirs. The bad actor then potentially has access to sensitive information, such as financial information, which can be used to make fraudulent purchases.
- Account-as-a-product fraud: This is similar to account takeover fraud, as it involves a bad actor gaining access to an account that is not theirs. But instead of using the account to make fraudulent purchases, they then sell the account to other bad actors, who in turn leverage it for any variety of fraudulent activities on the marketplace.
How we helped nWay decrease chargebacks by 80% and proactively block linked accounts
nWay is a game developer and publisher that creates multiplayer games for web and mobile. As part of their business, they also have the nWayPlay Marketplace, where people can buy, trade, and earn non-fungible tokens (NFTs).
When nWay first started out, their fraud investigation team mainly consisted of manual reviewers. Although they did have KYC in place as part of their onboarding, it didn’t catch all fraud happening on their platform. Their key challenge was fighting against bots and big-scale fraud attacks that took a long time to catch, and were also risky to the business.
Since they mostly fought fraud manually, their approach was quite limited: they relied on their development team to manually query their database to find linked accounts. This took up a lot of valuable time and it wasn’t scalable.
nWay started working with Persona and implemented Graph into their technology stack. Once implemented, they immediately found a group of 40 users with similar attributes without manually needing to go through their database. What used to take hours now could be done in a few minutes.
With Graph, they were able to identify users who were connected via common signals and uncovered entire fraud rings. It also equipped their compliance team to manage investigations via their no-code editor. Not only could they uncover a fraud ring, but they could block them with bulk tagging and block lists.
As David Kim, compliance program manager at nWay, explains: “From a compliance perspective, Graph has saved us time and lowered our headcount need, which means our team can operate more efficiently and focus their time on complex cases instead. And from a fraud perspective, Graph, combined with Persona’s KYC solution, has lowered our fraud rate considerably.”
Read the full case study here: nWay decreases chargebacks by 80% and proactively blocks linked accounts with Persona Graph & KYC solutions
Fine-tune your marketplace’s fraud prevention system with Persona
Now you know the different types of marketplace fraud, the ways you can solve marketplace fraud prevention as you scale, and how you can prevent fraud with Persona. Our marketplace customers choose Persona because they can catch fraud even before it happens, streamline investigations, and save their teams time.
Think Persona might be for you? Book a demo with us.