Cashfree Payments Blog
In All

Protecting Your Business & Customers: How Cashfree Fights Online Payment Fraud

7 Mins Read

Over the last few years digital payments have surged significantly in the country. In fact, India recorded over 89.5 million digital transactions in the year 2022, according to a recently released data by MyGovIndia. 

The increase in adoption of digital payments has been driven by several factors, that include the government’s push towards a cashless economy, growth of e-commerce, and growing use of smartphones and other mobile devices. Overall, digital payments have become a vital component of India’s economy, offering a secure, efficient and convenient way for businesses and consumers to make online payments.

Along with the growth in digital payments, there has been an increase in the risks and frauds associated with it. The risks here refers to the potential threats and vulnerabilities that individuals and businesses face when using digital payment methods to transfer money over the internet. These include: 

Security Risks: Online payments can be vulnerable to cyberattacks, including hacking and frauds which can compromise sensitive information such as credit card numbers, personal information etc.

Unauthorised/Fraudulent Transactions: Unauthorised transactions occur when someone gains access to an individual’s payment information and uses it to make purchases without their consent.

Payment Disputes: Disputes can arise between buyers and sellers regarding payments, such as disputes over the quality of goods or services purchased.

Preventing financial frauds is of utmost priority to the RBI, banks and other entities in the payments ecosystem. This is where payment aggregators play a crucial role in mitigating fraud by implementing advanced security measures such as multi-factor authentication, encryption, and fraud detection algorithms. Apart from being self secure, the most important role of a payment aggregator is to keep the platform risk free. This would mean stopping fraudulent transactions on the platform. Be it conducted by a fraudulent merchant or a fraudulent customer.

Entities Involved in Risk?

There are 3 major entities when we talk about risks in online payments:

  1. Government
    • Reserve Bank of India (RBI) – the central bank that regulates the banking sector and creates guidelines for the fintech ecosystem. 
    • Financial Intelligence Unit (FIU), Securities and Exchange Board of India (SEBI), Enforcement Directorate (ED).  
    • CyberCell, which helps the police authorities in matters of fraudulent transactions or phishing.
  2. Merchants
    • Cashfree ensures enhanced due diligence of the merchants during signup, pre-onboarding and post-onboarding. 
    • We prevent onboarding of bad merchants to reduce fraud cases by 50%. 
  1. Customers
    • Customers can be honest or fraudulent
    • Role of Cashfree here is to prevent customers from doing fraudulent transactions. This would in turn ensure good quality customers for Cashfree’s merchants and hence less chargebacks.

Chargeback: Definition and Types

A chargeback is the reversal of funds to the payment source of the buyer. It can occur if a customer claims that the purchase made using their credit card was fraudulent or made without their knowledge or permission. The notion of chargeback is applicable to credit cards and is build by banks and card networks (like Visa, Mastercard, Rupay, etc).
When a chargeback is raised against a merchant. The amount of the chargeback transaction is kept on hold by the acquiring bank and hence the payment aggregator as well.

The merchant in question in this case has to provide the required proof of delivery of services. These could be:

  1. Invoice 
  2. Shipment tracking number 
  3. Other receipts or proof of product/service delivery etc

If the merchant loses a chargeback then the deducted amount is sent to the customer. On the contrary, if the merchant wins the chargeback, the deducted amount is given back to the merchant. Hence, maintaining a good CTS (chargeback to sales) ratio is very important for the merchants. 

Impact of chargeback
Too many chargebacks against a merchant can lead to loss of business and penalties if they occur too frequently.

At Cashfree Payments, the risk team aims to protect both the customers and the merchants to ensure a risk-free ecosystem.

Types of Payment Fraud

How Cashfree Helps Merchants Mitigate Payment Fraud and Chargebacks ?

Ways to detect the Merchant Risk

This tier involves finding out fraudulent merchants during sign up, onboarding and post activation.

During Sign-up Stage

Cashfree runs a lot of risk checks on merchants during onboarding. These include:

  • Strict KYC checks – compliant with master KYC guidelines from RBI and more
  • Identify the true owner of the organisation
  • Checking expiry status of documents
  • Collecting device level information

During Onboarding

  • Establishing the merchant’s line of business and authenticity of the business.
  • Screening the merchant for global watchlist, political news or adverse media. Clarification on the same if found. 
  • Physical address verification of the merchant. 
  • Block fraudulent/illegal/prohibited businesses for onboarding.
  • Find blacklisted merchants and stop their onboarding. 
  • Collection of security assessment responses from merchants.
  • Verification of merchants online presence and social media complaints. 

Post Onboarding 

  • Continuous due diligence on the merchant
  • Periodic re-kyc and Security Assessment Report(SAR) declaration from the merchants.
  • Periodic checks on the online presence and complaints against the merchants. 
  • Auto deactivation of dormant accounts.

Cashfree has built merchant risk engines and various rules to mitigate risk across merchants. These rules include valuable suggestions from the financial intelligence unit (FIU), India. These check transaction pattern anomalies on various frequencies from minute, hour, days to even weekly and monthly.

Transaction Risk

This focuses on reducing the customer risk in the online payments by focusing on transaction monitoring. Risk engineering services at cashfree run round the clock to mitigate transaction risk and portfolio risk across merchants. This is done via a combination of real time risk scoring engine and in house risk logics to prevent chargebacks/frauds.

Risk real time service: Using machine learning, this service provides a risk score for all the transactions at cashfree from all products like payment gateway, auto collect, payout etc. Sitting at the heart of risk & compliance, this service enables blocking of high confidence fraudulent transactions during initiation of the transaction in real time.

Using geographical location and proxy IPs to block transactions from possible high risk customers and regions.

Blocking transactions in real-time based on the upi handles, bank accounts etc.

Pattern matching – Machine learning models to find out:
• Abnormal spike in transaction pattern
• Anomaly in the AOV(average order value) or GMV of products sold by merchants vs those sold by other merchants in the same category.

Law Enforcement Compliance

  • Cashfree ensures compliance with all law enforcement agencies. 
  • Our suspicious transaction reporting systems enable us to report fraudulent or suspected fraud transactions to the Financial Intelligence Unit (FIU)
  • Cashfree prides itself by helping the CyberCell, ED and other central/state agencies in making online payments in India risk free.

Mitigating Online Payment Fraud: The Way Forward 

With each day, the fraudsters are finding new ways to do fraud. While scamsters would find news ways to fraud people, payment aggregators would always have to be ten steps ahead to protect the merchants. Hence, risk teams at Cashfree always keep improving the risk engines and risk rules to mitigate risk.

For Payment Aggregators

As of today, criminal entities do understand that if they are rejected by one payment aggregator(PA) there is a good chance that they will be accepted by another PA. This is because no knowledge is shared among payment aggregators for any fraudulent merchants or transactions found on their platform.

  • Payment aggregators must come together to share relevant incidents of frauds with each other and regulators to make the payments ecosystem in India strong.
  • PAs must unionize and share the blacklisted database among themselves and publicly on their platforms for other PA entities. 
  • Ensure 100% compliance with master KYC RBI guidelines, Prevention of money laundering act(PMLA) guidelines around merchants.
  • Make use of new gen technologies like machine learning for anomaly/fraudulent transactions detection. 

For Merchants

Merchants should be cognisable to account takeover/theft by other entities. 

  • Always keep 2 factor authentication on. 
  • Periodically change the dashboard passwords.
  • Don’t use public wifi to open the merchant dashboard. 
  • Always create aliases for other users in your company and never share your account password with any other team member. 
Felicitation of Cashfree risk team by CyberCell and law enforcement agencies

It is imperative that payment aggregators must keep an eye on the tech in future to ensure risk mitigation in online payments. And, if you are a businesses and looking for a safe and robust payments partner, sign up on Cashfree Payments today.

Author

Related Posts

Discover more from Cashfree Payments Blog

Subscribe now to keep reading and get access to the full archive.

Continue reading