With the advent of mobile apps, digital ecommerce has witnessed exponential growth in recent years. Gen Z and the Millennials are hooked on using mobile for their digital transaction experience, which encompasses everything from online shopping, booking holidays and banking. According to the 2020-2021 Global Ecommerce Consumer Behaviour Report, Gen X and Baby Boomers are also coming around to digital ecommerce with 23% of respondents aged 55 or older saying they use mobile devices for online shopping. A lucrative subset of digital ecommerce is microtransactions. Microtransactions are part of a business model whereby users are able to purchase virtual goods with small payments known as micropayments. These are often sums of £1 or less. These small online and virtual purchases give gamers a competitive advantage over their peers. Dr Ellen Evers, a Professor of Marketing at the University of California, says of microtransactions:

“Microtransactions basically make the game easier. They violate those rules and norms that are part of the game.”

With the surge of gaming through mobile apps, particularly during the pandemic, microtransactions have become a significant revenue source for the developers of free-to-play or ‘freemium’ games.


Investopedia estimates that only 5% to 20% of the global gaming community participates in microtransactions. However, that does not mean that the business model is small potatoes. Anything but. At the end of 2021, there were 3 billion gamers on the planet, with the gaming industry generating over $180 billion in 2021. The mobile gaming statistics are also pretty impressive. In June 2022, there were 2.2 billion active mobile gamers with overall revenue of $93 billion and predicted to be $116 billion by the end of 2024. All of this is derived from microtransactions. For those of you who are familiar with the King games Candy Crush Soda and Farm Heroes Saga, you’ll probably be surprised at just how big these money-spinners are. Candy Crush, released in April 2012, grossed $1.2 billion in 2021. Pokémon Go racked in the same small fortune. So much for free-to-play.


Fraud is always an area of concern with any online transactions and microtransactions are no exception. Microtransactions fraud, aka in-app purchase fraud, is the manipulation and abuse of online gaming accounts where fraudsters target in-game currency, digital purchases, as well as real currency stored in wallets. With microtransactions, the situation is exacerbated since the transaction amounts are so tiny. As such, fraudulent transactions either go unnoticed or, due to their insignificance, are not worth pursuing. Given the significant value of the mobile gaming industry, we are seeing more and more bad actors honing in on microtransaction fraud. Put simply, microtransaction fraud is being fuelled by the increased spending on in-game assets.


Fraudsters typically commit microtransaction fraud by creating a guest account and using stolen credit card credentials to buy digital goods. They then sell the account online and later link the guest account to the purchaser’s social media account. Reselling virtual goods bought with stolen cards can be highly lucrative for fraudsters. In 2019, a Counter-Strike: Global Offensive rifle skin fetched a staggering $60,000. While these activities impact the person whose card has been hijacked, they can have devastating consequences on gaming app developers. They bare the brunt of chargebacks from the use of stolen cards and also lose the payment they would have received from the legitimate customer. The developers also suffer reputational damage as in-app purchase fraud enables some players to gain an unfair advantage, thereby disrupting the honest gaming community. Developing a digital game is also a long and expensive process. Developers can’t afford to lose players and income and start from scratch over and over again.


Many gaming companies lock out suspicious-looking accounts. However, this is not a particularly effective remediation as it tends to block harmless, revenue-generating users. One strategy is to monitor new and returning users at both the registration and login stages. Some platforms require users to prove their authenticity by solving an interactive 3D challenge. A genuine gamer will find this fun while bots and automated scripts will fail the challenges. Wargaming, the developers of World of Tanks, have adopted another tactic by making their games almost resilient to fraud. Elena Emelyanova, the company’s Senior Payments and Fraud Manager, says:

“There is no way to make fraud in-game because it’s created in the way that we can’t do cash out, you can’t resell anything. The only fraud that we are dealing with is related to payments and mainly cards. That’s the main risk.”

The problem is that fraudsters and hackers are people. These irrational cybercriminals tend to stop at nothing, despite facing 3-D challenges or making a mobile gaming app fraud-proof. So will we beat microtransaction fraud? Probably not in the short term.


Microtransaction fraud may not go away anytime soon but you don’t need to become a victim. I have over 20 years of experience in professional business IT support and specialise in cybersecurity and risk mitigation. I do the best I can to help people keep their IT, data and, by extension, their finances safe and sound. Call me today and let’s take on microtransaction fraud together.

Leave a comment