FinServ Redraws Its Fraud-Fighting Roadmap

Although still a horrific event, the ongoing coronavirus crisis has, in many ways, created positive outcomes. In the world of payments, the pandemic introduced a once-in-a-lifetime event to accelerate digitization and adoption of electronic payments, much to the benefit of all parties involved.

Yet unsurprisingly, malicious actors took that opportunity for their own advantage, too. The result has been a surge in cybercrime and fraud attempts, often related to COVID-19. Last month, researchers pegged the value of coronavirus-related fraud and identity theft at nearly $100 million since the start of the pandemic.

The proliferation of such nefarious activity isn’t all that surprising, however, according to Lukayn Hunsicker, vice president of Product Management, Financial Solutions at Feedzai.

 

Indeed, from instances of business email compromise scams or other social engineering attacks within the enterprise, to authorized push payments fraud targeting consumers, fraud attacks are aplenty — and they’re not only coming from a third party, either, thanks to the economic downturn as a result of the pandemic.

“This also leads to a rise in consumers’ desire to look to opportunistic crime,” explained Hunsicker, pointing to the potential for individuals to actually participate (albeit sometimes unwittingly) in money laundering and other scams for their own financial gain. “Some of these [frauds] are well known, and I would expect as more schemes come to light … we can expect to see these types of attacks continue as well.”

In an interview with PYMNTS, Hunsicker explored what the sudden explosion in electronic payments adoption means for financial institutions’ and other service providers’ fraud-fighting strategies. Tactics, he explained, not only need to fight crime, but collaborate with the customer to ensure security without compromising the user experience.

Redrawing The Fraud-Fighting Roadmap

The dramatic digital payments shift has added pressure on financial service providers, particularly those built upon legacy infrastructure, to ensure that these electronic transaction volumes continue to flow without disruption.

The speed with which electronic payments occur today has made fraud-fighting an extra challenge, but there is an advantage to this shift in the landscape. With a greater volume of digital transaction comes a greater volume of actionable data that can be wielded to identify and stop nefarious activity.

“With the ability of open source, Big Data software, etc., we’re able to look at really minute solutions that can bring in digital risk signals as they happen,” said Hunsicker.

It’s important to understand that fraud risk analysis models don’t only look for the outliers, or bad actors that are already known for their criminal activity. Technology must take digital transaction data and identify potentially unknown patterns occurring and bring those to light, too.

Yet it’s not only about technology, he added.

“There’s no one silver bullet solution for all of the different types of financial crime typologies or fraud attacks that we may experience,” said Hunsicker. “What that has led to is an ability to bring not just transaction-based detections, but also to bring in identity-based information that allows us to basically do a continuous adaptive risk and trust assessment.”

Behavioral analysis of the individual who initiated a transaction can be particularly valuable, for instance, with assessments able to examine how a person logged on to make a payment, where and when it happened, whether it occurred close to the proximity of an individual’s mobile device, or how an individual interacted within an online session.

Preserving The User Experience

The jump in digital payments adoption may have occurred out of necessity, but it’s likely that consumers and businesses will continue to move forward in their electronic shift rather than return to the old ways of making payments. That’s because the experience of electronic payments can often be far more favorable than legacy methods.

With that in mind, Hunsicker emphasized the importance of preserving that user experience while still elevating protections and fraud detection strategies.

“This is an old adage of the need to balance security against experience,” he said. “Alluding to some of those expectations that consumers have in how they want to interact, there are a couple of considerations to have in mind to benefit the user experience.”

When it comes to combating fraud, seamlessly embedding protections within technology will be key, as will communication with the customer. That could mean detecting fraud quickly — within a hundredth of a millisecond, for example — and to promptly reach out to a user to confirm their identity or a transaction with as little disruption as possible. Service providers should also effectively communicate their fraud mitigation tactics with their customers so those clients understand exactly how they’ll be protected.

“It’s an educational process to establish that two-way trust,” said Hunsicker.

Looking ahead, the future of fraud protection will continue to be based on the surging adoption of electronic payments, with new opportunities for technology and human interaction to fight the bad and preserve the good. Hunsicker noted that customers will increasingly demand elevated customization and control in how they’re protected, offering the example of being able to prohibit any payment that falls into a certain scenario, like online gambling.

The fraud threat isn’t going away anytime soon, and the payments ecosystem needs a collaborative, multipronged approach to mitigating risk and keeping customers satisfied as they progress in their digital payments journeys.

“This is almost a once-in-a-lifetime, forced generational change to interact more online, which means less friction,” said Hunsicker. “For us, that means not just empowering the consumer in their experience through adequate risk mitigation, [but also] understanding how that action, and how we act on that event, also impacts how that user will experience it.”