Could DoorDash Data Breach Stoke Mobile Ordering Fears?

Could DoorDash Breach Stoke Mobile Fears?

Another day, another data breach – at least it seems that way sometimes. The latest involves DoorDash, and reportedly impacted around 4.9 million consumers, delivery workers and merchants.

This is no small matter, especially considering DoorDash is the current market leader with 36 percent of meal delivery sales.

In the latest Mobile Order-Ahead Tracker, PYMNTS explores the latest developments in the world of digital ordering, including the rise of artificial intelligence (AI) and machine learning (ML), especially for QSRs protecting themselves against fraud.

There’s no question that consumers are increasingly using mobile apps to order food. The PYMNTS’ Order To Eat Tracker found that the volume of mobile app orders soared 130 percent from 2016 to 2018, and the overall mobile order market value is set to reach $38 billion by 2020.

Breaches and other issues don’t just reflect poorly on the ordering platform. They can also tarnish the image of brand partners that are relying on delivery services to do what they promise.

Other third-party platforms have come under fire for a more insidious type of fraud.

Restaurants have alleged that Yelp has replaced the “Takeout and Delivery” phone number on their pages with Grubhub phone numbers, meaning that customers have inadvertently been placing orders through the third-party platform, allowing Grubhub to charge restaurants service fees.

Artificial Intelligence to Fight Mobile Fraud

Sophisticated AI tools are being used by QSRs to enable ordering via voice assistants, to work behind the scenes and to make operations more efficient, as well as to help fight fraud. QSRs are fighting back against bad actors by partnering with third-party payment processors and incorporating security technologies to authenticate customers.

Fraudsters continue to steal from QSR customers, with a recent report discovering that the total number of mobile device attacks increased by 117 percent over the past year.

In the study, the most common challenge cited by businesses was balancing fraud prevention and customer friction (68 percent), a 65 percent increase from the previous year. These businesses felt unequipped to handle mobile attacks (32 percent) and synthetic identity fraud (32 percent) in equal measures, while account takeovers posed problems for 25 percent.

What’s being done about the increase in mobile attacks? Mobile device attributes for verification took the lead (44 percent), followed by artificial intelligence (42 percent) and machine learning (41 percent).

One of the problems unique to QSRs is that this sector was historically brick-and-mortar. When they started developing digital platforms and using third parties for deliveries, their risk went up exponentially. When QSRs removed friction for consumers, they also inadvertently lowered the bar for fraudsters.

According to Kount CEO Brad Wiskirchen, AI and ML can help QSRs and other restaurants become more proactive about fraud rather than reactive. “When QSRs leverage machine learning and artificial intelligence as part of a fraud prevention solution, they gain early indications of what interactions could become

problematic. That foresight enables QSRs to anticipate new types of fraud and adjust their business processes to avoid losses,” he said.

Chipotle uses similar tools for securing its rewards program. AI and ML play key roles in assessing risk, as they can analyze thousands of transactions in a fraction of the time that it takes a human analyst.

In an interview with PYMNTS, Chipotle CTO Curt Garner explained how account takeovers primarily occur through automated bot attacks that have an identifiable signature. “The security platforms that utilize AI and machine learning can also spot attack patterns as they try to morph into different vectors, and very quickly block those transactions as well,” he said.

Voice Ordering: The Next Fraud Frontier?

AI for fraud detection happens behind the scenes, but perhaps the most visible AI integration being used by QSRs is voice recognition systems, which have been deployed at restaurants like Domino’s and Starbucks. Chipotle also recently implemented AI-based voice-activated food ordering.

Twenty-eight percent of all shoppers now own a voice-activated device, according to the PYMNTS Remote Payments Study, and 27 percent had used one to complete a transaction in the past seven days.

One of the issues with emerging channels like voice is that fraudsters are ready and willing to take advantage of anything intended to make a customer’s journey easier. In a survey conducted two years ago, consumers’ top concerns with using voice-controlled devices to buy things were security (38 percent of respondents) and privacy (33 percent). Voice commerce has become more mainstream since then, but these concerns are likely still valid.

QSRs are leveraging self-service kiosks as another AI-powered ordering solution, complementing voice-activated phone and drive-thru ordering.

Companies such as Bensen AI and Valyant AI have spent years developing a proprietary conversational AI platform that focuses on making the drive-thru faster at quick-service restaurants (QSRs).

Bensen AI has conducted timed studies, finding that it can take over a minute to make a repeat order through a mobile app, while it takes only about 15 seconds through its voice service. On the restaurant side, the main benefits are increased sales from repeat customers and reduced friction to attract more repeat usage.

Voice technology is poised to play a big role in the restaurant ordering experience, but there are still several barriers to its adoption, beyond issues of privacy and security. Voice ordering systems often lack screens that allow customers to review their orders, which can lead to frustrations if orders are misunderstood and expectations are not met.