Citizens plagued with anxiety and financial woes, economies in free fall, and scammers exploiting fear in every corner of the globe. Welcome to April 2020.

No one could have predicted the situation we find ourselves in, but we can plan our way out of it, even if we can’t control the timeline. As Dr. Anthony Fauci, the director of the U.S. National Institute of Allergy and Infectious Diseases, explained, “…the virus makes the timeline.”

So we begrudgingly let the virus have the timeline, but we take full control of the plan.

Here at Feedzai, we’ve divided our Coronavirus response into three phases.

Three phases of the COVID-19 pandemic: crisis, recovery, growth

Crisis Phase

  • Understand and prepare for a surge in specific fraud types
    • Add possible consequences for each scam attack that you think will impact your business
    • Build possible fraud scenarios
  • Prepare for changes in specific transaction types and how to minimize customer friction around this
  • Use this time to clean-up fraud-fighting processes and implement new ones to get ahead of fraudsters before we move to the recovery phase
  • Know how machine learning rules and models react to sudden significant changes in customer behavior

Recovery Phase

  • Prepare for a gradual approach to full recovery
  • Ready teams to handle an increase in numbers of transactions
  • Develop plans for how to approach data gaps caused by the crisis period
  • Compare pre-and post-COVID-19 transactional behavior
  • Ensure teams avoid tunnel vision (decline all or approve all; use data-driven decision making)

Growth Phase

    • Document all learnings from Crisis and Recovery and distill them into actionable processes. Coronavirus was the first global pandemic; assume it won’t be the last
    • Focus on types of transactions to better identify customer behaviors, e.g., card-present (CP) vs card-not-present (CNP)
    • Improve data on high-risk entity lists by comparing pre-and post-COVID-19 numbers across entities to better understand deviations


This post focuses on the current moment, the crisis phase.

What the economy looks like in coronavirus crisis mode

If a picture is worth a thousand words, the graph below might be worth a million. It’s a stark visualization for what’s happening right now: an economy screeching to a halt.

Graph showing how transaction volume has dropped due to Coronavirus

At the start of the global shutdowns, Feedzai monitored several metrics, including transactions by country, number of transactions, payment types, card-present, and card-not-present, to name a few. When we evaluated these complex layers of information, we quickly saw a sharp drop in transactions across all industries, save for groceries and alcohol.

This drop in the number of transactions isn’t surprising given the sudden and dramatic confinement of large numbers of people combined with a steep rise in unemployment across the globe. “We see unemployment rates in the US and Europe getting up well up into the teens,” Deutsche Bank’s Peter Hooper told Bloomberg. “This is unprecedented since the Great Depression, in terms of magnitudes.”

Resist the temptation to reduce fraud-fighting efforts

Merchants and financial institutions might consider letting up on fraud-fighting efforts in favor of spurring transactions. Don’t. Surviving Coronavirus is a marathon, not a sprint.

Instead, understand where there are legitimate opportunities for increased customer activity and plan to mitigate both fraud and friction so that you can realize those opportunities without increasing risk.

Three transaction types expected to grow during the Coronavirus crisis phase, along with ways to reduce customer friction around them —  without increasing fraud risk.


If e-commerce is where customers are engaging, make sure your organization creates as little customer friction as possible in this area. Of course, that doesn’t mean you should increase your risk of fraud. There are actions and strategies you can implement to continue to see growth in this area of spending while mitigating fraud risk.

How to reduce e-commerce fraud without increasing customer friction

  • Focus on cross border transactions. As most of the world is on lockdown, cross border transactions should be next to nothing. Raise an alert for these types of transactions.
    • If customers are legitimately stranded, what services can you provide for them?
  • CP transactions should decrease in volume. Focus instead on CNP transactions.
  • Adjust rules and models to be less sensitive or allow for higher spending amounts and more frequent grocery store and pharmacy MCCs. Again, if your platform isn’t particularly agile, work with your provider to develop a strategy for how to handle abrupt changes during the crisis phase through to the growth phase.
  • Adjust rules and models to create more sensitive alerts or more significant restrictions around travel, hospitality, or beauty parlor MCCs.
  • Create a rule that labels a customer as risky after three potentially fraudulent acts within a specified period, say ninety days. For customers labeled as risky, all transactions must go through additional requirements, such as requiring signatures for deliveries.
  • Be aware of the types of fraud associated with eCommerce, particularly:
    • Friendly fraud —  also known as chargeback fraud; occurs when a consumer makes an online purchase with their credit card, and then either says they didn’t receive the purchase or initiates a return but sends back an empty box
      • Flag the accounts of anyone suspected of friendly fraud two or more times within 6 months. Merchants should implement step-up authentication for purchases from these accounts. Also, consider requiring signatures for delivery.
    • Account takeover fraud (ATO) — a form of identity theft in which the fraudster accesses a victim’s financial accounts via malware, phishing, hacking, or buying them on the dark web to make unauthorized transactions

Loan and credit card applications

With a surge in unemployment comes a rise in loan and credit card applications. Many people will need financial help to meet their obligations and survive during this difficult time.

How to benefit from an increase in loan and credit card applications without increasing customer friction or fraud risk

  • Some lenders will create customer friction because they’ll tighten lending requirements for fear of a large number of borrowers who default on loans or for fear of defaulting first-party fraud — borrowers who falsify records or apply for multiple loans at the same time. For these lenders, we suggest implementing a tailored account opening workflow approach. Tailored workflows customize the account opening process based on risk assessment and risk threshold. Customizing the application process reduces friction in the account opening process and helps support banks’ growth goals without increasing risk.
  • Go beyond strong know your customer (KYC) controls to deal with an increase in synthetic identity theft. Synthetic ID thieves know their victim’s mother’s maiden last name and answers to other standard litmus test questions. Get creative with identity verification questions! Fraudsters are thinking out of the box, and you should too.
  • If your organization does not currently conduct real-time validation of government-issued identity numbers, utilize machine learning to develop algorithms that can detect randomly created social security numbers. A legitimate social security number won’t be random.
  • Be aware of the types of fraud associated with application fraud:
    • Synthetic identity fraud — a type of fraud where real and false information is combined to create a new identity
    • SIM Swap — a type of ATO fraud that aims to gain access to the victim’s SIM card. It targets two-factor authentication methods when the second factor involves something that can easily be stolen such as a cell phone
    • ATO

Contactless payments

Contactless payments allow consumers to tap their chip-enabled debit or credit card near a point-of-sale terminal instead of touching germ-dense personal identification number (PIN) pads.  While the benefits to consumers are clear, not having to use a PIN makes contactless payments enticing to fraudsters. To counter this known threat, banks and merchants traditionally kept the allowable amount for contactless transactions smaller than other transaction types. However, the coronavirus crisis has changed that.

In a move applauded by Visa, the British Retail Consortium, along with other trade associations, have increased spending limits for contactless payments. Increasing spending limits and thereby making contactless payments more customer-friendly makes good sense today, but it also increases the risk associated with contactless payments.

How to benefit from increases in contactless payment transactions by reducing customer friction without increasing fraud risk

  • Focus on the devices being used. A customer attempting transactions on a known device is less of a risk than a customer attempting transactions on a new device. Raise alerts for new devices.
  • Spending limits won’t provide accurate information as consumer behavior, particularly for essential items, has drastically changed. Focus on location data, and narrow the acceptable radius for charges to occur. If a customer is shopping more than 10 miles/16km from home, that should trigger an alert.
  • Organizations using machine learning models should adjust alert thresholds based on a customer’s known frequently used merchant category codes (MCC) and locations. Feedzai deploys agile models that can be adjusted in a few hours. If you’re on a machine learning platform that takes a bit longer to adjust models, start that work right now. And anticipate that you’ll have to continuously adjust your models during the crisis mode and as we move to recovery and growth.
  • Organizations using rules-only based systems should look at implementing new rules. For example, If a customer frequents a specific MMC and uses contactless payments four times in one month, do not raise an alert.
  • For both machine learning algorithms and rules, look at customer data from over the past two months. As the crisis continues, stretch the window of time to look at a longer period. This allows you to use customer data prior to the crisis period.

Key Learnings

Banks, merchants, and issuers can take a phased approach to manage the impact of the coronavirus pandemic: crisis, recovery, and growth. In the crisis mode, the number of transactions across all industries has drastically declined. The exception is grocery MCCs, which have seen an increase in the number of transactions. Organizations should resist the urge to lower fraud prevention methods in favor of encouraging consumer activity. Instead, they should look at ways they can reduce friction without increasing fraud risk, understanding that there are opportunities for growth even in this crisis. Looking at customer location data, device IPs, and adjusting rules and models to better align with post-coronavirus customer behavior is key to surviving and ultimately thriving in a post-coronavirus world.