“Stealing an identity has never been easier than it is today, and it will be even easier tomorrow. That’s why fraud is always about identity.”
That’s Michael Reitblat, the CEO of Forter, a fraud prevention platform whose business is designed to make it harder for fraudsters to use those easy-to-come-by identities at a merchant.
But just because the fraudsters have an easier time than ever picking off the identity of consumers at will, his advice to merchants is to basically just chill.
“For every problem you can think of, there is probably a solution already. And if not, it’s going to be ready fairly quickly,” he told PYMNTS in an interview.
That’s why he believes that it’s time for merchants to worry less, and for experts to worry more about keeping merchants and their customers as far from it as possible.
“The No. 1 thing a merchant should do is to think about who are their customers, and serving them well – the best they can deliver,” Reitblat said, “and stop trying to outsmart fraudsters themselves.”
Doing that, he believes, comes with the downside of potentially spreading an organization so thin so as to possibly open themselves up to new paths vulnerable to fraudsters.
Now, admittedly, that seems like a bit of a tall order, especially after listening to former NSA director Gen. Keith Alexander remind a roomful of payments innovators on March 16 at Innovation Project 2016 that “the threats in cyberspace are as bad as it’s ever been.”
The human instinct is to do more, not less — and to do it fast.
But the General cautioned that tackling fraud across the payments ecosystem today is a job for experts. More collaboration, not less, across the payments industry, he emphasized, is needed so that the collective expertise of those whose jobs it is to be solve those tough problems can be leveraged across all of the players who need to solve those big fraud problems.
Problems that originate from fraudsters who are growing increasingly sophisticated. Problems, he said, that can’t be solved overnight and can’t be solved alone.
A point of view that Reitblat and the General share.
Collaboration between the companies that deal with payments – the merchants, and the companies that solve for payments fraud, means that there is a better chance of achieving the right balance. Merchants who focus on being a merchant and delighting the customer, and fraud experts who keep them from getting in the way.
“Everyone should specialize in bringing resources together,” Reitblat emphasized. “[Merchants] will lose if they keep spreading themselves too thin.”
It’s a reality that he believes that industry players have no choice but to address as they attempt to push payments to new places, devices and environments. What’s clear is payments is not just about moving money around; it’s about making sure that the customer initiating that transaction is, in fact, authenticated.
Anywhere that they happen to be transacting.
The Fraud Migration Trail
And that’s what the real authentication challenge is, says Lou Anne Alexander, Chief Market Development Officer at Early Warning. Alexander’s (no relation to the General) view is that the real challenge is because fraud is always migrating.
Alexander told PYMNTS that although the U.S. was nearly one of the “last to the EMV table,” a lot of lessons could be learned from the markets that came before. And one of those lessons is that fraud not only moves online, but to some familiar but unexpected places.
“Not only are we going to see [fraud] online, we are going to see it in traditional check-based systems, ACH-based systems, and again coupled with data breaches that we know have happened through insurance companies, payroll companies, etc.,” Alexander warned.
This unsettling precedent has heightened the need to put new solutions that can help both prevent and detect where fraud is moving to next.
And of course, the identity that is at risk. An identity that Alexander says is comprised of much more than name, address, social security number and date of birth.
“That’s not a consumer’s identity. I know if it’s that consumer by their habits, by what they purchase,” she explained.
Humans are habitual creatures and that is revealed by simply looking at a consumer’s checking account or credit card statement – where they shop and travel, the devices used and how they are used are all factors Alexander believes are essential to affirming the identity of a consumer.
“It’s bringing all those aspects together in a great, rich data platform with advanced analytics to say ‘Is this risky? Or is this not risky?'” she added.
Mobile can serve as a very unique identifier when it comes to consumer authentication.
Not only does a mobile device offer the technology and capabilities to pinpoint where a user is actually located versus where their payment card is being used for a transaction, but it can also tell a much deeper story about a consumer’s identity.
“A consumer’s identity becomes both them as a person as well as the device and how it is used,” Alexander said. “The uniqueness of being able to marry a human, their accounts, transactions and devices together gives those battling the fraudsters a more holistic view and a much better framework for validating that a consumer is who they really say they are.”
And this hopefully makes it harder for those fraudsters who are stealing identities at will to use them successfully.