In eCommerce, friction is a four-letter word.
However, friction done right — for the right consumer, for the right transaction, at just the right moment — can actually enhance the consumer experience. In other words, friction with a dash of intelligence mixed into the process can cut down on fraud, which helps, well, everybody in the commerce ecosystem — from consumers to issuers to merchants.
So explained Johan Gerber, executive vice president of security and decision products at Mastercard, delving into the motivations behind the Tuesday (March 12) news that the card giant is acquiring Toronto-based Ethoca for an undisclosed sum. As reported, the deal is slated to close in the second quarter.
Ethoca makes technology that helps merchants and issuers collaborate with speed and efficiency to battle digital commerce fraud, linking 5,000 merchants and 4,000 financial institutions (FIs) globally.
As Gerber explained in an interview with Karen Webster, the Ethoca deal represents the latest in a “constellation of acquisitions centered around combatting fraud.” The deal fleshes out a portfolio in which Mastercard struck a pact to buy NuData Security two years ago in March, and Brighterion, a firm specializing in artificial intelligence (AI), in July of 2017.
Broadly speaking, through Ethoca’s offerings, upon identification of a fraudulent transaction, the information is passed to merchants and they are asked to confirm the transaction. When fraud is suspected, they can stop or even reverse those transactions. The end result is a reduction in chargebacks.
Given the trio of acquisitions mentioned, Gerber noted that Mastercard will have a presence in and insight into the continuum of commerce. That spans account origination, when consumers establish digital relationships with merchants and banks or simply make a purchase, to addressing “what happens if something goes wrong” and there is a disputed transaction or actual fraud afoot.
“Now, we really can address the entire lifecycle of the consumer journey, as well as the transaction lifecycle itself,” he told Webster, and resolve disputes in the cheapest and fastest way possible. After all, in a nutshell, consumers do not want to be inconvenienced, and merchants do not want to be defrauded.
In terms of mechanics, as Ethoca has detailed, the firm traces its genesis to 2005, and the focus has been on stopping fraud and chargebacks for merchants processing card-not-present (CNP) transactions. Merchants, the company said, can access fraud and transaction dispute data from card issuers via a portal or API. Ethoca Alerts, as they are called, are notifications tied to specific transactions that will result in chargebacks if merchants do not take action (through issuing a refund or stopping settlement). The process allows merchants to avoid chargebacks and their associated costs. The alerts offer details, including credit card numbers, authorization data, transaction amounts and merchant descriptors.
The point here, said Gerber, “is to reduce chargebacks to the absolute minimum, where [merchants] can really deal with what’s broken or has to be repatriated for some reason.” He said the Ethoca acquisition brings more transparency to the dispute process, where there can be confusion, or “friendly fraud” — where a purchase is made and a consumer either cannot remember the details or they claim they are not responsible for the transaction. The transparency offered through Ethoca, he said, can address those issues.
Real Fraud, False Declines And Connected Decisions
Webster noted that there’s an eternal battle between sussing out “real fraud” from “false declines.”
False declines, of course, exist as a significant cost in eCommerce and CNP transactions. After all, legitimate transactions that are declined amid suspected fraud have a dual impact: They stymie revenue growth and drive away consumers. Gerber said that EMV 3DS protocols allow merchants and issuers to share more data with one another. “That incremental data,” he said, paired with Ethoca’s process, can point to such factors as a bad device or bad delivery address. Such data, pulled together through Brighterion’s AI, can advise an issuer or merchant when and when not to introduce friction.
There is, of course, the desire to inject “intelligent friction” into a transaction, said Gerber, “that can reinforce trust.” Consider, for example, the friction that arises when a bank asks a consumer to confirm their intent to send money — right down to the zeroes and decimal places.
Gerber said of that carefully considered introduction of friction at the right time and for the right transaction, “you will hear a lot more about connected decisions,” which look across all points of eCommerce. Those can span when someone logs in to an account to when they purchase something, when they authenticate to when that authentication becomes an authorized transaction, “and now, all the way to if there is a chargeback,” he said. “You can see how we want to start connecting the dots. You get the right intelligence in there, and there is a difference between data and intelligence.”
In the quest to rethink the transaction at checkout (to use the login as a point to understand the consumer right at the start, and not introduce yet another layer of friction), Gerber pointed to FIDO Alliance, a consortium that has developed authentication standards. “If you take the ability we have now with doing the login,” he told Webster, and “we do that in a FIDO-compliant manner at the time when you check out, I can tell the issuing bank ‘this was a FIDO-compliant authentication at login.’ And we can have what I call a ‘chain of evidence’” that can dissuade issuers from introducing more friction into the process.
With Brighterion, NuData and now Ethoca working in tandem, he said, Mastercard can, through a holistic approach, “connect decisions, which ultimately translate into smarter authentication, smarter friction and, hopefully, less of those false declines.”