The term digital goods refers to goods that are stored, bought and used online. These can range from online subscriptions, game codes, credits, ebooks to gift cards - basically anything where the transaction is online and the delivery is immediate. The popularity of digital goods and increase of online retailers providing them has inevitably resulted in an increase in fraud, with fraudsters trying to exploit the weaknesses in a merchants security systems.
According to Javelin Research, fraud now consumes 8% of the average e-commerce merchant's revenue stream, and 9.7% of revenue among merchants who sell only digital goods, such as ebooks, e-tickets, and other instant download items.
The average e-commerce merchant now devotes 21% of its operational costs to fraud management.
What are the benefits of digital goods?
Digital goods are delivered instantly to the buyer without the need to wait for delivery. So in order to succeed in this space it’s vital that the user journey is as seamless as possible. Account creation is key too. Although one-off purchases are possible, these services make far more money from either repeat buyers or from subscribers. Consequently, the security of those accounts is very important.
Why do fraudsters like digital goods?
Online fraudsters exist to exploit weaknesses in a merchant’s security systems. The fact that digital goods prize speed and convenience as a driver of sign-ups can be read by an attacker as a weakness. And the majority of digital goods is now purchased with card not present (CNP) on tablets, online and mobile devices.
So the ability to steal accounts and re-sell the details online is a massively growing illegal industry. That’s outside of gamers and others simply stealing the digital goods for their own use using stolen card details or other details.
Demographically, gamers have the most in common with online fraudsters. And sociologically the success of Pirate Bay and other illegal Torrent sites has largely removed any social stigma associated with stealing online IP. The chances of prosecution for anyone engaging in the business are minimal.
Digital goods merchants need to look after their own houses. And the costs are enormous.
Javelin Research reported that compared to 2016 data, chargeback losses, which occur when merchants end up footing the bill for legitimate consumers in the case of friendly fraud or fraudster purchases, “has increased by 60% among digital goods merchants”.
And false positives, which occur when merchants mistakenly decline legitimate transactions, “increased by 25% among digital goods merchants and 27 percent among physical goods merchants. Retailers of digital goods are spending up to 20% of their operational budgets on fraud and chargeback management.”
A few key features of fraud for digital goods business
There are a number of specific fraud risks that need to be mitigated or considered in any fraud defence for a digital business. Here are some:
Automated Fraud Attacks: With immediate fulfillment and absence of any supply constraints, a successful exploit by a bot or similar can rapidly escalate to a huge chargeback or account compromise problem.
Friction sensitivity: No business wants to turn away good customers. But digital goods customers are especially fickle and a false refusal will usually mean a permanently lost customer. This impacts the amount of friction a merchant can add to a process.
Limited data: Compared to a company selling physical goods or a service there is less traditional data for a fraud screening system. This requires better use of the data that is there.
Mobile purchases: For some businesses the entire sales volume is in-app. At the very least any fraud detection system needs to be excellent at making the most of the data that a mobile experience provides.
Fraud detection traditionally is the done by heuristic rules and then manual review of the transactions that fell foul of these rules. This puts an enormous burden on the merchant to both maintain the rules and guarantee the quality of the review. It may surprise many to learn that this is still the prevalent approach to online fraud detection.
In digital goods this approach is not even a possibility. As mentioned, the key to compete in this market is instant fulfilment. A customer needs to feel that their order is fulfilled and complete, safe and secure. Therefore the fraud check needs to happen in the moment of ordering, and there is only way to do this successfully is with an automated fraud detection system that uses machine learning to predict and prevent the transactions that are likely to end in fraud.