The vast majority of those who make it to a merchant’s checkout page are the good guys. Normal people trying to complete a legitimate purchase. Ninety-nine percent of the time, Sift Head Trust and Safety Architect Kevin Lee told PYMNTS in a recent conversation, the customer is legit and should be approved.
The problem is the other 1 percent of attempted transactions that are illegitimate and have a fraudster standing behind them, and not a single actor scraping card data onto a spreadsheet in their basement.
“We know that there’s an entire ecosystem or economy out there that fraudsters are a part of, and they’re there working off of each other,” Lee said. “They’re using technology to their advantage and they’re extracting all this value.”
Fraudsters, he noted, are looking to exploit any vulnerability they can find to maximum advantage — and they’re highly educated and willing to try a lot of different, and increasingly sophisticated attacks to make it happen. They have their own KPIs. They’re doing their own ROI analysis — and some of them are state-sponsored and going after retail with the most sophisticated technology a government budget can buy.
Fraud fighting, Lee said, needs to upgrade with the time, to make pushing back more sophisticated attacks possible without injecting pain into the experience of the 99 percent of consumers who are legitimately trying to check out. But that upgrade, and the silo-busting it entails, he said, can do more than make organizations more secure — it can also make them more efficient and ultimately more profitable if data is leveraged properly.
Fighting An Ecosystem Of Fraud
Organizations, he said, have an unfortunate tendency to silo their risk and safety teams from their growth teams, product teams, marketing teams — walls that make it much easier for fraudsters to do their jobs because the data that would make them easier to spot is trapped outside the view of the person whose job it is to stop it. As a result, he said, fraud and safety is often only a real part of the development process when something bad has happened — a massive wave of chargebacks has rolled in for example — and the organization has to fix its product to secure it.
Organizations often already have all the tools they need to spot and fight fraud, Lee said, but lack a way to holistically and effectively leverage those tools. As a result, a problem that could have been spotted and alleviated early on manages to slip through and wreak havoc on organizations.
“And they’re kind of compiling all these signals together and trying to make the best decisions possible, but the systems themselves, unfortunately, are not talking to each other,” he explained. “And so I think when it comes to frustrating fraudsters, the best way that we can do that is by connecting all those dots.”
No product manager wants to see what they built abused by the fraud economy, Lee said, as the fraudster is the only winner there. The merchant, he noted, just gets bad reviews and a hit to their reputation. And in a world where “trust is earning drops and lost in buckets,” organizations simply can’t afford to give fraudsters that win.
But more than simply forcing a loss for fraudsters by rethinking fraud fight’s place in the product development funnel, merchants have a bigger opportunity to grab a win for themselves in terms of upping sales, profitability and consumer retention, he said, because the data fraud fighting leverages is good for a lot more than merely feeding off bad actors.
The Bigger Opportunity
The vast majority of the information fraud teams look at, Lee said, can be packaged for many other things. The marketing team, the product team and the finance team (among others) all have reasons to want to look at the consumer data the fraud team works with, because all of it gives them something essential to their job, a clear look at and better insight into their customer.
Instead of the silos that separate the teams and their data streams, he said, what they need is to be able to work from a sense of common purpose that pushes all their goals along — since a firm’s ambition in this arena isn’t just to push away the bad, but to figure out how to bring in more of the good.
“For the 99 plus percent of good users that are hitting up your system at that merchant, what if you’re able to enable them not to go through those additional security checks? If you know that they’re not fraud, don’t slow them down and increase your conversion as a result,” he said. “We know that this works time and time again, but most companies either don’t know that they can do this, or don’t have the tools in place to actually remove these things.”