The pandemic has been an inflection point for the global online grocery market, increasing the number of online grocery shoppers by 30%.
And while we’ve seen some stabilization with the easing of restrictions across Europe, it’s a trend that isn’t going away. In the UK in 2021, nearly 50% of shoppers said they would continue to shop online once the pandemic was over.
European retailers were quick to capitalize on this appetite, starting to deliver groceries, drinks, meal kits and other products and services online. Europe has also seen an explosion of quick commerce (Q-commerce), feeding on the new work-from-home lifestyle and demand for instant delivery.
Q-commerce is a global phenomenon, with new players like Jiffy and Zapp with their dark food warehouses, traditional brands like Tesco partnering with Gorillas and Carrefour’s investment in Cajoo. Restaurant delivery companies like Just Eat Takeway and Deliveroo are also partnering with grocers across Europe to deliver groceries as part of their service.
But online grocers aren’t the only ones benefiting from this shift in consumer behavior. Online shopping, home delivery and Q-commerce have also opened up a whole host of new money-making opportunities for online fraudsters.
Grocery accounts are more valuable than ever
Online grocery was often seen as one of the most predictable e-commerce segments. loyal customers with recognizable shopping habits, usually at home, making it easier to detect suspicious activity.
Now, with more people feeling comfortable shopping online, wanting to find the best prices and fastest delivery windows, and willing to try new digital services, there are more accounts open and the behavior is less predictable – this is where the fraud problem for these online grocery stores is accelerating.
In our recent Retail Ecommerce Fraud and Payments report, grocers rated their top three fraud risks: online payment fraud (73%), account theft or ATO (65%) and friendly fraud (58%).
The majority of online payment fraud is the result of credit card details being stolen, obtained through skimming or purchased on the dark web and these bad actors have a number of techniques for obtaining verification information that can “legitimize » their purchases from the retailer’s point of view. On the dark web, mentions of food accounts have increased by 230% since 2019, and login credentials are easily purchased for between $1.50 and $10 each.
Friendly fraud occurs when a customer makes a purchase with their own credit card and then requests a chargeback instead of contacting the merchant for a refund. A version of friendly fraud prevalent in grocery delivery is refund abuse, where contactless delivery relies on the honesty of customers to claim items not received. Opportunistic customers are aware of the difficulty of discrediting their complaints and take advantage of it quickly.
Account takeover (ATO) occurs when a fraudster infiltrates a genuine customer’s account and then performs unauthorized transactions. Interestingly, although online grocers do not see account takeover as the biggest threat to their business, of all e-commerce industries, they experienced the highest increase in ATO (+50% ). This type of fraud is particularly problematic for retailers, as it often tricks them into thinking the activity is from a legitimate customer. Once granted access, attackers can place orders with saved card details, redeem loyalty points or mine customer data to sell online.
Added layers of defense
To meet these challenges, grocers are spending more and more time manually reviewing transactions. In a recent survey, more than half of grocers (55%) said they spend more than 40% of their time manually reviewing transactions, more than any other industry, due to selling products high risk and restricted such as alcohol and tobacco.
While this creates additional pressure for merchants, they cannot afford to let fraud detection take a back seat to prompt action.
In order to effectively combat fraud, the grocery industry should consider introducing a combination of machine learning and customer behavior analytics to provide a strong layer of defense.
As a subset of AI, machine learning has the ability to create fast and flexible models for specific tasks such as fraud detection. Going further, using more advanced deep learning techniques, more personalized models can be created. These models base their predictions on fraud signals focused solely on an organization’s customer base, preventing the model from being influenced by patterns in unrelated industries for more accurate decisions and better performance.
Now is the time for grocers to take greater control and get clearer information about their customers to combat the increased risk of fraudulent attacks.
About Mairtin O’Riada
Mairtin is the CIO of Ravelin, which provides fraud protection to online businesses. The “I” in CIO stands for “Intelligence,” and Mairtin leads the Data Science and Investigations team at Ravelin, responsible for the machine learning and graph network models at the heart of Ravelin’s detection engine. He was previously a fraud manager at the taxi app Hailo, where he honed his frustrating skills as a fraudster. He is an internationally experienced intelligence analyst, having worked at Scotland Yard, the United Nations and elsewhere.
Ravelin provides technology and support to help online businesses prevent evolving fraud threats and accept payments with confidence. Combining machine learning and graphical network visualization, Ravelin helps companies derive deeper insights from their customer data to detect fraud, account takeover and promotion abuse, and increase payment acceptance. .