How did we drastically reduce fraud with a more agile and cost-effective approach?

In October 2023, we enhanced the checkout flow for credit card purchases by adding a step to validate card legitimacy. This change not only solved the issue of fraud with cloned cards but also delivered quick and surprisingly effective results.

As a Product Designer in a team composed of two developers, a Product Manager, and the CEO, I was responsible for understanding the problem in collaboration with all team members. I worked closely with the development team to identify and define viable, high-impact solutions that were directly implemented into the product. Additionally, I led the iteration and validation process with end users, ensuring the problem was effectively solved.

My role

How could we reduce the losses caused by wrongful credit card chargebacks?

In 2023, I worked as a Product Designer at Yogha, a prop-tech specializing in managing short- and mid-term rental properties. Our focus was to reduce costs and increase revenue through our booking website.

During a meeting with the CEO and the Product Manager about new initiatives, we were informed of a chronic issue: 99% of credit card booking disputes were caused by fraud, and this number was growing throughout the year, leading to losses that were passed on to the property owners listed on the platform. In response, I suggested running a sprint to investigate the problem and find effective solutions thoroughly.

The fact that anyone with malicious intent could use a credit card and then dispute the charge to get the money back made solving this issue extremely urgent. Addressing this problem could prevent the situation from worsening and save thousands of reais annually.

terviewing the heads of finance, customer service, and development, I sought to clarify:

Stakeholders Interview

The company had not implemented any security measures or used tools to detect fraud, and had never faced this challenge before. This gave us the opportunity to explore different solutions.

Financial Impact:

The most relevant metric we would use to measure any changes would be the number of chargebacks and the amount lost in disputes.

No Preventive Measures:

The most relevant metric we would use to measure any changes would be the number of chargebacks and the amount lost in disputes.

How Do We Measure?

I created a customer journey that served as the foundation for understanding and communicating to the team how fraud occurred. This journey acted as the entry point for discussing solution alternatives, helping to identify where we could intervene and assess whether the proposed solutions would effectively resolve the problem.

Customer Journey:

Figure 2: Customer journey illustrating the fraud process.

I created space for the development and product teams, along with myself, to discuss solution alternatives (Figure 3). I presented the journey, the problem, and its impact, taking into account the impact, cost, feasibility, and implementation time of each alternative.

Brainstorming:

In a unanimous vote, we decided that the most viable and effective option would be to implement an anti-fraud system. However, during the evaluation of an anti-fraud system, we realized that, in addition to its high cost, it did not provide complete protection against fraud, which could leave the problem unresolved. Given these limitations and the urgent need for a solution, we chose a more economical approach with quick implementation, one that could effectively solve the immediate problem within the project’s time and budget constraints.

Constraints and Trade-offs:

Figura 3: Resultado do Brainstorming com as solução priorizada.

It was believed that by adding a step to verify the legitimacy of the credit card in the registration flow, we would reduce fraud. This is because users who use cloned cards typically do not have access to the electronic invoices and, consequently, would not be able to view the charges, unlike the legitimate cardholder. We would know if our approach was effective once we observed a reduction in chargeback disputes.

Hypothesis:

To develop the solution, I created high-fidelity wireframes in Figma, leveraging the existing Design System. The implemented solution included an additional step in the card registration process, focusing on validating the cardholder (Figure 4). In this flow, a new step with two interactions was added: after the user fills in the address and proceeds to the next step, a temporary charge between R$ 5 and R$ 10 would be applied and refunded shortly after. The user would need to provide the exact charge amount to confirm the legitimacy of the card. Throughout the process, we kept users informed and guided them through each step, ensuring they understood the purpose of the validation.

Solution:

Expectation: We expected that this solution would not only reduce our problem but also prevent inconvenience for individuals whose cards were cloned and used fraudulently in our system.

Figure 4: Credit card registration flow with the new step included.

Interaction:

After the implementation, we periodically monitored data from Google Analytics and Hotjar to track user behavior on these screens, observing whether they were able to complete the flow without difficulties or if they encountered any friction.

Results

91,94%

0%

Chargebacks Due to Fraud

There were no significant changes in revenue or sales losses in the following months.

Reduction in Chargeback Losses

Screenshot of the 2023 and 2024 AsaaS report showing credit card purchase disputes made through the website.

The last chargeback dispute occurred in December 2023, indicating that fraud was effectively mitigated.

The addition of a validation step was effective in reducing chargebacks due to fraud, demonstrating that relatively simple and low-cost measures can have a significant impact on transaction security.

Teamwork and effective communication with stakeholders were crucial for the success of the project. Through this, I was able to understand the project's limitations before jumping into designing any solutions.

As next steps, we will continue to monitor the effectiveness of the validation, evaluate new security technologies, and gather feedback for continuous adjustments.

Thank you!

Learnings and Next Steps