When it comes to protecting their revenue from fraud, airlines and online travel agencies (OTAs) find themselves in a catch-22. Strict rules and fraud filters reduce chargebacks, but given that clear-cut fraud only occurs in approximately 2% of card-not-present online flight orders, these measures also inevitably lead to costly false declines and disgruntled [ex]customers.
NB This is a viewpoint by Abigail Singer, marketing writer for Riskified.
Continuing on from our previous article on young travellers, here I discuss how airlines and OTAs can manage this conflict by using data from a range of sources to evaluate orders containing mismatches, rather than relying on discrete data points to identify and block ‘suspicious’ customers.
By investigating online shopping behaviour through less formal fraud detection techniques, online sellers can take advantage of their data to get ahead of the game and boost online revenue.
Rejecting orders over a single mismatch can be risky too
When it comes to online travel bookings, mismatches between geographical data points are almost always a given. For example, in more than half of online flight orders, a passenger makes a purchase outside their flight departure country. A whopping 97% of these orders, where there is a mismatch between the IP country and departure country, are valid.
With many travellers booking their tickets while abroad, it's also very common to see purchases made with a credit card issued in a different country. More than one in four online travel orders have a mismatch between the card issuing country (BIN country) and the device IP country. Close to 95% of these transactions are valid.
It is clear that airlines and OTAs should not reject orders simply based on data mismatches. But the question remains - how can we know which orders with data mismatches are valid?
We use all available information, including data across Riskified’s ecosystem, the customer’s cyber footprints, and third-party databases, to reveal the story behind the order. This includes taking advantage of social media, which can often provide the missing pieces of the puzzle - yes, we can finally put our Facebook stalking skills to good use.
Given the extra information customers are required to provide when completing a travel booking, airlines and OTAs have the added advantage of multiple data points from which to identify correlations.
Getting to know the traveller behind the data
The best way to illustrate the benefits of such an approach is by looking at a typical online flight ticket order.
The first obvious discrepancy in the above order is that the passenger and credit card holder have no clear connection. Furthermore, the purchase has been made for a French citizen, using a US-issued credit card.
Many airlines and OTA fraud review systems would have already flagged these mismatches as signs of a high-risk order that should be declined or at the very least routed to manual review. But despite the multiple data mismatches, this order is absolutely legitimate and was safely approved by Riskified.
So how did Riskified identify that this order is valid? Based on the email address used, and previous orders with similar details, we deduced that it was likely a business related purchase. A LinkedIn search confirmed that the domain listed in the email belongs to a US owned company headed by Patricia Williams. It has offices in Europe, and the traveller shared their surname with a company manager. A Facebook scan then revealed that the traveller was the manager’s husband, and according to her status they were both looking forward to relocating to the US following her promotion.
Based on the information already obtained it would be quite safe to conclude that this was a legitimate order. But Riskified’s elastic order linking system - which links every new order to those previously reviewed - provided even more insight, and revealed that the same email address, connecting from the same IP, had been used to make another travel related booking four months prior. That transaction had been approved and did not return as a chargeback.
In short: the office administrator of the company's Italian branch, used the American CEO’s credit card to purchase a ticket for a relocating employee’s French spouse.
Hold on to your revenue
This is only one example of how drawing on additional sources can assist fraud teams to familiarise themselves with the patterns of genuine travellers. Without the ability to incorporate this data, the transaction would probably have been hard declined.
In some cases, merchants may have opted to use an alternative, more conspicuous measure to verify the order (such as contacting the customer by phone). However, such an approach is inconvenient, time consuming, and will generally impact negatively on a customer's experience.
By enforcing high-friction verification measures, or by falsely declining such orders, merchant's stand to not only lose the revenue from that specific purchase but also jeopardize their relationship with highly profitable clients. And sending rejected, annoyed, legitimate customers to competing sites - where they are able to reserve the exact same tickets - is a highly frightening prospect in such a competitive market.
NB This is a viewpoint by Abigail Singer, marketing writer for Riskified. It appears here as part of Tnooz's sponsored content initiative.
Previous articles by Riskified:Stop declining these travellers’ orders! (Nov16)
As mcommerce grows in travel, so does the need to understand mobile fraud (Oct16)