A blank screen POS sitting on the counter in the middle of a busy store.

What is second party fraud

Sunday, December 06, 2015

Business transactions become increasingly digitized with each passing year, and consequently, digital fraud is on the rise. Implementing fraud detection and protection measures has never been more important than it is today, in part because fraud can have devastating financial and legal implications for any business.

Fraud can come in various forms but is broadly defined as gaining an unfair financial advantage through deceptive means. In general, there are three main types of fraud: first-party fraud, second-party fraud, and third-party fraud. These three varieties have subtle differences and include practices such as identity theft, data theft, chargebacks, and fronting. Let’s briefly discuss the other main types of fraud before taking a close look at second-party fraud.

What is first-party fraud?

First-party fraud occurs when a person knowingly gives false financial information or misrepresents their identity for financial gain. An example of first-party fraud is lying about employment status or income to qualify for a better interest rate.

First-party fraud also includes activities like taking out a loan or line of credit with no intention of repaying the loan. This type of first-party fraud could look like a customer making a large purchase and refuting the charge as fraudulent with their bank or credit card company. If the purchase looks suspicious enough to seem fraudulent, the bank may automatically refund the account holder for the money, leaving the merchant or retailer to foot the bill.

What is third-party fraud?

Third-party fraud, generally known as identity theft, occurs when someone uses another individual’s personal identifiable information (PII) for financial gain or to make purchases. Identity fraud is more easily detected and identified than the other two types of fraud and has a clear victim.

An example of third-party fraud is when a fraudster impersonates another person’s identity to deceive that person’s bank. This type of account takeover (ATO) can happen when a fraudster gains an individual’s personal details, such as their social security number, usually through methods like phishing or malware.

What is second-party fraud?

Now that we’ve briefly discussed first and third-party fraud, let’s talk about second-party fraud. Second-party fraud, sometimes referred to as friendly fraud, is one of the most difficult types of fraud to detect. This is partly because second-party fraud is much more complicated and nuanced than first-party or third-party fraud.

Second-party fraud happens when a person gives their personal information to a friend, family member, or acquaintance to commit the fraud. The “second party” will then make purchases through a device that isn’t linked to the cardholder’s account. This process makes this false fraud look like legitimate third-party fraud. It can therefore be difficult for the bank or credit card company to prove that their customer willingly participated.

Real-world examples of second-party fraud

Some fraudsters have found ways to participate in second-party fraud through money-making schemes that prey on individuals experiencing financial difficulties. These schemes often involve convincing an innocent party to agree to a fund transfer from the fraudsters account to the customer’s account before the money is then transferred to a third account. This is considered money laundering and the customers who accept the funds into their accounts are called money mules.

Second-party fraud can impact any type of retailer, but grocery stores may actually see a higher frequency of this behavior, typically in the form of gift card fraud, because grocery stores sell a high volume of gift cards.

While there are several common types of gift card fraud, one method involves money laundering and money mules. This scam lures people with the promise of easy money or lucrative work-from-home jobs. Once “hired”, the employee agrees to accept funds into their bank account and then transfer these funds to gift cards. Gift cards are difficult to trace and subject to fewer fraud detection efforts.


Second-party or friendly fraud is one of the trickiest types of fraud to identify and prevent. Because the person whose identity is being used to commit the fraud has willingly agreed to participate, the usual characteristics of fraud aren’t present and criminal activity can be difficult to prove. These factors make it even more vital to implement tactics to protect your company from fraud.

Staying ahead of second-party fraud can be an ongoing and challenging prospect in the rapidly changing digital world. Monitoring data and taking steps to protect you and your business from fraud has never been more crucial. Data security has evolved to keep pace with modern threats and Heartland has too.

Keep your sensitive data safe from fraud with Heartland

Heartland is the point of sale, payments and payroll solution of choice for entrepreneurs that need human-centered technology to sell more, keep customers coming back and spend less time in the back office. Nearly 1,000,000 businesses trust us to guide them through market changes and technology challenges, so they can stay competitive and focus on building remarkable businesses instead of managing the daily grind. Learn more at heartland.us.