QSR Orders Have Gone Digital And Fraudsters Want A Piece Of The Pie
by PYMNTSIf you were to hop into a time machine and take a look at the quick-service restaurant (QSR) space a mere five years ago, the segment would look incredibly different than it does today. Digital barely existed among QSRs, and custom demand for it was nearly nonexistent.
In fact, the most technologically advanced thing you were likely to encounter “was a clown at the drive-thru with a microphone in its mouth,” said Rich Stuppy, chief customer experience officer at fraud prevention firm Kount.
But all of that has evolved massively in the past half-decade, Stuppy told PYMNTS during a recent interview. He said QSR chains have adopted a whole host of digital capabilities. Many have built an entirely new interaction path for customers via order-ahead capabilities, reloadable top-ups for gift cards and loyalty offerings, all neatly nestled together in a mobile app.
Stuppy said that created a bifurcated world of QSR interactions between “[one] group of consumers able to choose between interacting physically or digitally and a whole other group [that would] stay physical only.”
But due to COVID-19, that second set of consumers has disappeared nearly overnight.
“That group had some serious ‘necessity-is-the-mother-of-invention’ moments and has managed over the last few weeks to get fully on board [with] digital,” Stuppy said. “Because if they didn’t, they weren’t going to get the things they wanted.”
He noted that the pandemic realigned the QSR order space, with digital going from a “nice-to-have extra” to a matter of complete necessity. The expert said he’s been impressed to see QSRs of all kinds rise to the occasion over the past several weeks in terms of building “amazing digital customer journeys” that have kept consumer bases satiated.
But, Stuppy noted that at every point in the consumer journey, QSRs have added elements like loyalty rewards and contactless payment paths that delight not only customers, but also fraudsters. He said the bad guys view every upgrade as a new opportunity to insert themselves into the process and illegitimately extract value from consumers and businesses.
That’s value that the low-margin QSR industry can hardly afford to lose, especially in today’s uncertain times. That’s why Stuppy said QSRs working hard to build their digital consumers’ journeys need to address fraud controls from the start.
“If they don’t think about it in advance and put the controls in place, they’re going to make this huge investment in their infrastructure [only] to watch it go to waste or need to be rolled back,” he said. “The fraudsters will use those same features and capabilities that [QSRs] are trying to provide to their customers to commit fraud.”
More Than Just The Risk Of An Occasional Stolen Pizza
Stuppy noted that in many cases, QSRs have a reflexive tendency to dismiss fraud dangers because they sell a relatively inexpensive product. Kount staffers are often asked: “How many pizzas or hamburgers could the fraud community really be after? Who’s really stealing pizza?”
“And I tell them that we see hundreds of millions of dollars of stolen pizza and hamburgers — and everything else you can see happen — every single year,” he said.
How the frauds are structured varies. One particularly popular method, which got its start among pizza places that offered deliveries and consumer accounts, is called “pizza plugging.”
Fraudsters advertise to consumers looking to order take-out — offering, say, $50 of food delivery from a specific restaurant in return for a $12 direct payment. Once the fraudster is paid, they compromise a legitimate customer account, place an order using a saved payment method and have the food shipped or ready for pickup.
This particularly popular method of hacking consumer accounts makes up roughly $1 billion in fraud losses per year for restaurants, Stuppy said. That’s red ink that those establishments can hardly afford, given the historically low-margin nature of food services.
Restaurateurs and QSRs need to partner with segment experts like Kount to secure their systems, he said. While there’s a temptation to want to build everything in-house, working with a fraud prevention provider will ultimately pay dividends to the merchant.
“We are seeing, tracking and monitoring fraud across all of our customers and in real time,” Stuppy said. “A business client is basically benefiting from the experiences and the data — safely and securely — and from our ability to analyze all that data.”
He said that that businesses should consider these partnerships to “do some serious productive work in a very short amount of time.”
Get Ready For The ‘New Normal’
Stuppy said he believes it’s time for QSRs to elevate their fraud prevention tactics, given how quickly digital services went from being a niche concern to being a leading point of interest for the vast majority of customers. He added that the landscape isn’t going to get less digital when the “new normal” presents itself.
If anything, Stuppy said he predicts that consumer expectations for digital are only going to grow.
“Consumers will expect seamless customer experiences — friction-free, fast, real-time — combined in an immersive experience,” he said.
Of course, he said he also expects the fraudsters to follow, as they always do. Fighting back won’t necessarily mean locking down systems to make them much tighter than they are today. After all, false purchase declines tend to be a terrible experience for legitimate consumers trying to order dinner.
But, Stuppy noted, the changes are coming because they have to — and offering an enhanced digital product will require the ability to fully secure it from end to end.
“I think all of these advanced security concerns can be very manageable and well-balanced, if one is willing to do it right,” he said.
And these days, Stuppy noted, many restaurants seem especially willing.