At first glance, it looks like a simple return or a routine dispute. But behind many of these transactions is a growing problem often mischaracterized as friendly fraud—a form of first-party fraud that costs organizations significantly and is increasingly normalized by consumers.
Although it has sometimes been called friendly fraud, there is nothing benign about exploiting organizations’ returns processes. What’s even more troubling is that a growing number of consumers feel justified in not paying for products and services they have ordered and received.
However, much of the information that’s critical to combating first-party fraud is already at many banks’ fingertips.
In a recent PaymentsJournal podcast, Craig Agulnek, Vice President of Product Management at Quavo, Brady Harrison, Head of Strategy and Execution at Equifax, and Jennifer Pitt, Senior Fraud Analyst at Javelin Strategy & Research, discussed how financial institutions can identify this data and leverage it to embed first-party fraud defenses into their workflows.
From the Background to the Forefront
One of the challenges in addressing first-party fraud is that it encompasses a wide range of scenarios. For example, a customer may not recognize a valid transaction on their statement and dispute it in error. Conversely, first-party fraud can also be a coordinated effort by networks of bad actors who have identified and exploited vulnerabilities in a company’s systems.
While fraud operations are a constant thorn in organizations’ sides, what’s equally alarming is the broader consumer mindset.
“More people are feeling like, ‘It’s OK, I’ll just defraud this merchant,’” Harrison said. “Where we have inflation, cost of living, and other pressures, more folks feel like, ‘I don’t want to pay for this item.’ It’s not every order or even every attempt. I’ve had conversations with quick-service restaurants where it’s only ever the fifth order or the tenth order where folks are like, ‘I don’t want to pay for this.’”
Some consumers are more inclined to engage in this type of fraud when dealing with larger merchants they believe can more easily absorb the costs of fraudulent returns. Although a customer may feel that a low-dollar fraudulent return has little impact, these charges quickly add up.
“First-party fraud has moved from the background to being an issue at the forefront,” Agulnek said. “It makes up about 70% of all credit card fraud cases and it’s costing the industry $132 billion every year—so it’s not an edge case, it’s the majority of the problem.”
“What we’re seeing is fast acceleration,” he said. “In 2024, 79% of merchants reported experiencing first-party fraud, where in the prior year, it was just 34%. That kind of increase shows you it’s not slow moving. It’s a fast trend, one that catches wind very quickly when you think about social media impact and trends that are popular to gain additional funds or take advantage of the system.”
Untapped Data Sources
Rising customer expectations have exacerbated these issues. Today, consumers expect immediate responses and fast refunds with few questions asked, putting tremendous pressure on institutions to resolve disputes quickly.
As a result, institutions are dealing with significantly higher transaction volumes, elevated customer expectations, increased intentional abuse, and little room for error. Yet the same technologies that have raised these expectations can also benefit financial institutions. Better still, many institutions already have these capabilities at their disposal.
“Institutions have access to these data sources, but they may be siloed across their financial institution,” Agulnek said. “Claims history is the top one; a lot of banks and credit unions will look at disputes one at a time instead of seeing the pattern over months or even years. How often does someone file, how quickly do they file a dispute after a purchase, and is this repeat behavior across merchants or merchant types?”
Many organizations have access to rich behavioral data, such as sudden device changes, shifts in login behavior, and unusual account activity. While these signals often surface before a dispute is filed, they are rarely incorporated into the review process until a transaction has already reached the chargeback stage and fees have been incurred.
Moreover, contextual data from merchants and transactions is frequently underutilized. Certain merchant types, fulfillment models, and subscription behaviors introduce predictable friction points where first-party fraud is more likely to occur.
When organizations fail to leverage the risk signals embedded in these data sources, they are often left without clear guidance on how to respond.
“The challenging bit is that we’re not efficiently separating a true third-party dispute under the regular fraud and dispute programs, and this whole other thing that’s potentially being counted in that bucket,” Harrison said. “How can we separate friendly fraudsters—people who are abusing the system? That feedback is helpful for helping people come to the correct conclusion earlier.”
Stepping Out of the Sandbox
Even the institutions that excel at identifying risk signals within their own organizations are not immune to first-party fraud. More financial services companies are offering a wider range of products than ever before, which means organizations can no longer rely solely on data from within their own domains.
“I’m a big travel card person, so if you’re just looking at my DDA account, you might not have details about what my normal transaction spend is on my rewards credit card,” Harrison said. “Also, my wife and I share a credit card, so if you’re just looking at Brady’s dispute data, you may miss that most of the disputes are on his wife’s card, because that’s the card that gets used or gets stolen.”
With such a proliferation of products, painting a clear picture of an individual’s financial situation is often challenging. Institutions must account for additional factors such as a customer’s household, devices, and physical location to gain a more complete and accurate view.
“Those that live in the same household tend to have the same banking relationship, but then you look at modern day fintechs that have child-friendly financial-education-geared applications that are also banking applications,” Agulnek said. “How do you bring those together and do it in a secure way?”
“By leveraging the vast amount of data, you can see those links and bring them together,” he said. “You can start to breakdown the profile of the individual by seeing more of their holistic profile across different institutions.”
Sharing the Details
Although many financial institutions have been reluctant to share protected customer data, participation in the broader financial services ecosystem has become imperative. Bad actors, after all, gain an advantage by rapidly sharing data and tools across networks—an agility that banks can’t afford to ignore.
“You might have heard of the TikTok/Chase glitch that happened last year,” Pitt said. “Essentially, there was a viral social media post where somebody posted saying, ‘You can go to a Chase Bank ATM, put in any sort of check—whether it’s fake or if it’s an amount over the amount that you have in your account—and you can immediately get cash out.’”
“Chase was able to connect the dots pretty quickly and stop that, but these fraudsters then went on social media and said, ‘Chase Bank figured this out, let’s go to these other banks that haven’t figured it out yet,’” she said. “Unfortunately, there were several other banks that were hit with the same fraud. If they had been privy to this collaborative effort and this information sharing, they wouldn’t have been hit with that type of fraud.”
Along with data-sharing hesitations, other obstacles hinder the development of a unified financial services data solution, including the limitations of legacy technology systems and a complex regulatory and compliance environment.
Still, the escalating costs of first-party fraud make it untenable for organizations to keep data close to the vest.
“We hear disputes cost from $50 to hundreds of dollars to manage,” Harrison said. “If you look at it from that lens of, ‘How many of these disputes could I eliminate?’, it’s like, ‘How can I go find information outside of my individual institution with extra detail about that consumer or grabbing details about that individual event?’”
Avoiding the Overcorrection
It has become critical for institutions to implement measures to mitigate first-party fraud, as economic and retail challenges are likely to worsen before they improve. Persistent inflation, sustained consumer pressure, and the growing social acceptance of first-party fraud are expected to continue.
Despite these challenges, financial institutions should avoid responding by ratcheting up dispute controls to an unreasonable degree.
“If I have a dispute with a bank and they put me through the wringer on proving it wasn’t me and signing all these forms, that’s probably a one-time experience with that institution,” Harrison said. “We don’t need an overcorrection, it’s how can we sort and divine those transactions and events, separating good consumers who have a valid dispute from people who are abusing their rights to dispute a transaction.”
Identifying first-party fraud is particularly challenging, especially for smaller institutions. However, platforms like Quavo’s QFD® can maximize the value of data financial institutions already generate, connecting insights across transactions to reveal the bigger picture.
“That’s what our approach brings together,” Agulnek said. “QFD unifies the internal signals that matter, adding in cross-institution identity that makes those signals more meaningful. When you automate routine work and put intelligence at that point of decision, schemes can resolve cases faster and focus on what truly matters.”
“That speed directly drives higher card and account usage, more towards top-of-wallet, stronger account holder trust, and a more efficient and scalable operation—all wins for the financial institution and wins from their customer perspective as well,” he said.
