Fighting Fraud in the Metaverse
Once upon a time, the internet was something you surfed from your desktop. Then it became something you could access from a pocket-sized device. The next step, as the industry sees it, is going inside and experiencing the internet as an immersive virtual world.
The internet to come is known as the Metaverse, and once consumers start flocking to it, it’s likely to become the next big hub for e-commerce—and wherever you see lots of digital payment activity, you are sure to find fraudsters. Once commerce and payments take off in the Metaverse, what types of fraud will virtual merchants need to watch out for?
While the Metaverse hasn’t taken over our lives yet, it is already here. Games like Second Life gave people a taste of creating avatars and building communities with them, while games like Pokemon Go have shown how augmented reality can allow virtual worlds to bleed into the real one. Meanwhile, systems like the Oculus have made high-quality virtual reality experiences accessible to a wide range of users.
But there are possibilities for virtual experiences that can go beyond gaming and entertainment. When all of these experiences can be interlinked into a seamless, immersive experience, the Metaverse as promised will have arrived.
One thing that all of these proto-Metaverse platforms have in common is that they include ways to buy and sell virtual goods within the platform. This could mean upgrades for a game or purely cosmetic adornments for your avatar. In some cases they’re bought with in-game currency, in others with real money.
The Metaverse will present opportunities to buy and sell not just ephemeral digital items, but actual physical goods—your avatar could walk into a virtual store and examine 3-D models of real merchandise, and when you decide to buy something you could complete the transaction in the virtual store and have the physical products shipped to your home.
Every e-commerce merchant can imagine the opportunities presented here, but experienced merchants already know that as soon as they start selling goods in this interconnected virtual world, they’re going to start getting hit with fraud.
While it’s too soon to predict exactly what forms these attacks will take, industry analysts are already sounding the alarm and encouraging merchants and financial institutions to start preparing themselves.
What Is the Metaverse?
The Metaverse is a term for a new evolution of the internet that exists primarily as virtual 3-D environments, rather than on web pages and apps. The term has been around for a while, but it really took off when Facebook changed its name to Meta and announced its plans to focus on this new environment. With other tech giants like Microsoft turning their attention toward Metaverse development, it’s only a matter of time before it reaches the point of widespread consumer acceptance.
How Will Commerce Work in the Metaverse?
Right now, banks, financial startups, blockchain innovators, and plenty of other companies who see the potential of the Metaverse are hard at work trying to establish a foothold to position themselves as a go-to solution for banking, payments, and commerce in virtual worlds.
The most obvious and familiar way to conduct Metaverse commerce is to use the microtransaction model currently employed by many games and apps. Whether these in-platform purchases use proprietary digital currencies or not, they usually require credit card payments (or platforms like PayPal) as their funding source.
Many Metaverse developers, however, are envisioning a more modern payments landscape in which blockchain technology, cryptocurrency, and open banking principles are used to create a flexible, less restrictive system that puts more control in the hands of consumers. NFTs, currently a speculative investment vehicle, could have much more practical use in virtual environments, allowing users to own unique digital goods that they could take with them from platform to platform.
How Can Fraud Occur in the Metaverse?
While blockchain technology is far from fraud-proof, its advocates are right to point out that it includes many security and privacy features that would thwart many common, low-effort fraud schemes. As is so often the case, the biggest fraud risks are payment card transactions, whether they take place within the Metaverse itself or are used outside of it to purchase digital currencies.
One major threat on the Metaverse is likely to be account takeover fraud. No matter how many security features you bake into a service, none of it will do much good if users are careless with their private data or succumb to phishing attacks. When a fraudster obtains a user’s login credentials, they can access their account, impersonate them, and spend their stored funds or digital currency.
Cryptocurrency can mitigate many of the fraud risks specifically associated with payment cards, but they aren’t a perfect solution yet. Establishing a cryptocurrency that is stable enough to use for commerce instead of investment remains a challenge, and consumers may balk at the irreversible nature of crypto transactions.
Once you’ve etched a payment into the blockchain, there’s no authority you can appeal to for a chargeback. Merchants may like the sound of that, but it’s up to consumers whether they want to take that risk.
It’s also important to note that the novelty and unfamiliarity of all of these new technologies means that it will be hard to predict the new scams that might arise when fraudsters can create digital avatars and inhabit virtual environments. It could take a while for widespread awareness of best practices to solidify, and enterprises that plan on leading the charge into this new frontier should be prepared to have their security systems and policies put to the test.
Just as mobile commerce was once an option but soon became a requirement, merchants may eventually be left with no choice as to whether or not to enter the Metaverse. If there’s a mass consumer movement toward virtual environments, merchants will have to follow.
The best plan for early-adopter merchants is to use payment systems that your customers are comfortable with, but protect yourself—follow Know Your Customer protocols, employ strong customer authentication methods, and use the best anti-fraud tools you can find. As the Metaverse matures, we will learn more about how fraudsters are trying to exploit it, so it will be important to stay well-informed about the topic in the days ahead.
- Managing BOPIS Chargebacks
- Understanding the UK’s Faster Payments Service
- A Seller’s Guide to eBay Chargebacks
- How to Detect Address Fraud
- The Mastercard Chargeback Arbitration Process
- How to Succeed at Chargeback Recovery
- Apple Pay Later: What Merchants Should Know
- Understanding Issuer Declines
- How to Make Sure Your E-commerce Website Is PCI Compliant
- Card Security Codes and Fraud Prevention