A Fortune 200 global company with a large eCommerce website stops sophisticated loyalty fraud.
Enterprise – eCommerce retailer
NuDetect was previously deployed on the merchant’s eCommerce site for sophisticated automated attack prevention, but not yet integrated onto their loyalty website.
The loyalty area of the merchant’s website was exploited by an organized criminal fraud ring who built a custom script to conduct loyalty fraud. They siphoned off small amounts, that grew larger and larger, over a period of several months in order to pass below transaction review thresholds. In addition, they used complex reshipping schemes to acquire merchandise that was resold on auction sites.
Fraudsters attempted to hide their intent by:
o Exploiting the ‘add receipt’ functionality on the site
o Scaling up volume and size of purchases over time several months using multiple channels
o Submitting millions of requests using automation and reverse-engineering
o Avoiding detection threshold using small dollar requests
NuDetect was chosen because of its advanced ability to detect sophisticated fraud schemes across multiple channels. While NuDetect was deployed in the customer’s eCommerce environments, it had not been integrated into the loyalty site. Once the volumes of suspicious purchase activity were noted, the client deployed NuDetect into their loyalty environment.
o They deployed behavioral biometrics plus additional logic from NuDetect’s deep intelligence for verification.
o Upon discovery, the merchant disabled the affected reward accounts and stopped additional points being assigned to those accounts.
o Leveraged NuDetect’s real-time interdiction to stop advanced automation.
Results / Benefits
This merchant realized immediate benefits:
o An immediate drop-off in automated activity once NuDetect was deployed.
o The customer has not seen any automated attacks against these loyalty pages since NuDetect went live.
o Mitigated: close to $1.5 million overall
“Resounding success! It reinforced that we were going down the right path with aggressive deployment of behavioral biometrics including automation detection mitigation.”