If you want to explore the galaxy from your dentist’s waiting room or conquer a neighboring kingdom during a bathroom break, mobile games have you covered. Today’s smartphones and tablets can deliver the full range of gaming experiences, and when you add in-game purchases into the mix, mobile games can become quite lucrative for developers.
Unfortunately, mobile gaming attracts a lot of fraud, from both cybercriminals hoping to make a profit and ethically-challenged gamers who just want free in-game goodies. What types of fraud schemes target mobile games, and what can game companies do to prevent these attacks?
- Why Do Fraudsters Target Mobile Games?
- What Are the Most Common Mobile Gaming Fraud Schemes?
- How Can Companies Prevent Mobile Gaming Fraud?
You might be able to play mobile games on pocket-sized devices, but there’s nothing small about this industry. In the U.S. alone, there are more than 155 million mobile gamers spending over $20 billion per year on their favorite games.
Many games follow a free-to-play model, where players can download and access games without charge but purchase additional items, such as in-game currency or customization options, through in-app purchases.
Some players will spend thousands of dollars on their favorite games, which is part of the reason why the industry is so profitable. It’s also part of the reason why it’s a common target for fraud and chargebacks.
Mobile gaming is a magnet for fraud—true fraud as well as “friendly fraud” chargebacks. Retailers that sell digital games can expect to deal with a high volume of disputes on a regular basis, especially if they offer in-game purchases.
To protect against this risk, merchants must implement measures to mitigate revenue loss from fraud and chargebacks while still allowing legitimate customers to make purchases without disruption or delay.
Why Do Fraudsters Target Mobile Games?
Mobile gaming fraud can be a complex problem to address because the fraud comes at you from two distinct groups: the “professional” fraudsters, who are just trying to exploit your game to make a quick buck, and the gamers who actually play your game but are willing to engage in friendly fraud and other shady behavior in order to obtain in-game benefits.
Serious fraudsters target mobile games because there are ways to monetize compromised accounts. Some players are willing to spend exorbitant amounts of money on mobile game accounts that come with a high-level character, rare loot, or loads of in-game currency. Fraudsters who can steal or create a high-value account can sell it for real money.
As unpleasant as it can be dealing with cybercriminals, it can be even more frustrating when the fraud is coming from your actual customers.
Ever since the bygone days of Nintendo cheat codes, gamers have been tempted to find ways to skirt the rules, and some will apply this logic to your in-game purchases.
They’ll tell themselves that digital goods in a mobile game have no tangible value and therefore they aren’t really hurting anyone by making an in-game purchase and filing a friendly fraud chargeback afterward. This attitude often extends to the parents of younger gamers, who might see a triple-digit (or worse) charge on their credit card statement and call their bank to dispute it, even though they knowingly gave their child access to their payment credentials.
What Are the Most Common Mobile Gaming Fraud Schemes?
- Credit Card Fraud
Mobile game developers and companies face a unique challenge when it comes to credit card fraud. Fraudsters are able to exploit mobile games as an ideal platform for testing stolen credit card numbers, with quick creation of an account allowing them to make small purchase attempts. If successful, they will then proceed to increase their in-game funds with larger purchases.
This not only affects the game company through fraudulent transactions, but it also directly disrupts other players’ experiences by artificially increasing a fraudster’s power. Therefore, mobile game companies must take active steps to prevent credit card fraud and protect their players.
- Account Takeover
Fraudsters have a variety of techniques for gaining access to high-powered accounts. Phishing attempts, malicious software, and brute force attacks are all methods that allow hackers to penetrate an account belonging to another user.
Once inside, the fraudsters may use their access to purchase goods with real money or in-game currency, which they can then transfer over to a new account. They may also change the login credentials and attempt to resell the high-powered account itself.
- Friendly Fraud
Buyer’s remorse often follows a big in-game spend, especially if the player was purchasing random loot boxes or other digital goods with a high potential to disappoint. It’s easy to click “buy” in the heat of the moment, but many players feel regret when they realize they’ve spent more than they wanted to, and they deal with those feelings by asking their bank to give them a chargeback.
Of course, some players will make purchases with every intention of falsely disputing them later. It’s also important to note that it’s still friendly fraud when cardholders dispute charges made by their children or other family members. When a cardholder gives somebody access to their stored payment credentials, they are liable for the charges that person makes.
How Can Companies Prevent Mobile Gaming Fraud?
One way to reduce the threat of credit card fraud is by requiring additional verification for large purchases and suspicious activity. This may involve using an external verification system such as a third-party provider, or having additional steps in the game’s purchase process to confirm the identity of the player. Additionally, monitoring patterns of user behavior can help identify fraudulent transactions early on, allowing companies to quickly shut down any accounts linked to fraudsters.
Anti-fraud tools and strong authentication protocols can reduce the number of true fraud chargebacks you get due to credit card fraud and account takeover attacks. Device identification is a huge component of detecting mobile fraud, as most players log in from the same devices consistently. One way to catch account takeover early is to send users a notice whenever their account is accessed from a new device.
Dealing with friendly fraudsters is more challenging. The standard advice for e-commerce merchants is to fight back with chargeback representment every time and blacklist offending customers.
Gaming companies may find that some of their worst-friendly fraudsters also make a large amount of non-disputed purchases, and may be influential figures in the community surrounding your game. Word of mouth goes a long way among many gamers, especially in mobile games with a strong social component. Making your power players upset carries risks, even when they’re completely in the wrong.
To be clear, merchants should still fight friendly fraud whenever they encounter it—your revenue, reputation, and merchant account must always take priority. However, it pays to know your players and reach out to them to make sure they understand what actions might lead to account cancellation and other consequences. If you can defuse a potential dispute by offering a refund, it’s usually in your best interest to do so. Excellent, attentive, always-available customer service is the best defense against friendly fraud.
Mobile gaming companies face unique challenges when it comes to fraud, disputes, and chargebacks. To protect yourself, you need a comprehensive strategy that addresses the root causes of your chargebacks and provides you with an operational framework for preventing, avoiding, and fighting them as needed. With an informed approach, the right tools, and expert guidance, you can significantly reduce mobile gaming fraud on your platforms.
Thanks for following the Chargebackpros blog. Feel free to submit topic suggestions, questions, or requests for advice to: email@example.com