We don´t blame the thief when we don´t lock our bikes
There has been a lot of buzz recently around fraud within the MSP community. Scammers are increasingly sophisticated in their approach and the fear is this can even bankrupt some MSPs. Not with Deftpower.
Fraud management is and always will be a cat and mouse game which calls for a mixture of foresight and pragmatic responses. We, in close collaboration with our clients, have built dozens of algorithms that flag suspicious user behaviour and charging sessions. Where there is a high likelihood of fraud, users are blocked from further charging early on – even stopping their ongoing session(s) cold - preventing losses for our MSP clients.
Here is a list of some of the criteria we use to detect fraud:
· Too many concurrent sessions from one user
· Impossible distance travelled between two charging stops
· Very high energy consumption from one user
· Auto-block when charging session not paid in time
Solutions to prevent fraud should go further than forcing users to pre-pay into wallets (bad UX) or reserving a fixed amount on the user’s payment method at the start of the transaction (expensive and error-prone).
There are also weaknesses in the system which the MSP cannot control, notably that 25% of CPOs do not share session updates at the start of the session, which prevents earlier detection of suspicious behaviour and rapid response.
The recent spike in fraudulent activity should be taken seriously, but it should also be placed into context. Any industry must eventually learn to deal with fraudsters. It is a sign of a maturing market and a signal that we need more mature MSP platforms.
This is bad news for platforms that are not as secure because any vulnerable platform becomes a target of opportunity for bad actors, who follow the path of least resistance.
I also wish to highlight that fraud is not the largest issue currently facing this industry. That, for me, is still the incorrect (or missing) Charge Detail Records (CDRs) from the CPOs. This year 5% of CDRs we received from CPOs are erroneous and this represents a huge amount of cash. We identify and correct 99% of them with our platform, meaning our clients and EV drivers are protected from wrong invoices and frustrating customer support experiences. But building tech to validate CDRs just because these vital records are simply “dumped” at the MSP desks unchecked is frustrating and, if our aim is to increase the profitability of our clients and the satisfaction of their customers, a greater systemic problem for this industry than fraud.