More than ever, customers are demanding speed and convenience in their purchasing and decision making. With busier schedules and the ease of e-commerce at their fingertips, customers are increasingly choosing retailers who provide convenience on the consumer’s terms. At the same time, fraudsters are rapidly evolving their methods of attack – particularly in the digital space – meaning that businesses are fighting to protect customers, while also providing a seamless experience.
In 2018, a new landscape of regulatory changes, faster payments, advances in machine learning technology and open banking in Europe is creating opportunities for innovative approaches to risk and fraud management – and an imperative to act to protect customers.
If your organization is seeking to add or upgrade risk and fraud management solutions, take a look at this practical checklist of five questions to ask solution providers:
1. Does the fraud management solution support an array of payment methods for different worldwide locations?
While payments by credit card and PayPal are accepted and supported worldwide, offering only these payment methods to consumers will ultimately limit conversion rates for card-not-present payments. The German consumer market, for instance, expects payment methods which are not used in the US, such as giropay and immediate transfer. In France, consumers primarily use a single card, such as the Carte Bancaire or Carte Bleue. This option will need to be available to sell in that market.
If you are exploring vendor options, ask if they can incorporate credit card origin checks, GEO IP, Device ID and checks on payment velocity. These provide an added layer of fraud protection at the Point of Sale. A Device ID check, for instance, will recognize a device and monitor it every time that device visits a website, enabling you to identify known threats.
Geo IP checks are useful in unmasking proxies to find where your users are really originating from. It is also important to ensure that the solution provider can block specific credit cards and account numbers, so you can prevent further fraud and loss during an attack.
2. Can the fraud management solution accept data from any point in the customer lifecycle?
Although customers are becoming more attuned to fraud risks posed, many still engage in risky behaviors, such as writing their PIN on their card, conducting sensitive transactions on public WiFi networks and leaving mobile wallets unlocked on their phones.
As consumers are such rich fraud targets, protection needs to happen throughout the customer lifecycle – not just at the moment of payment. More advanced anti-fraud solutions can achieve this, using behavioral information provided or captured throughout the customer lifecycle to identify fraudulent or suspicious behavior.
A fraud management solution might, for instance, combine transactional information with the digital activity of the device to fraud-score the transaction risk.
The best fraud solutions are ‘self-learning’ – this means they are constantly adapting to new information about each customer in real time, building individual profiles on each customer. New information about a customer or a merchant provides new intelligence that can be used to reduce risk.
3. Does the fraud management solution enable you to set your desired risk appetite?
Many Fraud Managers are measured beyond fraud losses and must consider the need for a seamless consumer experience. Fraud management teams can meet their goals by implementing a fraud management solution which enables the business to set it’s own balance between adequately protecting consumers, while also minimizing the number of genuine transactions declined.
Look for a solution which enables you to adjust and balance the desired risk threshold for False Positive Rate or Fraud Detection Rate, according to your business needs.
Different types of fraud pose different financial risks to organizations, so you also want the ability to vary thresholds by risk type, for instance setting one threshold for application fraud, and a different threshold for card fraud.
4. Can the fraud management solution be combined with existing fraud rules to strengthen risk prevention layers?
Over the last 25 years, most financial institutions have built operational fraud models based on writing business rules against known types of fraud, translating domain experts’ knowledge into automated decision thresholds. Before the rise of digital banking and data capture, it was easier to determine these rules and thresholds as available types and volume of customer data were more limited.
Today, particularly through online channels, organisations are able to gather large volumes of real-time customer data (including while the transaction is in progress), so advanced fraud prevention systems use this data to build detailed, individual real-time profiles which spot anomalies and catch fraud as it occurs.
5. Is the anti-fraud system a “black box”, or does it deliver insight into model performance?
It’s important for fraud analysts to ‘treat the customer fairly’ by knowing how a fraud decision was arrived at (known as ‘inspectability’), so delivering an unexplained fraud decision from a “black box” is not an ideal approach.
Leading real-time, machine learning fraud solutions use sophisticated decision-making techniques – however, they also use clear Reason Codes and reporting dashboards to help fraud analysts identify why the fraud decision was made.
The most advanced systems enable organizations to test the impact of changes to the model, without affecting the live system. This enables fraud analyst teams to compare with the performance of new or revised rules, models, aggregators and risk thresholds versus actual performance, over a selected timeframe to make the most optimal changes.