Cyberdefenses Must Keep Improving to Stay Ahead of Fraudsters

As attractive as innovative new technologies appear, it’s important to remember they are just tools. 

And any tool, when in the wrong hands, can also be used for the wrong purposes. 

“Newer technologies are enabling fraudsters to have a lot more scale and automation when committing fraud, making smart defense critical,” Erika Dietrich, VP, Global Fraud Prevention Risk Services at ACI Worldwide, told PYMNTS. 

“What has changed is the speed and scale these tools and technologies give fraudsters, as well as the way they can educate themselves in open forums and chat channels on how to deploy and use these new technologies,” Dietrich said. 

“What has stayed the same is the need for businesses to provide their customers with the payment methods they prefer, while ensuring those channels stay secure,” she added. 

The rise of ever-faster digital payment methods has accelerated the sophistication of financial crime, meaning that organizations can’t afford to keep still themselves. 

“An effective defense is about corporations either having the skill sets, technology, and employee knowledge, or working with a provider who can offer the ability to process and manage digital payments, power omnicommerce payments, present and process bill payments, and manage fraud and risk management all under one cohesive orchestrated strategy that spans their whole entire payment ecosystem,” Dietrich said. 

After all, even as advanced technologies are increasingly leveraged by sophisticated bad actors, a taller wall always trumps a shorter ladder. 

Better-Armed Fraudsters Still Must Lose

Attack strategies that leverage tools like generative artificial intelligence (AI) to reimagine behaviorally driven scams for the 21st century pose a growing threat not just to a business’s defenses, but also to its customer stickiness. 

That’s because for firms still using legacy protection methods, employing rules-based engines to defend against the nuances of today’s fraud can create too many frictions for modern and younger consumers trained to expect the conveniences of a streamlined payment experience.

“[Businesses] need to deploy cyberdefense strategies that can not only detect and prevent fraud but also enable them to authenticate and verify consumers’ digital identities in real time, protecting against account takeovers, while seamlessly integrating any updates to their account,” Dietrich said. “With the world that we live in, digital identities are becoming more used than physical driver’s licenses or physical passports.” 

As the world becomes increasingly digitized, bad actors are equally able to exploit the amount of data that exists in order to create synthetic personas, raising the stakes for businesses to ensure effective, yet secure, authentication processes. 

“If you are using the older rails and anti-fraud methodologies, you are going to have a higher level of friction with higher decline rates, and you’re going to have more liability on the merchant or the bank,” Dietrich said. 

“The authentication pain is causing consumers to move to alternative payment methods like digital wallets and more, so if there’s an application, either on the merchant side or banking acquired side, that doesn’t have the capabilities to use these new payment methods or securely call for them,” she added. 

For a winning defense of an organization’s attack vectors, businesses need to leverage sophisticated strategies and solutions that deploy an orchestrated mix of technology, data and analytics and educational best practices for their employees.

Trading Outdated Processes for Real-Time Intelligence

It is not as though the old, manually driven way of doing things was particularly risk-free for firms. 

And it was missing something entirely crucial that adopting a modern cyber and risk strategy offers: the ability for continuous and dynamic learning. 

“Once you’ve upscaled your technology stack and gotten your technical colleagues aware of how to use AI technology and apply it, it can be applied to use cases beyond just fraud or payments. It’s about applying this innovation across your business organization in a multitude of different ways,” Dietrich said. 

ACI, she said, provides a multitude of different models that are able to look at trends and patterns around fraud areas like coupon abuse, employee rewards abuse, reseller, reshipper, refund, return, buy online, new account establishment scams, account takeover defenses and more. 

As for what Dietrich sees on the horizon? 

A single source of truth in the form of a dynamic digital identity. 

“How many different passwords and accounts do you have? How many different ways do you have to authenticate and verify? It’s hard for us as consumers, particularly for those attempting to practice good digital hygiene with different passwords and security prompts. … I really see that AI and machine learning solutions enabling a more consolidated, and better, way to be authenticated across the many different touchpoints that consumers have,” she said. “There are too many silos that we live in, hopefully machine learning and artificial intelligence can bring down some of them for us.” 

She added, “I’m hungry for AI and machine learning to make that easier, not only for me as a consumer but also for banks, intermediaries, merchants, processors, and governments to figure out an easier way for establishing trust in this digital world that we now live in.”