Harness the power of your data
Support and investigations
Support services for Ravelin
Online payment fraud
Deep dives on fraud & payments topics
API & developer docs
APIs, glossary, guides, libraries and SDKs
Global Payment Regulation Map 2022
Track PSD2 & more with a full report
The latest fraud & payments updates
In-depth guides to fraud, payments &
Discover the story about Ravelin
Join our dynamic team
Read more about our happy customers
Join our partner programme
Support & investigations
Global Payment regulation map 2022
In-depth guides to fraud, payments & security
Read more about our happy custmomers
Everything you need to know about the two most common types of policy abuse: promotion and refund abuse.
Get your free copy in your inbox now
Policy abuse involves customers taking advantage of your returns, refund or promotion policies, so they get more than they should. It's a growing problem that can have a massive impact on your bottom line. Policy abuse can be broken down into two categories: promotion abuse and refund abuse.
Promotion abuse (promo abuse for short) involves customers benefiting from your discounts and deals more than they should, often by creating multiple accounts. It may not sound too bad, but the hidden costs quickly add up.
Promo abuse is usually carried out by genuine but opportunistic customers. A loyal customer might stumble on a loophole in your latest promo and try their luck. They want to save money and probably think your big business can afford it.
Promo abuse is often accepted as just another cost of doing business - does it matter if a loyal customer gets 20% off more than once? But when thousands of customers abuse your promos at the same time, the costs can be eye-watering…
You might be wasting your marketing budget on attracting customers that will never pay full price. And since no customer wants to pay full price if others get the same for less, this can damage your pricing integrity and revenue over time.
Promo abuse damages brand identity. If a genuine customer can’t redeem a voucher that’s already been used fraudulently, they’ll lose trust in your brand. You might have to fork out for more discounts or freebies to compensate.
The more promos abused, the higher the cost of acquisition. This can have a significant impact on your margins, and in some cases, profitability.
Promo abuse can result in reselling - a fraud grey area. You might think ‘a sale is a sale,’ but reselling can cause massive brand erosure and decrease your business value.
"When you’ve got thousands of promo & refund abuse instances occurring in a short space of time, your profit margins are going to take a serious hit."Mairtin O’Riada, CIO at Ravelin
How much promo abuse should you accept? There’s no hard and fast rule. Each business has unique priorities and risk appetites. It’s difficult to decide on the right threshold for your business.
"We’d rather sustain the cost of promo abuse than go after it and lose opportunistic genuine customers."Large online fashion retailer
Promo abuse doesn’t result in a chargeback, so there’s no obvious tracking metric. This means the costs are hidden and the problem often goes unseen. And because of the sheer volume of promos (especially discount codes), fraudulent activity can easily get lost.
The goal is to keep your customers and discourage bad behavior. It’s a difficult line to tread, so many businesses would rather just accept the cost of abuse than risk losing good customers.
You don’t want to look mean, which can easily happen if your brand comes down too harshly on opportunistic customers. And there can be a moral consideration:
"We don’t want to block customers who abuse a sign-up promo due to difficult circumstances. I can see why people might need a free box of food amid the pandemic!”Food subscription business
Whatever your promotion strategy, there will always be some customers who try to take advantage. The three common promos vulnerable to abuse are:
It’s easy for customers to abuse sign-up promos. All they have to do is create a new email address and account, and they can get the deal or free-gift more than once. This popular tactic is called multi-accounting, and left unchecked it can be a financial drain.
For example, if a food box subscription, RecipeReady, offers a ‘first box free’ incentive, they risk giving away a fortune in free ingredients. Customers can simply cancel their subscription after receiving the free goods, and do it again.
"We had promo abuse and subscriptions being cancelled even though they’ve already received the box. We are trying to find ways to mitigate that because we have a tangible product, it can really impact our bottom line.”Food subscription delivery business
Vouchers are easy to use, so they’re easy to abuse. Customers can make multiple new email accounts to use a voucher over and over. Or, if your codes are too simple, they can guess future codes and receive multiple discounts. Other customers can’t redeem codes that have already been used fraudulently, so you risk upsetting valuable customers and losing future sales.
If gaming site, PCFantasy, sends customers a onetime discount code for 20% off in-game spend, tech-minded gamers could easily find a way to take advantage. If they could use that promo for every new character or unlocked level, profits would suffer.
Referral schemes can be a great way to attract new business and engage existing customers. But they are easy to abuse. A customer can create multiple new email addresses and refer themselves instead of ‘friends’ to amass benefits.
Imagine a ride-sharing app, CarBuddy, sends out a new offer: invite a friend and get £5 in future ride credit for you and a buddy! In the wrong hands, this offer could lose you a lot of future revenue.
Organized fraudsters can make a living from promo fraud. How does it happen? Here are a couple of examples...
Referral farming involves fraudsters publicly releasing referral promo codes to accumulate benefits. The costs can be huge if a code goes viral. One determined Uber user racked up £50,000 in future ride credits by posting his referral code on Reddit!
Fraudsters can multi-account to the extreme and automatically create hundreds of new accounts. It’s hard to spot, as fraudsters can add fresh IP addresses, synthetic IDs or new payment methods to make new accounts look real. With so many accounts, they can abuse your sign-up deals or voucher codes on a large scale, amassing free or discounted products in bulk to resell.
Promo abuse and promo fraud are different. Promo abuse refers to a genuine customer behaving badly, promo fraud refers to an organized attack. Promo fraud involves organized fraudsters exploiting your promos on a large scale, often as a business. These fraudsters are in a different league to customers taking advantage of your policies once or twice.
The Covid-19 pandemic drove an online boom that created the perfect conditions for promo abuse. Customers want more promos and merchants are responding...
Shoppers are becoming more and more discount-obsessed. In the US, 60% of shoppers said promos have become more important to them since the start of the pandemic. This customer demand drives merchants to offer more deals to stay competitive, so more promo abuse flies under the radar.
The surge in ecommerce forces merchants to increase their marketing efforts to compete. Many will up their promotions, creating more opportunity for abuse.
"While Covid-19 has driven many consumers online, it’s also driven up fraudulent activity as opportunistic customers look to game the system to get a good deal."Mairtin O’Riada, CIO at Ravelin
You can uncover promo abusers with graph networks. Here’s how to spot the warning signs in your customer data...
Link analysis helps you monitor the creation of new accounts and spot connections between them. If 10 new accounts appear and they have the same email address, device, payment method or phone number, it could indicate promo abuse. You can also tally up the number of promo and referral vouchers used.
Here's how different types of promo abuse could appear in the network:
This network shows multiple accounts using the same initials linked by the purple referral voucher node. KC is multi-accounting to benefit from a promotion over and over.
In this network there are only 3 devices between 7 customer accounts, they all have the initials LR, and there’s one promo use per customer account. These sign-up bonus abuse networks grow fast, are very similar, and highly interconnected.
JD is the original customer who has probably released their referral code publically. All of the other mini-networks look completely different and have nothing in common apart from the voucher. The growth is often rapid and the network can become enormous.
Customer churn rate can shed some light on your promo abuse. If you have a higher percentage of customers who churn after using a promo on their first order than customers who don’t, it could be a symptom of abuse.
Of course, the churn you accept will depend on your business. A car merchant would care less about churn than a subscription business. But they can be a helpful tool to understand the value of a promo versus the cost of abuse.
With the right tools in place, you can uncover your promo abuse problem and put a stop to it. Now, let’s look at another terms or service abuse issue that also often goes unseen: refund abuse.
So what is refund abuse and how is it different to promotion abuse?
Refund abuse (like promo abuse) is mainly carried out by genuine customers. Refund abusers are rarely malicious, and may not even realise they are doing anything wrong.
Refund abuse occurs when a customer uses the returns policy of a merchant so much that it becomes unprofitable. Customers may also abuse refunds by faking returns/receipts, or reselling merchandise.
Refund abuse is also known as ‘returns abuse,’ as ‘refund’ and ‘return’ can be interchangeable.
Refund abuse and promotion abuse are both growing threats that involve genuine customers exploiting loopholes in your terms. The difference is: refund abuse involves refunds, promotion abuse involves promotions.
Generous refunds are essential, and often a great opportunity to win customers. But if too many customers take advantage of your generosity, the costs can spiral out of control...
You can often lose the value of your product through refund abuse. Either you don’t get it back or have to pay to recondition and restock it. You often can’t resell at all - retailers throw away over 25% of returned items on average, hugely impacting your bottom line.
For merchants there’s no such thing as ‘free returns.’ Shipping can be very expensive. Amazon and Walmart actually started telling customers to keep certain unwanted items to save on shipping costs!
Refund abuse is a growing issue, putting pressure on fraud teams to review returns more stringently. Without the right automated tools, this could waste your fraud team’s valuable time and other fraud attacks could slip through the net.
If you deny a well-meaning customer a refund, it’s likely you’ll lose their business for good. Research shows that 92% of shoppers will only buy from you again if the returns process was easy, so the risk of churn is high.
92% of customers will only buy again if your returns process was easy
Refund abuse is difficult to manage, here's why...
Refund abuse is almost impossible to spot at the time of purchase - a customer doesn’t add something to their basket with a note ‘I’ll probably return this!’ This makes it hard to catch before you’ve lost out.
If you deny a customer’s refund, they might go down the friendly fraud route, and you don’t want that! Every chargeback comes with a fee from $20 to $100, and a high chargeback rate can lead up to a $10,000 fine.
Refunds are more popular than ever. You may be so overwhelmed with processing returns that monitoring refund abuse isn’t a priority. And it’s not like there’s an easy metric - you can’t just look at the chargeback rate.
Finding the right response to refund abuse is tough. The last thing you want to do is block or lose good customers. Many businesses would rather just turn a blind eye to the costs.
Every chargeback comes with a fee from $20 to $100
There are a number of ways that refund abuse happens. Here are some of the most common tactics…
False claims of “it never arrived”’ (aka. DNA/did not arrive) is the most common form of refund abuse. Customers might also say their parcel was damaged in transit or arrived faulty. Once they’ve got their refund or replacement, they can resell the extra goods.
Free-renting or wardrobing happens when a customer returns something after using it, like wearing a new dress to a wedding (keeping the tags on) and returning it after the event. UK fashion retailer ASOS was hit so badly they started trawling social media to blacklist onetime wearers.
Customers can fake a return by sending back a used, faulty, counterfeit, cheap or even empty parcel. Apple once accepted a return for an iPhone that was actually a carefully weighed potato!
Refund and promo abuse can happen at the same time. Customers fill their baskets to qualify for free shipping or gifts, and return the unwanted stuff later. They might even resell free gifts for a profit.
Refund abuse and refund fraud are not the same. Refund fraud is organized, often supported by fraudulent reselling networks. Refund fraudsters can make a business out of exploiting returns policies.
Sophisticated refund fraud is now an industry. Here are a couple of methods from organized refund fraudsters...
Refund fraudsters can get smart with fake returns. The dry ice technique is a good example, as it can give the illusion of parcel theft during shipping. Dry ice is heavy when the return is picked up, but the contents evaporate before they get to the warehouse. The merchant can’t disprove the claim so will likely send a refund.
Refund fraud as a service happens when professional fraudsters offer discounts to genuine customers online and make it happen by exploiting your returns.
You might see an offer online for 30% off the latest PS5. The customer orders the PS5 at full-price on a genuine site, and the refund fraudster uses a tried-and-tested method to secure a refund. The customer gets the deal they were promised and the fraudster walks away with 70% of the money.
"I found $300,000 worth of products that had been wrongfully issued credit. We were getting rocks in boxes that would meet the weight requirements for shipping. The company never checked.”Alexander Hall, Ex-fraudster
Covid-19 forced customers across the world to shop online, driving returns up to more than double in 2020 from 2019. Refund abuse followed suit. Here’s why the pandemic created the perfect storm for refund abuse...
Doorstep deliveries became standard during lockdowns to keep staff and customers at a safe distance. But new processes make it harder to confirm a successful delivery, so customers can easily claim a parcel never arrived.
‘Buy, pick up, and return anywhere’ systems are now widespread. Retail giant ASOS has return drop-offs in over 47,000 locations in the UK. Whilst these are convenient services, their networks are so vast that returns become hard to track.
Covid-19 illness and social distancing created staff shortages that impact supply chains. The UK’s NHS app ‘pingdemic’ caused over 600,000 delivery workers to isolate. Operational strains make it easier for dodgy returns to go unchecked.
Many online merchants drastically extended return periods to account for Covid delivery delays and to let customers ‘try before you buy.’ Long return periods give customers an opportunity to serially return or free-rent items.
Some merchants expect more genuine refunds than others, so it’s difficult to determine the right threshold of ‘how many returns is too many’ for your business.
There’s no one-size-fits-all approach to identifying refund abuse, but you can start by taking a closer look at your data...
According to research, around 8% of retail returns are fraudulent. So if you calculate 8% of your total returns from a previous year, you can get a rough idea of the scale of your refund abuse. The number won’t be entirely accurate, but it’s a jumping off point, and could help you grab the attention of other teams.
Around 8% of retail returns are fraudulent
Customer refund reasons can give you insight into whether a return is genuine or abuse. If the reason is ‘non-receipt of goods’ but the tracking shows as delivered, it’s suspicious. But, if you are getting a lot of ‘faulty item’ refunds for the same product, you might have a genuine problem with the product or website description.
It’s important to communicate with other teams in the returns network so you can bealert to emerging refund abuse techniques or patterns. Only employees handling thereturns will be able to report on refund abuse signs like parcel weight changes or packaging damage.
Monitor how many returns customers make over a period of time. If a customer returns more than they keep, or returns items too quickly, they could be a serial returner. Or if they take too long to make a return, it could indicate free-renting.
A return from an unusual or ‘risky’ location is a red flag. Why would a genuine customer order a T-shirt to one country and return it via another?
Organized refund fraudsters may use multi-accounting techniques to request refunds on a large scale. Link analysis using a graph network could help you spot connections between new accounts so you can block prolific refund fraudsters.
Obviously, you can’t just block every opportunistic shopper. You’ve got to discourage bad behaviour, keep genuine customers, and block prolific fraudsters.
It’s a tall order, so here’s some advice to get you started...
Set a threshold for an ‘acceptable’ number of promos or returns used over a period of time. If a customer exceeds the limit, you can send a warning email to discourage the behaviour. If you notice a prolific refund or promo fraudster, it’s best to tag and block them.
Temporarily ban customers from promos or returns if they hit the abuse threshold. You can lift the ban after a period of time (a month or so), and if they reform, you keep a good customer. You can also increase friction for promo abusers by asking for email or phone verifications.
Make your policies, product descriptions and delivery times clear. A lot of avoidable refunds come from customers arguing that the description doesn’t match the product. And get proof of delivery - drivers can take a photo of the delivered item. This can tackle the ‘it didn’t arrive’ refund abuse.
It can be hard to communicate the importance of stopping refund and promo abuse. Sales and marketing teams don’t want to hear that their shiny new promo is more trouble than it’s worth!
Here’s how other fraud professionals improved business-wide awareness:
• Educate other teams on fraud and abuse risks. Help them understand that protecting your business from abuse actually boosts profits!
• If you don’t have the tools in place to identify abuse in your own business, use industry data to show the costs and risks.
• Find ways to monitor and control exposure before it’s too late.
For more information on how to mitigate the risk of promotion or refund abuse, talk to the team.
"Balancing frictionless customer service with protecting your business can be a huge boost to profits."Mairtin O’Riada, CIO at Ravelin
Subscribe to our newsletter to get the latest fraud & payments updates sent direct to your inbox.