If it seems like cases of fraud and hacking are always in the news, that’s because new incidents pop up practically every day. One of the latest involves hackers successfully accomplishing account takeovers (ATOs) of users of Zelle, the digital payment service.
According to the new Digital Fraud Tracker, total losses due to fraud equaled $4.2 trillion in 2018, and fraudulent mobile app transactions increased 680 percent between 2015 and 2018.
Fraud doesn’t impact all industries equally. According to the Digital Fraud Tracker, one-quarter of malware specifically targets FIs, and over 5 percent of online retail revenue is now lost to fraud. By 2020, it’s estimated that U.S. credit card losses will exceed $12 billion.
More businesses are adopting artificial intelligence (AI) and other technology to fight fraud. According to the AI Innovation Playbook, 63.6 percent of FIs believe AI is an effective tool for stopping fraud before it happens, and 80 percent of fraud specialists using AI believe the technology could reduce payments fraud.
The rise of online banking has provided a host of opportunities for fraudsters. Old manual detection techniques like analyzing geolocations, IP addresses and discrepancies between billing and shipping addresses aren’t able to catch high-level attacks, and often result in false positives.
BNY Mellon implemented an AI-based fraud detection initiative in 2018 to use pattern recognition and deep learning to analyze millions of transactions and identify those that are likely fraudulent. AI isn’t just used for fraud detection in the financial industry – it can also help with regulation compliance and adherence to anti-money laundering (AML) standards.
Joseph Sieczkowski, head of technology architecture and data at BNY Mellon, explained how it isn’t enough to use AI reactively. Financial institutions also need to stay one step ahead of fraudsters, because they change techniques quickly and often. “[We] do testing constantly to retrain our models to be able to pick up on different types of fraudulent activities,” he said.
Balancing security with improving the customer experience is a challenge for all industries, though reducing friction is even more vital for luxury merchants.
“Luxury retailers typically operate in a ‘high-touch’ environment, designed to be as friction-free for the customer as possible,” said Shamoun Siddiqui, chief information security officer of Neiman Marcus, in an interview with PYMNTS. “Any measure of security introduces friction. So, the challenge is to make security as transparent as possible while still protecting the customer’s personal information.”
The luxury retailer has been using device fingerprinting to identify devices based on unique configurations – and, ultimately, to determine whether it’s being used by a human or is automated.
“We are investing heavily in fraud detection systems that [use] machine learning and artificial intelligence to differentiate between normal patterns of customer behavior and potentially fraudulent ones,” Siddiqui said of the retailer’s approach to identity theft and other types of fraud. “These are patterns that would not be visible to the naked eye.”
Fraudsters are getting more sophisticated, making use of bots to mimic typical online shopping behavior. After Neiman Marcus identified a bot attack, the hackers started including mouse movements to fool detection systems.
Due to in-game purchasing becoming more standard – a recent study found that approximately half of all personal computer (PC) and console gamers spend money in-game, a share that climbs to more than 75 percent for mobile gamers – gaming platforms have become an attractive target for fraud, especially for hackers who
acquire personal data via account takeovers.
Gaming and gambling sites face similar issues, as too many security measures can turn off users who will go elsewhere. Some sites are reluctant to implement overly stringent security measures.
Beyond using machine learning to detect fraud before it happens, gaming platforms are also using liveness detection, which requires players to be physically present during the verification process so they can submit photos, video playback or audio recordings to confirm their identities.
Fingerprints, voice prints and other forms of biometric authentication are gaining steam in the arsenal of fraud-fighting tools. More than 63 percent of all smartphones manufactured in 2017 incorporated some type of biometric authentication, and a growing share of devices are expected to offer these solutions as fraud increases.