During the COVID-19 pandemic, millions of people around the world fell on hard times. Businesses closed, paychecks ceased, and fraudsters emerged from the woodworks to exploit the situation for their financial gain. One of the largest food delivery services in Asia was experiencing high levels of fraud that were largely occurring via mobile devices. In a recent interview with DataVisor, Technical Account Manager Venkata J illustrates how the company turned to DataVisor’s Device Intelligence solution and Enterprise ML to eliminate vulnerabilities among the food delivery platform and affected restaurants. The Many Faces of Food Delivery Fraud During COVID-19 When the pandemic hit Asia, the government imposed a lockdown that impacted many of the country’s restaurants. To further reduce the spread of the virus, cash-on-delivery options were eliminated. This was a major problem for many residents in Asia, as the majority of transactions are made with cash, not credit cards. This was also a problem for those who don’t have or use credit or debit cards as they were unable to order food through delivery platforms. Fraudsters saw this as a unique opportunity to cater to cash-paying customers while filling their own pockets at the restaurant’s expense. Many fraudsters are turning to social messaging apps and other marketing campaigns to conduct seemingly legitimate business with users. They offer a discount on food from a restaurant (e.g. offering a $20 pizza for just $10), place the order, and deliver it to the customer. Once it’s been delivered and the money has been collected, the fraudster will contact the food delivery platform stating something was wrong with the order and request a full refund. Venkata mentions that during this time, the number of fraud cases remained relatively the same or saw a slight rise, but the number of non-fraudulent transactions has dropped. “It used to be that this food delivery platform would see about 20 fraud cases out of every 100 orders. But because many restaurants had closed during the pandemic and not as many people were ordering, the valid orders dropped nearly 80% but we’re still seeing relatively the same number of fraudulent transactions. This affects the profit and loss margin for restaurants, and it’s growing day by day.” How Food Delivery Fraud Goes Unaddressed Before DataVisor, many of these refunds were flying under the radar because users could “talk” with chatbots to receive a refund. “All you have to do is tell the chatbot your food was bad or received a hair on your pizza, and you could get a full refund. As long as you respond appropriately, machine learning would take over and cater to fraud.” And as for the consumer ordering the food, they’re usually none the wiser about their actions and how they are contributing to the spread of fraud. “These fraudsters are basically behaving as middle managers,” says Venkata. “They charge the customer $10 for a $20 food order, get a $20 refund from the platform, and end up pocketing $30 for the deal.” And that’s just for one transaction. It’s a great deal for the consumer, and Venkata notes that people are more likely to start telling their family members and friends about it – inadvertently lining the pockets of wrong-doers. Fraudsters can avail new user promos by creating several accounts as well leading to promo-abuse fraud. “They’re acting as a company, not a fraudster,” Venkata says. “You might not even know they’re committing fraud. All the consumer is concerned about is that they got their food and a great discount. If you’re happy about the experience, you tell others and they get the same treatment. It’s genuine for you, and that’s all you care about. But ultimately, it’s affecting the food delivery companies being scammed out of food and money.” Using DataVisor to Combat Professional-Grade Fraud To fight back against fraud, Venkata brings up the fact that supervised machine learning can only take the process so far. “When customers perform certain fraudulent actions, these actions get labeled appropriately so that when they occur again, there’s no doubt that these activities are fraud. But that’s not how fraudsters work. They’re constantly evolving their tactics and techniques, so supervised machine learning isn’t as effective. Unsupervised machine learning can withstand these varying fraud patterns and detect underlying fraud rings to effectively mitigate at a large scale. However if the input signals to Unsupervised machine learning are better, then the output results could significantly catch larger fraud.” This is especially essential when dealing with professional con artists. They’re creating hundreds of fake accounts using multiple devices. They constantly change IP addresses on these devices. They use emulators, app cloners, jailbreak the devices, or hook it to hide their real identity of the device. Imagine hundreds of devices which are auto refreshed programmatically through various ways mentioned above to place fake orders. It is really important to identify that the transaction happened through the same device in order to find fraud.. DataVisor Device Intelligence is designed to provide accurate device fingerprinting and reliable device-level risk score by capturing the manipulation techniques applied on the device. Identifying bad actors from good fundamentally changes the game and helps these platforms be ahead of the fraudsters. Accurate SDK signals in Unsupervised Machine Learning models synergy will be greater than sum of their parts Venkata notes that the food delivery platform had previously invested in DataVisor’s Enterprise ML to detect fraud patterns and recently added Device Intelligence to their mix to specifically get accurate sdk signals to target fraud occurring via mobile devices. DataVisor’s Device Intelligence collects device data signals accurately so that devices using multiple accounts can’t fly under the radar. DataVisor’s Device Intelligence assigns each device a unique ID that never changes, even when apps are deleted and reinstalled, emulated, or otherwise concealing fraudulent activities. These signals can be effectively used in internal rules engines or on the other hand, they can be fed to an unsupervised machine learning model to identify the hidden linkages/patterns of fraud. Since implementing SDK signals into the Unsupervised Machine Learning model, the platform has seen a 20% uplift in the number of fraud cases detected with a > 90%+ accuracy rating. The average detected fraud case results in roughly $5-$7 in savings, or about $2,000 per day. “It’s important to stay in the game and focus in the long term,” agrees Venkata. “Reducing fraudulent transactions, especially in desperate times, is key to longevity and improving overall profitability. Fraudsters know that during these tough times, fraud goes unnoticed because of focus on growth. It is really important to tackle fraud to remain in the game and emerge as a winner” Download the case study to learn more! View posts by tags: Related Content: Quick Takes How to Use Identity Data and Behavior Intelligence for Fraud Detection Quick Takes How to Build a Fraud Audit Program Quick Takes Linkage Analysis: A New Approach to Detect and Investigate AML and Application Fraud about Venkata Karthikeya Jangal Venkata is a Technical Account Manager at DataVisor. He is responsible for customer success and is a technical advisor for DataVisor customers. Previously, he worked in UEBA space and used SIEM tools extensively. Venkata is passionate about using anti-fraud solutions and cyber security analytics to combat threats. about Venkata Karthikeya Jangal Venkata is a Technical Account Manager at DataVisor. He is responsible for customer success and is a technical advisor for DataVisor customers. Previously, he worked in UEBA space and used SIEM tools extensively. Venkata is passionate about using anti-fraud solutions and cyber security analytics to combat threats. View posts by tags: Related Content: Quick Takes How to Use Identity Data and Behavior Intelligence for Fraud Detection Quick Takes How to Build a Fraud Audit Program Quick Takes Linkage Analysis: A New Approach to Detect and Investigate AML and Application Fraud