How Buy Now Pay Later (Bnpl) Fraud Is Committed Online
1. Obtain Digital Identities
Fraudsters purchase databases of stolen credentials from the dark web, or harvest on their own.
2. Disguise Themselves
Bots use residential proxy networks, customized DevTools, and solvers to evade detection by anti-bot solutions and downstream protections.
3. Abuse Login
Automated scripts inject stolen credentials into logins to generate fake accounts or take over existing ones, while bypassing anti-bot, CAPTCHA, and OTPs.
4A. Monetize Fake Accounts
Consumer: Successful new accounts are used to make one-time purchases they don’t intend to pay back – buy now, pay never.
Merchant: Fraudulent merchant accounts dupe customers into buying fake products or used to ‘wash’ money.
4B. Exploit Account Takeover
Valid credentials are used to lock consumers and merchants out of their accounts and rack up debt or sell on the dark web.
The Impact:
5. BNPL Provider
Lose revenue from fake merchant accounts and abandoned carts, added strain on security and fraud teams, tarnished reputation with shoppers and retailers.
6. Customer
Frustrated with the BNPL provider for adding friction to the buying journey. Affected by ATO and fraud happening in their name.
7. Retailer
Receives inaccurate analytics skewed by fake customers, unprepared for the influx of fraudulent orders.
8. Banks
Shoulders most of the risk by financially backing the BNPL providers. Largely responsible for delinquent and fraudulent payments.