Fraudsters are in general a nefarious bunch; as annoying as a mosquito, their bite does not discriminate against rich or poor, big or little.
Last month, for example, Birkenstock pulled its entire collection from Amazon, mostly as a protest over the many merchants that were selling knockoffs of Birkenstock sandals, and using Amazon's e-commerce platform to fool consumers into taking those knockoffs over the real thing.
As one of the world’s largest e-commerce platforms, it’s natural that fraudsters would be tempted to game the Amazon system - leading to situations like this. If it could happen to an e-commerce giant like Amazon, what hope does a smaller e-commerce site have against the fraudsters who run even sneakier scams - like transaction laundering?
Probably very little. In a transaction laundering scam, a merchant in illicit goods or services (drugs, for example) utilizes an e-commerce platform to process payments for their wares. The merchant joins an e-commerce site, and sets up a legitimate-looking store site, with legitimate-looking goods (baby gifts, for example). The main function of the store, however, is not to sell products; it's to use the marketplace's financial platform to process payments, and to use its shipping platform to distribute illicit goods.
The actual sales are made elsewhere, perhaps via email, chat, on another site or even on a mobile app. When a customer wants to buy, for example, some illegal drug, but doesn't want to pay with bitcoins or other crypto-currencies preferred by on-line pushers, they are redirected to the legitimate marketplace’s payment page, where they pay for purchase with their credit card, and with the payment processed by the e-commerce platform. Now paid in full, all the customer has to do is sit back and wait for delivery.
The implications of this for the e-commerce platform, of course, are very serious; as a party to illegal sales of narcotics, they could find themselves facing heavy fines, as well as the ire of the public. Tracking down this kind of fraud is almost impossible for an e-commerce site with dozens of “storefronts” and thousands of products to evaluate.
The only one way to deal with this is using cyber-intelligence, machine learning and analysis tools that are able to take an ongoing look at transactions to make sure they are legitimate. These systems set up a profile for the merchant of what a legitimate transaction looks like, evaluating parameters that provide a clear picture of what a customer’s true actions are on the site.
As far as the e-commerce platform is concerned, checking for patterns that could provide clues to the structure of the scam. These examinations need to take place on an ongoing basis; there are too many “holes” in security for transaction laundering fraudsters to take advantage of. Most platforms, acquirers, or payment processors vet their clients when they are onboarded – and from then on it's a matter of trust. Transaction laundering fraudsters of course know this, so they are on their best behavior when they join a platform – and after that, if they keep their head down and don't attract too much attention, they can keep their scam going indefinitely.
Only active monitoring of those transactions will root out this scourge. The alternative is likely to be a lot worse for an e-commerce platform than just losing a valued customer; if the platform gets caught facilitating payments for a drug dealer, it will have to face the wrath of the law, as well as the anger of the public and its other merchants. The people running that platform will probably end up losing a lot more than some shoe sales; that particular mosquito’s sting will be very deep
Ron Teicher is CEO of EverCompliant.