Blog article
See all stories »

Why Buy Now Pay Later companies need to start taking fraud seriously

2020 may have been the Year of DeFi, but 2021 might go down as the year of Buy Now Pay Later (BNPL). BNPL services are growing at a rate of 39%, with major players like PayPal, Amazon and Square all acquiring existing BNPL companies in multi-billion dollar deals and challenger banks like Revolut and Monzo developing their own offerings. Klarna remains by far the biggest player in the space, with nearly a million app downloads in the UK alone, twice as much as its next biggest competitor, the established retailer Argos.

Much of this growth comes from the fact that BNPL solves a key problem for many consumers: with so many people living ‘paycheque-to-paycheque’ it can be difficult to pay for a large purchase like a new TV in one go, but being able to split the payments over several months makes it far easier. With a huge surge in eCommerce over the past few years, with the UK market expected to generate close to £76 billion in revenue in 2021 – more people than ever are being exposed to checkouts with BNPL options, and given that option many people will take it. Millenials and Gen-Z typically have difficulty applying for and little trust in traditional forms of credit, which is why 15% of millennials and 5.7% of Gen-Z consumers use BNPL, compared to 3% of older generations.

But wherever money goes, fraud will follow. Fraudsters have already worked out and are sharing methods for defrauding BNPL schemes, and although statistics on how much fraud is happening on BNPL platforms aren’t available yet, they are likely to be significant and growing. So how are BNPL companies and their customers being defrauded, and how can it be stopped?

How is BNPL fraud happening?

Many types of BNPL fraud are no different to other kinds of eCommerce fraud. A fraudster will create a profile using a synthetic ID and enter stolen credit card details, the BNPL company will take the payment and ship and item to an address where the fraudster can collect the item for resale. After the original cardholder notices the suspicious payment and initiates a chargeback the BNPL company will be hit by a chargeback fee. Klarna’s policy is to accept the risks of any fraud, so that the companies who offer it as a payment method won’t be affected and will still be paid in full.

Account takeovers are also a possibility: fraudsters can find the login details for an existing BNPL customer and use that account to make purchases. Because BNPL systems emphasise speed and lack of friction this may be fairly easy. Lastly there is ‘family fraud’, in which a family member uses another family member’s BNPL account to order for themselves, usually leading to a chargeback.

This means that BNPL companies are going to take the brunt of the harm of fraud. Retailers offering BNPL will not be affected, and customers will be inconvenienced by the loss of their money until it is returned after the chargeback. BNPL companies will have to pay the chargeback and will be affected by the damage to their rates that is caused by a large number of chargebacks. In time, this could cause BNPL companies who can currently offer customers low interest rates to raise those rates, negatively impacting customers until BNPL starts to lose its lustre.

One nuance of the “zero fraud chargeback” liability that BNPL companies offer to retailers is that they will also take care of fraud protection at the payments stage. Klarna has broadly similar AI-enabled anti-fraud measures to those we have developed for our solution, though we don’t know the details on whether they use powerful tools like data enrichment to supplement their identity checks. This does take some of the burden off smaller retailers who might not be able to afford high-end anti-fraud software, but it also means that retailers have to trust that their BNPL provider has the best security measures available.

The future of security for BNPL

New technology trends tend to follow a similar pattern: a new technology is invented and the designer of this technology becomes an instant market leader. Then comes a period of bandwagon-jumping in which established companies leverage their existing wealth to try to take some of the market share from the incumbent – this is exactly what is happening now as Fortune 500 companies scramble to get a piece of the pie. This tends to happen hand-in-hand with a press counter-reaction, in which the media tries to create contrarian takes on the new trend, something that is already happening to the BNPL industry. This is what sank the payday lending industry and its Klarna equivalent, Wonga, and it is why Klarna are tightening up their terms and conditions in markets like the UK, where there has already been talk of tighter regulations.

Fraud becoming prevalent on BNPL platforms is going to contribute to the ‘too good to be true’ reaction that some people have when hearing about the service, and could drive down the flow of new users until it becomes less viable. As with so many other industries in a digitised, highly connected world, BNPL need to be fast and frictionless, allowing as many people as possible to be approved and move through the sign-up process as quickly as possible. Balancing speed and security is difficult for any industry, but for BNPL it will be crucial.

This is why real-time data enrichment solutions like ours are particularly suited to the BNPL space. We can carry out checks on every customer, assembling hundreds of data points from anything from whether they use a VPN to how old their Facebook profile is, building a complete picture of every customer to be able to apply adaptive friction – giving customers who exhibit common signs of fraud more security checks than those who show clear evidence of being a real person.

This is a make-or-break time for the BNPL industry. If incumbents like Klarna are able to stay afloat while they are being assailed by new competition and a press backlash, then they will become a fixture of our day-to-day lives. If they don’t address problems like fraud then the companies who do what they do in a safer, more customer-friendly way will take their market share, and if no companies can manage to find a way to offer BNPL services in a way that keeps customers safe then the industry will sink into obscurity as payday lending did. 

AI-powered fraud prevention could be a key part of stopping this from happening. 


Comments: (1)

Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune 19 October, 2021, 13:10Be the first to give this comment the thumbs up 0 likes

Sorry but, probably in the enthusiasm to shill its own "real-time data enrichment solutions", this post misses a vital difference re. BNPL.

Unlike A2A and Credit Card / Debit Card providers, BNPL providers are VC funded and can absorb losses for a long time. More than anything else, that differentiator of BNPL industry will shape its response to Fraud.

Jimmy Fong

Jimmy Fong



Member since

29 May 2020



Blog posts


This post is from a series of posts in the group:

Information Security

The risks from Cyber cime - Hacking - Loss of Data Privacy - Identity Theft and other topical threats - can be greatly reduced by implementation of robust IT Security controls ...

See all

Now hiring