A hand holing a smart phone over a mobile POS device.

What is third party fraud

Saturday, December 05, 2015

Digital fraud is on the rise and implementing fraud detection and protection measures for your business has never been more critical. Fraud can have devastating financial and legal implications for any business without proper prevention and mitigation measures.

Fraud comes in a multitude of forms. but is broadly defined as gaining an unfair financial advantage through deceptive means. In general, there are three main types of fraud: first-party fraud, second-party fraud and third-party fraud. These three varieties have subtle differences and include practices such as identity theft, data theft, chargebacks, and fronting. Let’s briefly discuss the other main types of fraud before taking a closer look at third-party fraud.

First-party fraud

First-party fraud happens when a person knowingly gives false financial information or misrepresents their identity for financial gain. Examples of first-party fraud include lying about employment status or income to qualify for a better interest rate, and taking out a loan or line of credit without the intention of repayment.

Second-party fraud

Second-party fraud, sometimes referred to as friendly fraud, is one of the most challenging types of fraud to detect. Second-party fraud happens when a person gives their personal information to a friend, family member or acquaintance to commit the fraud. The “second party” will then make purchases through a device that isn’t linked to the cardholder’s account. This process makes this false fraud look like legitimate third-party fraud and can make it difficult for a bank or credit card company to prove that their customer willingly participated. Second-party fraud can also include money laundering and money mule schemes.

Third-party fraud

Third-party fraud encompasses any fraud committed against a financial institution or merchant by an unrelated and/or unknown third party. This type of fraud differs from the other two in that the customer is unaware of the fraudulent activity. In third-party fraud, the customer is the clear victim.

Of the three primary types of fraud, third-party fraud is the most common. Like other types of fraud, third-party fraud can levy a significant financial impact, so implementing robust fraud detection and management processes is vital. What can this type of fraud look like?

Common types of third-party fraud:

  • Account Takeover fraud (ATO) is a common type of third-party fraud. With ATO, a fraudster gains access to a customer's personally identifiable information (PII) and uses it to impersonate the customer. The fraudster can acquire this information through hacking or phishing. Phishing is when a fraudster tricks the victim into disclosing personal information by posing as a trusted entity. Once the fraudster uses this information to take over the customer’s accounts, they can drain funds and make fraudulent purchases.
  • Synthetic Identity fraud (SIF) is a type of identity theft in which the fraudster creates a false identity for use in fraudulent schemes. This false identity may comprise several different peoples’ personally identifiable information (PII) or use a combination of real and fake personal information. The critical difference between SIF and typical identity theft is that the identity is not a real person with SIF.

When building this new identity, fraudsters usually begin with a genuine social security number belonging to a person who is not using their credit, for example, children or a homeless individual. Fraudsters may use this false identity to secure loans, open lines of credit and scam government agencies.

  • False Identity fraud is the act of using a false identity to engage in criminal activity such as opening a line of credit or applying for loans.
  • Credit card fraud includes any fraudulent activity involving a credit card. This type of fraud can happen concurrently with other types of fraud, such as identity theft or SIF.
  • New Application fraud occurs when a fraudster applies for a line of credit, credit card or bank account using false information to purchase goods and services illegally.

Real-world examples

A frightening real-world example of third-party fraud is loan stacking. Loan stacking happens when a fraudster applies for multiple loans simultaneously, using a false or stolen identity with no intention of repayment.

Another example of third-party fraud is a fraudster adding themselves as an authorized user to another individual’s credit card to make fraudulent purchases.


Third-party fraud can be challenging to detect, posing a risk to you and your business. With the increasingly online nature of transactions, fraud has become more common and increasingly complex.

Combatting all three types of fraud may feel like an impossible task, but it can be done. By implementing malware detection, customer behavior analytics, and device assessment strategies, fraudulent activity can be detected and dealt with early and swiftly.

Staying ahead of third-party fraud can be an ongoing and challenging prospect in the rapidly changing digital world. Data security has evolved to keep pace with modern threats, and Heartland has too.

Keep your sensitive data safe from fraud with Heartland

Heartland is the point of sale, payments and payroll solution of choice for entrepreneurs that need human-centered technology to sell more, keep customers coming back and spend less time in the back office. Nearly 1,000,000 businesses trust us to guide them through market changes and technology challenges, so they can stay competitive and focus on building remarkable businesses instead of managing the daily grind. Learn more at heartland.us.