What is Buy Now Pay Later (BNPL) Fraud?

Buy Now Pay Later (BNPL) Fraud encapsulates any fraudulent activity related to buy now, pay later platforms. BNPL fraud occurs mainly two categories: attacks on payment systems themselves, and fraud during onboarding for BNPL platforms. 

The Buy Now Pay Later (BNPL) market has grown substantially over recent years, largely spurred on by the pandemic and increased online shopping trends. In fact, between 2022 and 2026, the BNPL market size is expected to grow at a CAGR of 25.5%

Using Buy Now Pay Later solutions, online or in-person shoppers can break up the total purchase price into installments with supporting merchants. Typically, they will pay the first payment at the time of purchase, with the rest of the installments being due over the subsequent weeks or months. In this way, shoppers can delay the total payment with a nominal fee paid to the BNPL provider, who “lends” the money to the shopper by providing outright payment to the merchant. 

This form of consumer financing has certainly become more popular and will continue to take hold over the coming years among both consumers and merchants themselves. However, this growing and lucrative industry is also grabbing the attention of fraudsters, who are finding new ways to defraud vendors using the vulnerabilities of BNPL solutions. 

As BNPL providers balance security with ease of use for shoppers and merchants, it’s important to understand the unique challenges and risks associated with this payment method to keep all parties safe and protected. 

What is BNPL Fraud?

Buy Now Pay Later (BNPL) Fraud refers to any fraudulent activities related to these payment solutions. There are a few ways that fraudsters target BNPL solutions, one of them being through attacks on the traditional payment system to reveal payment details and other sensitive information for their own personal gain. 

Or, maybe the attacker will take over someone’s legitimate account to make purchases for themselves using BNPL solutions, hoping the cardholder won’t notice the smaller installment payments rather than one large payment. 

But, what BNPL Fraud more commonly refers to is the attempt of fraudsters to exploit or undermine the unique characteristics of BNPL solutions, especially the onboarding process. More specifically, fraudsters will attempt to manipulate the onboarding process in a way to purchase items from vendors using BNPL solutions, but never actually complete the rest of the installments. 

How Does BNPL Fraud Work?

Though Buy Now Pay Later solutions are legitimate and convenient for most who use them, there is still a risk of fraudulent activity that can take place. Here are some of the methods that are used to complete BNPL Fraud.

  • Account Takeover (ATO): In some cases of BNPL Fraud, an unauthorized party will gain access to a legitimate BNPL account using phishing, social engineering, or password guessing; following the account takeover, they will then make purchases using the victim’s credit card and may update the shipping address for themselves
  • Identity Theft: Fraudsters may use stolen personal details and financial information to create a fake BNPL account; they will use this account to make unauthorized purchases using the victim’s name and credit card details
  • Shipping Fraud: Attackers will use compromised BNPL accounts to make expensive purchases and manipulate the shipping data to divert the goods to a specific location that they can access
  • Friendly Fraud: Users with a legitimate BNPL account may initiate a purchase with an installment plan, but then dispute it hoping to get out of making the payments

As you can see, depending on the type of fraud that is initiated, the victim of this crime may be the BNPL provider directly, or a person whose identity has been stolen, payment method compromised, or BNPL account hacked. The variety of approaches and methods that criminals can take to pursue BNPL Fraud makes it more difficult to track down and prevent, though it’s not impossible. 

What are the Risks of BNPL Fraud?

BNPL Fraud can result in serious consequences, including financial losses and damage to the victim’s credit history. Both consumers and BNPL providers will need to stay vigilant so they can avoid these common risks of BNPL Fraud: 

Financial Loss

This is arguably the biggest risk of BNPL Fraud, which can either impact an individual consumer or the BNPL provider. If someone’s BNPL account has been hacked, and a purchase has been initiated using their saved payment method, it may be difficult to trace the crime and recoup their funds. Otherwise, they may be left on the hook to cover the fraudulent charges. 

In the case of fraudulent chargebacks or users’ claims of unauthorized activities on their accounts, the providers may incur financial losses since they still are obligated to pay the merchants for the goods or services. 

Credit Impact

If BNPL Fraud goes undetected or unresolved, the account holder may face a negative impact to their credit rating as a result. This may be the case if installment payments initiated by criminals using the victim’s information become delinquent and get reported on their credit history. 

Regulatory Compliance

BNPL providers must adhere to certain data security requirements like other financial services organizations. If they are unable to prevent and address fraud, they may face penalties like fees or other punishments as a result. 

Strategies to Prevent BNPL Fraud

It appears as if BNPL solutions will only grow more popular over the coming years. As such, both vendors and consumers will need to know the tools at their disposal to protect themselves from becoming a victim of BNPL Fraud. 

  • Identity Verification: BNPL providers should have robust identity verification processes during account creation to ensure that users are who they say they are
  • Transaction Monitoring: If you have an account with a BNPL provider, regularly monitor your transactions and bank account to detect any unauthorized payments; since the nature of BNPL breaks up the purchase into smaller installments, it can be easier for a fraudulent payment to go undetected
  • Fraud Detection: Providers should invest in sophisticated fraud detection tools to help detect any potential fraud and mitigate the incident before it has snowballed into something that is too hard to trace
  • Use Secure WiFi Connections: When accessing your BNPL account and making online purchases, make sure you are doing so from a device that is connected to secure WiFi