Breadcrumb

First, Second and Third Party Fraud

Written by

The GoCardless content team comprises a group of subject-matter experts in multiple fields from across GoCardless. The authors and reviewers work in the sales, marketing, legal, and finance departments. All have in-depth knowledge and experience in various aspects of payment scheme technology and the operating rules applicable to each. The team holds expertise in the well-established payment schemes such as UK Direct Debit, the European SEPA scheme, and the US ACH scheme, as well as in schemes operating in Scandinavia, Australia, and New Zealand. See full bio

Last editedSep 20212 min read

As we move further and further towards digitisation of all business processes, fraud prevention is becoming a more crucial part of any business strategy. Fraud can be defined as using deception to gain an unfair advantage in some way, but there are many different ways that this may occur, including theft of identity, data theft, or hiding intentions. To effectively fight fraud, it’s important to understand the different forms, which can be broken down into first party fraud, second party fraud and third party fraud.

We’ve put together this simple guide to explain the differences between these forms of fraud and how you can protect against them.

First party fraud

1st party fraud can be summarised as an individual or organisation misrepresenting their identity or providing some incorrect information as part of an official transaction. There are a number of different ways in which this might occur:

When applying for a loan or business credit, the applicant may aim to receive better rates by providing false information, such as lying about employment status or salary.
When a customer makes a purchase using a credit card and then denies this to their provider, leaving the retailer to pay the chargeback.
Claims of non-delivery. A customer may order a product online and then claim that it has not been delivered, asking for a full refund.
Some customers will buy an item with the intention of using it before returning it for a refund, in a process that is sometimes known as ‘de-shopping’.

Second party fraud definition

Second party fraud is more complicated than 1st party fraud, and the usual indicators of fraud may not be present, making it more difficult for a business to detect. In a nutshell, it refers to situations in which an individual provides someone else with their personal information so that the second party can commit the fraud. The associate may order goods or services from devices that are not linked to the original account, which can cause the fraudulent transactions to appear legitimate.

A common example of second party fraud occurs when customers are attracted by fraudsters offering a quick way to make some money. The customer is convinced to accept funds in their account and transfer them to another bank account on behalf of the fraudster, and in return they keep a percentage of the funds. This constitutes a form of money laundering, and the people who are made complicit in the fraud are known as money mules.

Third party fraud

Third party fraud is the most common of the three types of fraud. This occurs when the fraudster takes an innocent person’s identity or details without their knowledge, or when a new identity is created from stolen details. This may then be used to fraudulently purchase products, services or credits. A large portion of third party fraud is carried about by organised crime rings, and this therefore tends to be part of a larger operation.

Some examples of third party fraud include:

Loan stacking, where a fraudster will apply for a number of different loans using a false identity and then doesn’t pay these loans back.
Account takeover, where the fraudster assumes control over a victim’s account, usually using information that was acquired by phishing.
Taking out contracts using another person’s identity, such as phone contracts.

Fraud prevention

It can be difficult to keep fraud under control in the digital space, particularly as fraudsters develop tactics to avoid detection. There is no single solution that can be applied to all different kinds of fraud, but technological advancements can help you to secure your business. For example, many banks and organisations have developed artificial intelligence tools that allow you to check whether a customer’s documents are genuine. In conjunction with this, banks can build detailed customer profiles using behavioural analysis, malware assessment and device management to identify any consumer behaviour that appears unusual.

We can help

GoCardless helps you automate payment collection, cutting down on the amount of admin your team needs to deal with when chasing invoices. Find out how GoCardless can help you with ad hoc payments or recurring payments.