For merchants and financial institutions (FIs), the “new normal” of commerce — done increasingly online — means that battling fraud is a bit like feeling an elephant.
You know the parable: Several blind men touch an elephant and, based on the trunk, or the tusk, or the leg they’ve felt, they describe an animal that is, well, way off the mark.
As bad guys wrangle account details, cobble together synthetic identities and conduct account takeover attacks with ferocity, the old rules-based systems, password challenges and other lines of defense provide only part of the picture as to whether “good” customers are buying or “bad” actors are, well, getting away with it.
As Rahul Pangam, vice president of risk strategy at PayPal’s fraud prevention company Simility, told Karen Webster in an interview, “fraudsters are fraudsters — and sometimes they get new avenues to do what they do. Unfortunately, this current environment presents some of those opportunities.”
The pandemic has paved the way for fraudsters to try new avenues of attack, and is laying bare the limitations of the fraud prevention tools currently deployed.
A vast majority of us, of course, are working from home — perhaps not even our homes, but via shelter-in-place locations with family and friends.
Many of us are buying goods or services (streaming media, for example), that were not on the radar before.
We’re transacting across mobile phones, tablets and laptops, buying everything from toilet paper to meat, and having goods delivered to our doorsteps.
All of this data serves up a rich opportunity for fraudsters to fly under the radar amid the waves of card-not-present transactions, monetizing stolen credentials or trying to complete (false) chargebacks.
For merchants and their FIs, particularly issuers, the battle is everlasting and evolving.
And the question remains: How can firms make sure they have the right tools in place to stay one step ahead of the bad actors?
As Pangam remarked, banks were not caught entirely flat-footed, having already made efforts to bring more services and products online before the pandemic hit.
Looking at the merchant side of the equation, the embrace of that same digital journey has been a bit more uneven. Some merchants, operating primarily across offline channels, have had to go digital in a hurry.
Some verticals, such as travel and entertainment, have been hurt worse than others, amid a precipitous drop in people traveling and public venues remaining shuttered.
Against that backdrop, where firms had sought to grow top lines (with profits to follow), now they must seek to manage costs.
At the same time, merchants must be able to onboard new customers in a streamlined way to capture revenue opportunities as they materialize, while fighting fraud in the dynamic way that the new eCommerce environment demands.
The limits of operating budgets and top-line pressures mean merchants must do more with what they have. They must triage where they want to change the customer experience — reducing false positives, accepting more orders and stopping fraud in its tracks.
At a high level, said Pangam, “If you have machine learning-based systems in place, you are typically going to be in a good place.”
But drilling down a bit, he noted, it’s important for firms to embrace the latest, and more robust, machine learning models that evolved from past iterations, in order to put data in context and change decisioning as the situation warrants.
If there was ever any doubt that static, rules-based models are no longer enough, now is the time to put that thinking to rest.
Adaptive Is Better Than Static
Consider the example, as Pangam offered, where static models may determine that people who conduct a hypothetical 33 transactions or more per day are fraud risks. Rules would establish a challenge for transactions at or about that level, or block them outright.
The fraudsters will eventually be able to fly under the radar with 31 transactions, and get away with their schemes.
Static models, in other words, offer a bit of insight into what’s going on — a bit like that old parable of the blind men feeling the elephant.
Pangam noted that adaptive decisioning platforms can offer a holistic approach to fraud and risk management, because the platform offers the flexibility to deploy new models in real time, fed by disparate sources and streams of data.
In addition, as merchants and FIs embrace “hub” models, they can benefit from the collective offerings of several fraud vendors, while automatically adhering to new regulatory rules.
“Sometimes it takes two to three months to understand the patterns and build a new model and deploy it,” noted Pangam. But with adaptive decisioning and the hub model, “that lag goes away. You’re able to adjust more rapidly to evolving situations” with the aid of the network effect that comes as acquirers, issuers, PayPal and merchants exchange valuable data.
On the issuer side, he said, there’s the history of how consumers set up accounts and spend money, while on the merchant side, there is data illuminating geography and shopping cart activity. Triangulating all of that information helps give a holistic view of the customer.
Adaptive artificial intelligence (AI), according to Pangam, can wind up being a competitive advantage, because the advanced technologies can improve the end-user experience, even as those consumers’ behaviors shift online.
After all, consumers won’t suddenly go back to the way they used to live. They’re becoming increasingly comfortable living in a digital world.
Adaptive models, said Pangam, can determine the level of friction that should be introduced into eCommerce on a per-user, or even per-transaction, basis.
For example, should a streaming media firm choose to broadcast only in certain geographies, it can put into place (flexible) rules that automatically decline attempts to access the service from blocked territories. Pangam pointed to the “progressive orchestration” experience that learns to trust certain users (and their devices) over time.
“You’re not treating everybody like a fraudster when they log in,” he told Webster, “and over time, you can make your decision quality better and better.”