Through our interaction with our customers (I am using consumers to indicated the individual making a purchase or a payment, merchants to indicate the providers of goods or receivers of payments, and customers to indicate both), from first encounter to termination, we see changes in the details they provide us, how they act on our website, their interaction with us through email and phone, and much more. We constantly re-evaluate our customers at any of these points to see if there are any alarming changes that require our attention. How do we make sense of them? By using them to answer three questions:
Who is this? Our interaction with our customers—whether they make a purchase, start using a service, or call customer care—starts with a simple assertion of identity. There are two things to establish here:
A lot of the loss you deal with, up to mid-double digits, can be caused by various mistakes made by employees or customers. Of course you may see cases of customers claiming to not understand something about your product as an excuse for not paying or even experience employee fraud, but more often than not there are genuine, large-scale problems in your product, experience, or operations that cause losses. Whenever you look into a loss case, you must first rule out any of those.
Your product may drive losses by the way it works. This comes into play when customers fail to understand features they are buying, or that in fact they are buying something. If your user acquisition is based on a free sample followed by automatic registration or a change of cost, some of your customers will end up being unable to pay or just uninterested in paying. These could be built into your product and be considered a cost of doing business and will be almost impossible to detect in advance.
Your customer experience can drive losses. Disputes are an example: if a consumer tries to submit a legitimate dispute about a merchant and has a hard time going through your dispute flow, you will be slapped with an unnecessary chargeback and additional fees for a case that could have ended with a refund. Another simple example is your dynamic descriptor, the text that appears next to your charge in the credit card’s statement; if that is unclear or hard to search and identify, you will see unjustified chargebacks.
Operational issues may also cause losses. Multiple problems can be caused by money movement just being complicated, but also from relying on increasingly old and malfunctioning financial systems. Corruption of the acquirer’s settlement file, the file contains the payments it captured (actually debited) for you, could lead to some payments being incorrectly allocated and appearing as losses when they’re not supposed to; the same can happen with internal accounting allocation of payment revenues. Wrong procedures in dispute handling may cause wrong settlements in either side’s favor that are inconsistent with your protection policy—driving angry merchants to not pay their fees and leave your platform—or just drive consumers to issue more chargebacks.
People makes mistakes, and that’s part of every day life in your business. Those mistakes can many times be fixed easily (by a change in procedure or text in an email) and make a big difference in your losses. Always take that into consideration when you analyze root cause, because assuming intentful actions by customers may often lead you to the wrong conclusions.
Using the three questions (Who are they? Can they meet their obligations? Will they?), we can explain and describe most loss occurrences. While theoretically these questions are mutually exclusive and describe the majority of phenomena we’ll run across, we must remember that:
Putting aside integration issues, as discussed, customer behavior should all fit into this matrix. Most of your customers in a standard eCommerce operation will be who they say they are (own the identity they’re using) as well as have the money and the willingness to pay. They are the people shopping from work or home, providing their own payment details, and are unlikely to charge back unless there’s a huge issue with your service.
Most of the fraud you’ll see is at the other side of the spectrum: perpetrated by fraudsters who use stolen or fake identities and do not have an intent to pay. In most cases, however, they (or rather the person who’s details they stole) will have the funds to pay—if the card they’re using doesn’t have any balance on it, their purchase won’t go through, and therefore fraudsters will not be interested in their cards; that means that any detection mechanism aimed at figuring out whether there’s money in one’s account is not going to help detect most blatant fraud.
A third example is abuse, sometimes referred to as friendly fraud. As noted previously, cases of “borrowed” identity (the person expected to pay is related to the person initiating the purchase, as in cases in which children use their parents’ card details) are not really fraud: there’s ability to pay and the identity was not stolen, but the willingness to pay is missing. This is a unique type of behavior, where the “borrower” feels that nonpayment online is a victimless crime or maybe that the use of the Internet’s semi-anonymity allows different behavior than when face to face (some consumers almost treat online fraud as the equivalent of stealing cash from their parents’ wallet). Fraud is about identity theft and forging details, and abusers should be treated as misguided individuals who are lax on personal standards but will behave well when reminded. A vast body of research repeatedly demonstrates how this works in real life.
As you can see, there is a vast range of behaviors for both consumers and merchants to understand and work with, and detecting them is both science and art. Being able to detect, analyze root cause, and then act on major problems and emerging trends is the core of what the RMP team should do day to day. Now that we’ve established basic terminology, we are free to discuss the topics that build on it.