What's LTV Got To Do with Fraud?

April 2, 2020

When it comes to eCommerce, the effect fraud has on LTV tends to be overlooked - more likely it isn't considered. Customer accounts are a driving force in improving LTV by bringing light to key insights derived from your most loyal and profitable customers. These accounts are also a very attractive target for account takeover attacks. In order to get the best ROI out of each attack, fraudsters will assess how much time and resources they need in comparison to the value of what they can monetize on before they are discovered. We have named this value, the Fraud LTV, FLTV. And in order to improve your LTV, you need to reduce the FLTV. Let's take a look.

The Value of Customer Accounts in Improving LTV

For any company in the business of making money, especially growing companies, customer retention is crucial: 65% of a company’s business comes from existing customers rather than new ones. By focusing on your most profitable customers, you gain valuable insights into their needs and plan to both reach more of these customers and increase profitability per customer. 

LTV is a crucial KPI that helps you do this; by taking into account the amount it costs to acquire a new customer, it calculates the amount of profit you can expect to earn per customer over the whole period of the relationship. 

Once LTV has been calculated, the goal - of course - is to improve it. This is a critical measure used to justify the ROI of the costs that marketing and customer success teams use to achieve this. 

No doubt the above  information is not news to you, and while this is a high-level look into a multi-faceted strategy, it is not necessary to dig deeper for the purposes of this blog. So why am I, a fraud fighter, writing about this topic? Well, just like customers have an LTV to you, they also have one to fraudsters. Interesting, right? I’ll explain…

An Account Takeover Strategy: Adding An F to LTV

As retailers expand their online businesses and user accounts are becoming the norm, they are becoming especially attractive to fraudsters for two key reasons: saved payment data, and loyalty or reward programs. Frequent account usage and the variety of purchases associated with accounts serves as a magnet for fraudsters seeking “reputable” accounts. This account reputation has a direct effect on risk scores when unusual transactions are made, leading to false negatives = a win for fraudsters. 

In one case, fraudsters took over almost a million accounts for Netflix, Spotify, Hulu, and other subscription services, ultimately making around AUD $300,000 before being detected.

We have discussed in previous blogs how fraudsters are becoming more professional, so it is not an overreaching assumption that they will take into account something very similar to LTV when choosing a target for account takeover attacks. They will not only consider what company to target (risk, high value accounts, etc.), if they can take over an account and how much time and money they will need to spend on executing the attack (tools, combo & proxy lists, etc.) but how much they can -squeeze- out of it. This will determine the ROI of their attack.

Just like your business team will look to increase the LTV of your customers, a fraudster will strategize how to get the most out of each invaded account before getting blocked. It takes an average of 16 hours to resolve account takeover, giving fraudsters ample time to maximize the value of the attack and recent trends reflect these behaviors. Fraudsters are implementing attack strategies that allow them to monetize earlier in the customer journey, finding ways to make a transaction that does not require a payment like redeeming loyalty points, scraping PII or changing account settings. They then have the opportunity to move to the payment stage and monetize further.

We have penned this calculation as the Fraud Lifetime Value, FLTV

Regardless of the target, the fraud flow of an account takeover attack stays the same and fraudsters will assess if the potential ROI is positive. If the ROI is low or negative, the cost and effort of acquiring the account exceeds its value and fraudsters will look elsewhere. The key to prevention is to reduce the potential ROI by increasing the effort required for an ATO, and by decreasing the FLTV through early detection and by blocking monetization.

Using FLTV as a Tool to Improve LTV

Create an Obstacle Course for Fraudsters

LTV is a critical business KPI for marketing and sales teams, and, IMHO, FLTV is an equally important KPI for fraud teams. We have preached many times that one of the best ways to get ahead of fraudsters is to get inside their heads as much as possible. To a fraudster a higher FLTV means more money, so your payments and fraud teams need to work together to devise strategies that work towards reducing the FLTV of ATO, this means implementing solutions that further deter fraudsters, catching as much fraud as possible AND detecting it as early in the customer journey as possible. 

In order to do this, we must push fraudsters out of their comfort zones, we must make their lives harder starting with blocking the ‘simple’ attack vectors. One strategy could be to force fraudsters to use more sophisticated bots means an expensive investment in more advanced tools and complicated stages in their journey to monetization. On top of increased costs, it will also significantly lower their attack scale. Putting it into this perspective also facilitates understanding and cooperation with sales & marketing teams, since addressing fraud has a direct impact on sales and revenue. 

Identify Gaps in the Customer Experience ASAP

The digital customer experience is multi-faceted, with continuous improvements being made to products or services being offered and the features available. It’s highly likely these additions are part of a plan to improve customer retention. What is often overlooked, however, is that when new features or flows are added to websites or apps, they open up new opportunities for fraudsters - ironic, right? And the longer they go unnoticed, the higher the value of that FLTV is going to grow. When so much time and resources goes into planning and executing new features, only for them to open the proverbial floodgates for new attack strategies, the ROI isn’t going to be positive. It is critical for marketing & sales teams to loop in the fraud specialists when planning these updates, as a matter of priority, so that they can identify any new fraudulent behavioral patterns as quickly as possible and block them immediately. In order to do this, you need to have visibility into the entire flow of the customer journey - check back here shortly for more insights on breaking down fraud flows.

Use Fraud Detection to Improve the Customer Experience

We can also flip this paradigm on it’s head and implement a fraud strategy that improves the customer experience. How about using fraud detection to identify good users first? We know that your most loyal customers are your most valuable, not just in profitability but also as brand ambassadors. So why should these users be made to jump over hurdles to verify themselves? By adopting an approach to detection that gives visibility into the customer journey from the moment a session begins, you can recognize behavioral patterns of the good users as early as possible and provide a seamless experience all the way through to checkout.

One of the biggest pains when protecting customer accounts is the ongoing challenge of password reuse. What if your teams put their heads together to not only ensure customers are educated about the importance of changing passwords, but also offer rewards for customers who actively do this? A growing pain for fraud professionals is loyalty program fraud - often a result of customers accessing their accounts infrequently, giving fraudsters ample time to take what they want. Yet, by sending regular updates you both show customers their value and shorten the time fraudsters will have to explore and exploit these accounts. This forces fraudsters to further change their attack strategies. As an added bonus, it would make their stolen combo lists worthless, or near enough when compared with ROI.

What You Can Do to Reduce FLTV

Here are some steps you can take:

Make the FLTV Unattractive  
to Fraudsters  

The less fraudsters stand to earn from ATOs, the less likely they are to perform them. Companies can do this by increasing the speed at which they detect fraud; the better you become at detecting fraud, the lower the risk of ATOs.

Plan Ahead  

Don’t just look for attacks, but implement solutions that can detect and shut down fraudsters before they can do any real damage. In addition, don’t wait until the transaction occurs before performing fraud detection, as this still leaves the customer’s personal data and payment details vulnerable.

Implement a Holistic Approach to   Fraud Detection  

Having visibility into where fraudsters are, what they are doing & how they're doing it means identifying the connection of new features to new fraud tactics is more straightforward and supports more efficient detection.

Recognize the Value of Fraud Lifetime Value as a Critical KPI

We know that implementing solutions that deter fraudsters should go without saying. But it is easier said than done. It is dependent on more than just your fraud and/or payments teams, it requires cooperation with marketing and sales teams -  a new perspective that provides a pathway to meet fraudsters where they are. Customer loyalty is a key strategy being used by eCommerce companies globally to improve LTV - and with that comes a treasure trove of accounts for fraudsters to target and a whole new growth potential for FLTV. By focusing efforts on protecting your customers from fraudsters, you can create a business strategy that improves KPIs for multiple teams.

Recent Posts

4 Reasons to Prioritize Mobile Fraud Prevention in 2021
Peak Season 2020: Account Takeover is Here to Stay and Other Takeaways
It's Time We Confront These Common Myths About Behavioral Biometrics
[Infographic] Breaking Down the Fraud Flow of Account Takeover
Emulator Fraud-as-a-Service: The Threat Landscape Continues to Evolve

Follow Us