Enabling digital wallet payments is an easy choice for merchants looking to make online shopping easier and more rewarding.

But let’s not forget: New payment options mean new avenues for fraudsters. Let's take a look at digital wallet fraud, how it works, and how to stop it.

How popular are digital wallets in 2024?

Over half of global ecommerce transactions use digital and mobile wallets. In the UK, their use is expected to more than double by 2027, to reach 29% of transaction value. So, to say that digital wallets have taken off over the last few years is an understatement.

In fact, 55% of high-earning consumers already are users of digital wallets, and so is 79% of Gen Z and 67% of Millennials, according to PYMNTS data.

Of course, digital wallets aren’t new at all. But they take several forms, which have evolved through the years. PayPal has been around for 25 years. Since then, Google Wallet and Apple Pay have become household names.

Enabling digital wallet payments is an easy choice for merchants looking to make online shopping easier and more rewarding. But let’s not forget - new payment options mean new avenues for fraudsters.

Convenience boosts conversion

Greg Lisiewski, vice president of Global Pay Later Products at PayPal, points out that “Now more than ever, consumers want to be in control of how they pay, and they have a desire for friction-free, seamless digital shopping experiences.”

Most digital wallets can connect with traditional bank accounts. So users don't need to enter payment details or create an account to shop. Concern about handing over payment information can lead to cart abandonment. Allowing customers to pay with digital wallets gets rid of this extra step.

Digital wallets often support two-factor authentication (2FA) and strong customer authentication (SCA) requirements. Removing this extra layer of 3D Secure makes for a more frictionless experience. This creates a more seamless shopping experience and leads to higher conversion.

Today’s consumers value convenience above all. With digital wallets, your customers aren’t rummaging around looking for cards. What’s more, they’re incentivised to come back. Win-win.

The characteristics of digital wallet fraud

Digital wallets offer a lot of promise for transforming customer experience and increasing conversion. But they also present new opportunities for fraudsters.

1. Difficulty identifying stolen cards

Nearly a quarter of merchants say that Google Wallet and Apple Pay are top vehicles for fraudsters using stolen credit card details.

When a customer makes a payment, the merchant receives a token instead of the payment card number. This makes it impossible to identify the card used. Even if you block the offending wallet, fraudsters can move the stolen card to a new wallet. This digital wallet scam is one of the most commonly used.

This isn’t helped by the fact that cards are often not fully authenticated when added to a wallet. At Ravelin, we conducted a series of independent checks adding new cards to Apple Pay and Google Wallet. We found that only a few banks will verify new cards individually.

As the UK leads the way in Europe for digital payments, fraudsters have found an exciting new playground. Fourthline identifies Greater London as the counterfeit ID hotspot for digital wallet opening attempts in the UK.

2. Trouble fighting friendly fraud chargebacks

Friendly fraud has been soaring since the pandemic. Today, 40% of consumers admit to committing some type of fraud or abuse in the past year. Part of this involves fraudulent chargebacks – customers making purchases then raising a dispute with their bank themselves, claiming it was fraud.

Many merchants are discovering that traditional methods for managing disputes just aren’t as helpful when dealing with digital wallets. Our Online Payment Fraud report found that chargeback challenges on digital wallets are less likely to be successful. Merchants were successful 56% of the time with traditional payment methods. This number plummets to 5% with digital wallets.

This is because the customer payment information is obscured, so merchants don’t have the evidence they need. Asking customers for less information might make their experience more frictionless but it can work against you when it comes to fraudy actors.

3. Account takeover on digital wallets

Like traditional payment methods, digital wallets are vulnerable to account takeover. We are seeing record-breaking numbers of data breaches and the highest percentage of bad bot traffic. Most of this data is swiped through phishing attacks, credential stuffing, data breaches and card skimmers.

Stolen credentials can be used to identify other accounts with the same logins. Of course, this includes digital wallets.

To put this issue into perspective, PayPal credentials are now worth more on the dark web than credit card credentials. Their value has skyrocketed by a massive 194%. Criminals who specialize in PayPal accounts steal their usernames and passwords, which they typically get through phishing or malware campaigns.

How can you stop digital wallet fraud?

Stopping digital wallet fraud involves overcoming the obstacles of obscuring the customer's payment information.

As a merchant, you'd ideally able to identify the individual cards in the wallet and ensure that a customer is who they say they are. Unfortunately, outside of your own platform, you have no control over how a wallet is verified. But there are a few options you could consider:

• Adding stronger authentication on top of the wallet authentication
• Working with your payment service provider to introduce card fingerprinting
  
• Conducting more in-depth customer behavior analysis, IP analysis and device fingerprinting
• Using machine learning to identify unusual patterns in a digital wallet transaction

Reach out to Ravelin's team of fraud experts for a friendly chat on tackling digital wallet fraud.