Why The Cyberfraud Fight Needs A Trusted Identity Reset

Why The Cyberfraud Fight Needs A Trusted Identity Reset

The future of eCommerce, and fraud prevention, is flipping the script from just stopping bad transactions to enabling personalized customer experiences. Consumers have less tolerance than ever for unnecessary friction — instead, each interaction and step along the customer journey must be considered through a lens of trust: Is there low trust, and should the transaction be stopped? Or is there a high level of trust that deserves a VIP experience?

Meanwhile, fraud is constantly evolving and becoming more sophisticated, occurring before and beyond the point of payment. We no longer live in a world where crooks swipe cards and see how many charges they can make before the rightful owners pull the plug.

Today, Kount Executive Gary Sevounts told PYMNTS in a recent conversation, fraud technologies and tactical proficiencies have greatly improved, while target pools have greatly expanded.

“The fraud community is more and more using machine learning to access data, and moving away from attacking payments directly and into account takeover, synthetic identities and other means,” Sevounts said. “That is why legacy fraud prevention tools are becoming less and less efficient and effective.”

Solving the problem, however, is more complicated than simply building a thicker wall to lock out the fraudsters or finding a better spotlight to pick them out in a crowd. Building security in an attempt to block every bad transaction is essentially a game of whack-a-mole – and one that the fraudsters are currently winning.

But it’s a script that Kount is endeavoring to flip, Sevounts said – with yesterday’s release of its Identity Trust Global Network, as well as a change of paradigm around the security of transactions (and other interactions) between consumers and businesses.

“When you look at all of those interactions — payments, account logins, account creations, account changes, gift card usage — the one unifier that holds them all together is identity. Behind each one of those interactions is an identity,” Sevount said.

And the ability to assign that identity trust level with confidence will help to block out many bad actors. But just as important, he noted, it will also enable businesses to correctly identify the good customers and reward their patronage accordingly.

How To Build Identity Trust 

The ability to accurately and near-instantly establish identity trust during every interaction point with a consumer is obviously useful and desirable, Sevounts noted. The fraudsters are bounced, while the legitimate consumers can be shepherded through a smoother, faster digital experience without a lot of stutter steps in the name of security.

“It all sounds good, but how do you do it?” is the obvious question, he said.

And while the answer is complex — and required a multi-year engineering effort for Kount to create – it can be broken down into two main components: a massive amount of identifier data and a range of diverse artificial intelligence (AI) technology working in parallel to parse that data extremely quickly. Both are non-negotiable.

The data is necessary — without it, there simply isn’t enough information to build the kind of identity trust that is necessary to make a judgment. No matter how good a firm’s technology is, Sevounts said, without a sufficiently large field of data points, it won’t be able to do its job. Kount, he noted, is working with data derived from its relationships with over 6,500 clients and over 50 payments firms over the last 13 years of operations. All in, they work with over 75 industries in more than 250 countries and territories, and monitor 32 billion annual interactions on 17 million devices every year. That adds up to 2.7 billion fraud signals analyzed in each transaction.

“Data are identifiers, not identity,” he explained — which is why data alone is only half the battle. That data then needs to run through a combination of AI tools using supervised, unsupervised and hybrid machine learning (ML) to probe for the relationships between those pieces of information – and to determine whether there is a pattern that correlates to a legitimate user or to a fraudster masquerading as one. With that identity trust in hand, Sevounts noted, fraud can be eliminated.

But it can also allow a business to do much more.

Building the Better Experience 

Customers as a rule like being secure, but they don’t like friction — and the goal of merchants everywhere isn’t just to build a secure transaction experience, but also a smooth one. Identity trust is the tool that allows for that, Sevounts said, signaling to the business that they can pass the transaction through with minimal interference because the system has thoroughly vetted and cross-checked the consumer at the moment of truth.

And, he noted, it isn’t reliant on the binary methodology of the past, where the transaction was either deemed good and pushed through, or was deemed bad and bounced. This system allows for gradation, accounting for transactions that mostly check out, but perhaps have an unusual element or two. Running on adaptive AI, Sevounts noted, systems can now adopt to a particular risk profile and assign extra verification steps as needed, instead of using a blanket approach.

“They may want to add just a little bit of friction, just to double-check,” Sevounts pointed out. That can make a customer feel safe, versus a whole lot of friction that automatically pops up and makes a consumer feel annoyed and ready to abandon their cart.

“The ultimate goal of online commerce is to be able to improve the user experience,” he said. “And you can actually do this with identity trust, because you are offering them much smoother, faster and customized responses.”

There are no silver bullets in the world of fighting cybercrime, and the fraudsters will keep coming back with new tech. But the better a merchant can see the consumer, and the more accurately they can identify who to trust, the higher chance they will have the right custom bullet when the fraudsters inevitably come to call.