What the NFT revolution means for 'friendly fraud'
They’ve been used to trade everything from iconic soccer goals to priceless royal heirlooms. Non-fungible tokens (NFTs) are no longer a niche gimmick sought after by crypto experts and trend-chasers – they’re a fast growing market worth tens of billions of dollars.
An NFT’s value lies in its ability to prove ownership of something intangible, like a digitised work of art or, indeed, a thrilling moment from a sports match that took place a half-century ago. This value makes them an increasingly highly traded commodity, with up to 50,000 bought and sold every week. But they are also an appealing target for cyber criminals.
While there have been some dramatic digital smash-and-grabs in recent months, high-profile hacks aren’t the only concern for NFT players. We’re noticing more and more cases of illegitimate chargeback claims, sometimes referred to as “friendly fraud”, as tokenised assets become increasingly mainstream.
Tackling this isn’t always easy, in part because NFTs are still an emerging trend in the payments space. But with the right knowledge and tools, businesses can take steps to keep themselves safe while exploring this exciting new frontier of digital commerce.
How to buy an NFT
To understand the potential threat posed by NFT-related friendly fraud, you must first understand how tokens are purchased.
Marketplaces such as OpenSea, Rarible, and Binance are where the majority of NFT trades take place, either in eBay-style auctions or at a fixed price. Once the sale has been finalised, the purchaser makes an entry on the blockchain – a secure decentralised electronic ledger – transferring funds to the seller, with the seller responding in kind to transfer ownership of the token.
Blockchain-based transactions are permanent and can’t be reversed by either party involved – nor by a central authority, such as a bank. In other words, if a deal goes sour, the buyer has little recourse.
Often, the currency used for NFT trades isn’t dollars, euros, yuan or any form of regular fiat money, but rather cryptocurrencies such as Ethereum. To complete a purchase using these digital coins, the buyer must hold them in a crypto wallet – and herein lies the problem.
When buying cryptocurrency to store in a wallet, most marketplaces accept conventional credit and debit cards. That means that, while the final NFT transaction isn’t subject to third-party reversals such as chargebacks, the purchasing of the cryptocurrency required to pay for it is.
Mixing old and new
All this means that while NFTs and crypto in general aren’t subject to chargebacks and friendly fraud, they do still involve traditional payment methods. That sets the stage for a confusing confluence of old practices and new technology — confusion that can be taken advantage of in the form of friendly fraud.
Imagine, for instance, that a buyer finds a piece of digital art they believe to be a good investment, and then uses their credit card to purchase $1,000 worth of Ethereum on a crypto marketplace in order to execute the trade.
So far, so good – but what if the NFT’s value then plummets, as can often happen in the volatile crypto world? Desperate to cover their losses, the buyer might be tempted to lodge a chargeback claim, perhaps alleging that their card had been stolen prior to the cryptocurrency purchase.
When dealing with such transaction disputes, the card issuer will often side with the buyer rather than the crypto exchange. While the financial sector is digitising fast, crypto transactions are still something of a blind spot for traditional banks. Marketplaces might think they’ve gathered enough evidence to successfully fight a fraudulent claim, but if there’s a fundamental knowledge gap on the part of the cardholder’s issuing bank, there’s little that can be done.
This leaves the crypto exchange with a bill to pay, while the customer gets their money returned and retains ownership of the original NFT, which is effectively locked away in a digital wallet inaccessible to the NFT marketplace.
Meeting the challenge
With crypto volatility only increasing, and NFTs still growing in popularity, the threat of fraud will only intensify for merchants and marketplaces. To meet this challenge, exchanges and other market participants must take direct action to mitigate against chargeback risk.
Some marketplaces are on the front foot, fighting chargebacks by limiting how quickly users can make withdrawals after creating an account. NBA Top Shot, for instance, only provides withdrawal access to traders who have been with the platform for a number of weeks, rooting out those looking to make a quick NFT purchase and then file a chargeback claim.
This is a solid policy, but it’s not foolproof. Exchanges should take further steps to protect themselves, such as implementing a rigorous customer verification system. By gathering a user’s information when an account is created, marketplaces can position themselves to more effectively fight subsequent fraudulent transaction disputes.
Finally, exchanges and other NFT players should make sure they have an effective mitigation strategy in place to promptly gather and submit evidence in the event that a chargeback dispute is initiated. Fast-growing businesses such as crypto and NFT operators are unlikely to have well-established in-house infrastructure, but with chargeback volumes skyrocketing it’s important to find a solution that can help you meet card issuers’ requirements and win more disputes.
A growing concern
Chargebacks are a growing concern for businesses of all kinds, but the crypto and NFT space is especially vulnerable precisely because it’s growing so quickly. Many cybercriminals are looking for opportunities in this poorly regulated sector; many legitimate customers are confused and overextending themselves; and many businesses lack the resources and tools to properly protect themselves.
Building effective chargeback mitigation capabilities might not sound like a key priority for blockchain innovators. But the reality is that whether your customers are trading NFTs or speculating in crypto, your ability to manage chargebacks could determine your company’s success or failure in this exciting but high-risk market sector.
About the author
Roenen Ben-Ami is Co-Founder and Chief Risk Officer of Justt.ai. He is an expert in the field of payments and chargeback mitigation. Previously, Roenen led the chargeback and merchant risk teams at the payments service provider Simplex, which successfully recovered millions of dollars a year. He also served for nine years in an elite military intelligence unit in the Israeli Defense Forces, attaining the rank of captain and spearheading the creation of an innovative operations department focused on change leadership, human resource development, and risk management.