Skip to Content Contact Us

Everyone Faces Fraud in Mobile Game Web Stores. But How Do You Fight It, Exactly?

Managing a mobile game web store can be a rewarding venture, with publishers increasing their margins by up to 25 percent per transaction. But selling outside the Apple and Google ecosystems also comes with its own set of challenges, particularly when it comes to fraud and chargebacks – which have grown by 20% annually.

Picture this: one of your players decides to file dispute claims on thousands of dollars worth of past transactions, for no justifiable reason. This is not a hypothetical scenario – it’s a real case we recently encountered in one of our partner’s stores. What do you do? How do you fight this?

There are typically two options as a publisher: issue an automatic refund, which of course means losing revenue.

Or, collect evidence – such as player activity logs and previous communication with the player – and file a counter dispute file to the bank.

Luckily for this publisher, they had us as their Merchant of Record (MoR) to fight their corner and win them back their money. But this anecdote is just one of many types of fraud that can plague mobile game web stores. From abusive dispute behavior to stolen credit cards, we’ve seen it all. Below, I share what to look out for and our advice for how you too could combat fraud.

Types of Fraud 

First thing’s first, let’s establish the 5 most popular types of payment fraud in mobile game stores:

1. Abusive Disputes 

One of the most common forms of fraud we see involves players abusing the dispute process. Players submit numerous disputes on payments they’ve been charged for, often due to dissatisfaction with the game or buyer’s remorse. In some countries, disputing payments is as simple as a few clicks in a banking app.

How to spot it: When a user sends a dispute, they must give a reason such as “Item not received”. You can spot an abusive dispute claim in this case by investigating player activity logs. If you see the item in question was added to the user’s in-game profile, their claim is highly likely to be fraudulent. 

1

2. Claims of Unauthorized Payments

Another frequent issue is players claiming someone unauthorized – such as their underage child – made the payment. 

How to spot it: If the payment was made using Google/Apple Pay, which requires authentication phases such as FaceID, it’s clear the claim is fake.

3. Creating Multiple IDs and Disputing Transactions

We also encounter players creating multiple accounts – for instance, if they get blocked by the publisher for chargeback abuse, or if they ask to be blocked as they’re addicted to the game, but then regret this and want to re-enter. They then proceed to submit unjustified chargeback claims out of frustration. This can create significant financial losses and administrative burdens for publishers.

How to spot it: A telling sign of this kind of fraud is if you find multiple player IDs, all associated with one email or credit card, that are sending disputes.

4. Using Multiple Credit Cards from Different Countries

An obvious one – fraudsters often use multiple credit cards from different countries to make fraudulent purchases. These cards are usually stolen, and the legitimate cardholders will eventually dispute the charges.

How to spot it: You can spot this kind of fraud by tracing a single user ID to multiple transactions all with numerous different credit cards. 

6

5. Emulator or Bot Usage 

Fraudsters are known to use emulators or bots that use stolen card information. These tools can manipulate in-game economies and generate unauthorized in-app purchases.

How to spot it: You can spot this kind of fraud if the same player sends numerous payment attempts in an extremely short amount of time. Your team or Merchant of Record should automatically flag this kind of activity.

Combating Web Store Fraud

Now that we have a better grasp of the popular types of fraud you’re likely to encounter, let’s switch gears to discuss how to combat them.

Fighting fraud without Apple or Google’s support may seem daunting, but there are various tactics that can help you limit fraudulent activity, or at least manage it effectively when it does happen. 

What’s more, you don’t have to do it alone. In fact, working with a gaming-focused Merchant of Record like Appcharge means you don’t have to do anything at all: we take payment disputes and fraud off your plate entirely, so you can focus on building a kick-ass web store. 

But whether you decide to handle fraud with in-house specialists or let an MoR take responsibility for everything, here are our tips for helping you run a tight ship: 

1. Maintain Organized Records of Player Activity

Ensure you have an organized record of player activity in your game, so you have a bank of evidence to help dispute false claims. 

2. Monitor for Unusual Patterns

Hire fraud analysts to monitor for unusual transaction patterns and flag transactions that seem suspicious. 

3. Use Anti-Fraud Engines

In addition to human-led monitoring, use dedicated fraud engines that leverage AI and machine learning to detect and block fraudulent transactions. Dedicated engines are generally more effective than the fraud technology offered by PSPs. The right engine will also know how to minimize false positive cases – in which transactions are blocked after being falsely flagged as fraudulent. 

4. Provide Alternative Payment Methods (like digital wallets) in your web store

In contrast to credit cards, most digital wallets (like Apple Pay) require another form of authentication to complete a transaction. With 5.3 billion users expected to use digital wallets by 2026 – more than half the world’s population – make sure you provide a broad range of digital wallet options to ensure every user gets their preferred method. In doing so, you’ll reduce the amount of fraudulent activity on your web store, increase your conversion rates, and provide a great UX.

New Revenue, New Headaches

Despite the ongoing battle publishers face against fraud, web stores present a tantalizing opportunity. The fact that Playtika earns 25% of their total revenue from D2C sales is testament to this. Other leading publishers, like Huuuge Games, are also seeing healthy growth in D2C revenue, expecting it to reach mid-teens as a percentage of total revenue in 2024. In other words, the juice is definitely worth the squeeze!

While some publishers may choose to handle fraud by hiring in-house specialists, most choose to use Merchant of Record providers to take on full responsibility for all of this.

If you’re interested in learning more about the day-to-day fraud struggles my team handles on behalf of our partners, reach out at appcharge.com, or drop me a message on LinkedIn!

Merchant of Record vs. Payment Service Provider: A Simple Guide For Mobile Game Developers

Selling directly to mobile gamers on a web store, outside of Apple or Google’s ecosystem, means you’re responsible for everything needed to sell globally.

That includes processing payments, handling refunds, chargebacks, and fraud, abiding by country-specific regulatory compliance, paying sales tax, and more. 

Publishers who wish to outsource some or all of these responsibilities generally have two types of providers to choose from – a Merchant of Record (MoR) – such as Appcharge, or a Payment Service Provider (PSP) – such as Stripe.

But there’s a big difference between these two solutions and what they cover, which is why we put together this guide. Let’s dive in. 

Merchant of Record vs. Payment Service Provider: A Quick Comparison

FeatureMerchant of Record (MoR)Payment Service Provider (PSP)
Provides payment processing tech 
Connects to banking network
Offers a broad range of payment methods
Protects against fraud(For additional cost)
Handles chargebacks and disputes(For additional cost)
Handles customer service issues(For additional cost)
Responsible for data securityDepends on service
Ensures tax compliance
Acts as the seller of record
Manages financial liability
Simple integration and setupDepends on service
Manages broader legal compliance

What is a Payment Service Provider?

Graphic representation of a digital transaction process using PayPal, featuring a clear and modern interface. The screen shows an option to buy coins for $9.90 with payment methods including Apple Pay, a hyperlink for faster payment, and traditional credit card entry. An orange alert box notes that PayPal only handles transaction facilitation, emphasizing its role in secure transactions

PSPs are the middleman between customer bank accounts and payment methods (like Visa or Paypal). They facilitate the payment transaction, and take a fee for this. 

PSPs do not serve as the legal seller nor do they assist with various other financial responsibilities shown in the table above.   

Examples of PSPs:

Stripe, Nuvei, Checkout.com, Adyen 

What you get with a PSP 

Payment processing: The core function of a PSP is the technology to accept various payment methods, process payments, and connect to the banking network.

Fraud Protection [for additional cost]: Some PSPs will give the option to pay for fraud protection in addition to payment processing. 

Chargebacks and disputes [for additional cost]: Chargebacks are a real financial and time burden for merchants. Some PSPs will offer a service to handle chargebacks for an additional fee.

What kind of gaming company should use a PSP? 

Choosing a PSP instead of an MoR makes sense if your game is heavily focused on one market, and therefore doesn’t need to pay fees for international coverage and global tax compliance. Such companies can still supplement the core payment processing functionality of a PSP with additional features like fraud protection and chargeback support, for extra fees. 

Another scenario in which a PSP might make most sense is when publishers have already built their own D2C ecosystems, with in-house finance specialists. They might need only the payment processing technology of a PSP and not the whole payment operations stack of an MoR. 

What is a Merchant of Record?

Screenshot of a mobile game purchase screen from 'Space Race', featuring a 'Welcome Offer' for $19.90. The offer includes 100,000,000,000 coins, 2 gems, and 2 potions displayed on a vibrant purple and space-themed background. Multiple payment options are shown including Apple Pay, PayPal, and various credit cards. The screen is part of a user interface design, highlighting an interactive and streamlined checkout process

A Merchant of Record is a holistic, one-stop solution for your D2C payments.

Your MoR acts as the seller of record in transactions, assuming full financial liability for transactions, including taxes, chargebacks, and refunds. 

Examples of general MoR companies:

  • Fast Spring
  • Reach 

Examples of gaming-focused MoR companies:

  • Appcharge 
  • Xsolla

What you get with an MOR

Payment processing – An MoR will integrate and maintain multiple B2B payment processors or payment service providers to facilitate payment routing and cascading, reducing the risk of payments being mistakenly declined as fraudulent and resulting in lost revenue.

Fraud protection – An MoR will offer detection of fraudulent orders, manual review of suspicious orders, and custom rules to protect your business.

Merchant Accounts – An MoR will set up multiple merchant bank accounts in countries where you have a significant customer base, enabling you to accept global payments.

Disputes and refunds – An MoR handles payment reconciliation, refunds, and chargebacks, ensuring a smooth process for both you and your customers.

Local entity creation – An MoR will set up local business entities to facilitate merchant accounts, tax registration, payment relationships, and more. 

Currency conversion – To reduce any friction from the user’s payment experience, an MoR will automatically convert the prices to local currencies.

Tax compliance – An MoR will calculate, file, and remit software sales tax in the locations your customers reside in, ensuring compliance with local regulations.

All of these things are required to power global D2C sales – the decision is whether you want to outsource everything to an MoR, or combine a PSP (with limited add-ons) with in-house specialists. 

What kind of gaming company should use an MoR? 

4 6

Publishers selling D2C web store items to a global market, who would rather outsource the complexities this entails to a trusted partner instead of hiring finance teams in-house.    

Merchant of Record vs. Payment Service Provider: Which Option is Best For Mobile Game Publishers?

The boring answer is that it depends. Both options offer varying benefits, but the choice relies heavily on your company’s specific needs, the extent of your global market reach, and how much of the financial and legal responsibilities you’re willing to manage in-house.

We’ll take this moment before you go to mention that we offer gaming-specialized MoR services that are battle-tested with some of the world’s biggest publishers. Should you wish to get in touch to learn more, you can book a demo via our homepage.

Play it Safe: The Appcharge Approach to Risk Mitigation

As game developers, we pour our hearts and souls into creating captivating experiences, while the risk of fraud and fraudulent chargebacks is always lurking in the shadows. The need for a robust risk mitigation strategy has never been more crucial.

In this article, we’ll delve into why risk mitigation is paramount for mobile game developers and explore how the Appcharge platform empowers you to safeguard your transactions effectively.

Appcharge’s Fraud Score

At the heart of Appcharge’s risk mitigation strategy lies the Fraud Score. Every transaction passing through our platform is meticulously evaluated and assigned a fraud score. This score serves as an initial assessment of the transaction’s risk level.

But how is this score calculated? It’s a blend of cutting-edge algorithms and historical data analysis. We consider various factors, such as transaction history, user behavior, and payment method, to assign a score that reflects the likelihood of fraudulent activity.

Transactions with high fraud scores aren’t dismissed outright. Instead, they are flagged for further review. We understand that false positives can be costly, so our approach is not overly cautious. Instead, it’s calculated and precise.

In our commitment to excellence, Appcharge collaborates with third-party anti-fraud software of the highest standards. This partnership ensures that our fraud detection capabilities are at the forefront of industry security. Your peace of mind is our priority.

Blacklisting Serial Fraudsters

At Appcharge, we have zero tolerance for serial fraudsters. Our platform blacklists individuals with a history of fraudulent activities across all games, creating a robust shield against repeat offenders.

Machine Learning Customization

Our machine learning capabilities allow you to define custom rules based on your unique business goals. Alternatively, you can opt for our recommended optimal settings, harnessing the power of AI to protect your transactions.

Optimized Manual Review

Appcharge streamlines the manual review process. We provide a centralized view of all flagged transactions, accompanied by rich contextual data explaining why each transaction was flagged for review. This ensures that your team can efficiently evaluate and address any concerns.

Extra Authentication for High-Risk Transactions

We understand the delicate balance between security and user experience. Appcharge applies extra authentication measures to high-risk transactions, without compromising your conversion rates. This targeted approach ensures that only transactions with elevated risk receive additional scrutiny.

Multiple Payment Methods

An e-commerce checkout interface on a mobile device screen, with an option to purchase an 'Amethyst Crystal' for $12.99. Multiple payment methods including Apple Pay and credit cards are visible. The user's information is pre-filled, ready for purchase. The background is a vibrant orange with a Euro currency symbol on one side and a Dollar sign on the other, indicating multi-currency support. Snippets of code in the background suggest a secure and programmable payment gateway.

Offering multiple payment methods minimizes risk by adding layers of security and verification, making it harder for fraudsters to exploit vulnerabilities. Digital wallets require extra customer verification, such as biometrics or passcodes, while bank debits add an additional layer of security by verifying account ownership.

By providing these secure payment options, Appcharge ensures not only a smooth user experience but also a significant reduction in the risk of fraud, safeguarding both your revenue and player trust.

Chargeback Fraud: Navigating the Storm

Chargebacks can be costly, both financially and in terms of reputation. If your business loses a dispute, you could be liable for more than just the original transaction amount. Here’s how to handle chargeback disputes:

Customer-Centric Approach: When a dispute arises, it is recommended you proactively reach out to the customer, aiming to resolve the issue amicably.

Submitting Evidence: Timeliness is key. While reaching out to the customer for resolution, it’s crucial to also submit evidence within the required timeframe to prevent default wins for the other party.

Card Issuer’s Decision: It’s essential to note that Appcharge doesn’t make the final call on dispute outcomes. Card issuers have the authority to decide. We play our part by confirming that the evidence submitted meets requirements and promptly communicate the decision to you through our dashboard, webhooks, and API.

Appcharge’s multifaceted approach, encompassing advanced fraud detection mechanisms, efficient chargeback management, and the provision of secure payment choices, empowers developers with invaluable defenses against the evolving landscape of mobile gaming risks.

Understanding and implementing these strategies ensures that developers can forge ahead in their creative endeavors, fortified by the knowledge that Appcharge is a trusted partner in their journey.

Back top top