“Cat-like agility” required to beat fraudsters

By Felix Eckhardt, CTO, and Piet Mahler, COO, Risk Ident

Preventing payment fraud is a 24/7 pursuit for a merchant – criminals are operating around the clock and innovating constantly to find any gaps in a retailer’s defences that can be exploited to make their money. If they want to stay one step ahead of the fraudsters, merchants need to evolve the way they approach fraud prevention.

This doesn’t just mean retailers need to work harder, it means they need to consider the agility and flexibility of their systems as well, to ensure they remain ready to take on new threats.

Fraudsters are no longer restricted by international frontiers, and they are no longer amateurs acting alone. Rather, they have grown into professional entities, working together to extract as much money from transactions as possible, in as quick a time as possible. To take them on, merchants must not just be similarly single-minded, they need to give themselves the freedom to innovate and advance.

The ideal fraud prevention solution should be wholly customer-centric. Minimising time-to-market delivery makes this approach more effective, not only in the international markets being targeted by fraudsters in the ecommerce, telecoms and financial services spaces, but in new, emerging economies as well.

To achieve this goal, bright minds are needed, individuals who have the right set of skills to further develop innovative products for the industry. Fortunately, engineers are problem solvers and, given the right freedom, highly creative – this is crucial if we are to keep up with the constantly evolving fraud threat.

Setting ambitious goals

Increasingly, tech firms are adopting some version of the OKR (objectives and key results) mindset to achieve positive change.

Also known as the Spotify model, this approach to team structure enables developers to forge a shared commitment to achieving specific goals, which studies have shown help improve individuals’ performance and their productivity too.

The reason for this is quite simple – it establishes an ambitious yet achievable objective, while giving data scientists and software engineers complete freedom in how they meet their goals. Defining these targets in our particular sector means drawing on the expertise of fraud experts, combined with regular, honest, unfiltered feedback from merchants on the challenges they face in the real world.

Getting around false positives

Even more damaging than actual fraud, is the fear of fraud itself, which can lead to over-reaction. This leads to false positives, where a retailer’s anti-fraud setup incorrectly determines that a genuine purchase attempt is fraud. This means that genuine transactions are stopped unnecessarily, which can cost a business potentially millions in lost revenue every year.

There are ways of tackling false positives, however. It is possible to accurately identify the genuine fraudsters through a number of techniques, including device identification and by linking and analysing multiple data points. The analysis of so much data can be too much for human fraud managers working on their own, but by incorporating machine-learning into software, they can study data more easily and efficiently. This can help refine their fraud cases so that defences get stronger over time.

Get into the fraudster mindset

Understanding how fraudsters operate is crucial if we are to prevent future crime. Fraud, for example, is never just a single transaction – criminals do not simply target one victim, succeed, and then retire. With this in mind, it is vital to identify their process and beat them to it with a trusted, reliable defence system.

Fraudsters are organised – many even attend secret ‘conferences’ to share best practice, and they have a growing information pool at their fingertips, thanks to the existence of the dark web, as well as data breaches of companies, such as Ticketmaster and British Airways, which have seen the personal details of millions of consumers compromised.

To really understand the actions of a fraudster, you need to step into their shoes and think like them: what is their goal, what is their skillset, what is their mindset and what clues might they accidentally leave behind them?

Taking this approach to fraud prevention will give merchants a far more robust defence. We’re in a technological arms race, and knowing what the enemy is doing gives you an advantage in the next confrontation.

Fit for purpose

The modus operandi of fraudsters evolves over time, as they work to get through defences before they are noticed. The retail industry, then, needs to change quickly too, particularly in this new digital age.

Consumer demand for digital services has put pressure on companies to deliver their products and services to us faster than ever before. Whether providing digital or physical goods, there is now an expectation for a quick and seamless payment experience, followed by a desire for near-instant delivery of the purchase – if consumers don’t get this service, they will leave and never come back. This means that merchants have less and less time in which to confirm whether a transaction is fraudulent.

With all this in mind, it is vital that merchants find the best solutions to enable quicker fraud decisions and improve response times for active payments processing. Human managers cannot do this alone – they lack the speed or capacity to analyse the data effectively. Nor is machine learning on its own enough – it doesn’t have the same specialist knowledge of the company fraud officer(s). A combination of the two, however, is a winning formula. By taking steps to adopt this approach now, merchants can be sure they have a fraud prevention system fit to take on the fraud challenges of the future.

Related reading