by Nyugen Nyugen, Vice president, partner development and technical service at ADARA
COVID-19 has completely upended consumer behaviours. Over the past four months, consumers have switched from buying the majority of their products in stores to shopping online as brick and mortar stores close due to restrictions. In fact, a third of consumers aged 65 and older are planning to increase spending online because of coronavirus.
A less desirable outcome from this will be that fraud rises in huge quantities – making it now the most serious threat vector for financial institutions. Or, traditional fraud detection is more prone to false positives and false negatives as customer behaviours change rapidly. Relying on past data becomes ineffective, as old patterns no longer apply. The need for real time, predictive options for datasets is clear.
Fraudster paradise
Financial institutions make real-time decisions on fraud by parsing through mounds of data points. Current methods of fraud detection rely on aggregated data from past behaviours against internal risk thresholds or against a baseline of individualized normal behaviours determined by machine learning. The level of inferred conclusions will always result in some false positives or false negatives, thereby aggravating and slowing down genuine customers while allowing fraud to creep through. There’s an imperative to increase accuracy in fraud detection – for the sake of reducing fraud and improving the overall customer experience.
As fraudulent activity advances in complexity, financial institutions are seeing threat vectors from spear phishing, cross-site scripting and man in the middle attacks. The cost of preventing and mitigating these mounts up, so it is crucial that as far as possible, the core identity verification system is sound, ensuring that they can detect compromised users and increase recognition of verified users.
The danger is that with fraud on the rise, financial institutions are unable to adapt their organisation risk thresholds and that machine learning models are unstable due to changes in baseline behaviours. Financial brands could instead over-correct and prevent customers from making genuine purchases. For example, new customers purchasing large items may be flagged as fraudulent, while fraudsters might go undetected due to a surge in unusual activity that obscures their purchase. The answer in combating fraud, therefore, cannot be draconian checks – which in themselves are hugely costly in an operational sense. Furthermore, as older generations log on to shop for the first time, simple rules like log-in page timeouts, CAPTCHAs and complicated passwords are major hurdles to winning new customers. In this case, authenticating identity must be a simple and background process that does not impede on the user.
The importance of intent
As trends as recent as March are no longer relevant for fraud prevention, companies need to measure transactions against new types of data. Following the lockdown, people’s shopping habits may have changed with consumers purchasing groceries and shopping online. With the old method of aggregating transactions against past behaviours, new purchases for clothes and groceries may be identified as fraudulent. Further, people may have moved or significantly changed their lifestyle.
During the pandemic financial brands need to measure activity against intent data such as recent search history. Intent data either supports or contradicts purchases as it provides context behind each transaction. For example, if someone is spending time searching for a flight to Spain, then a financial brand can identify and approve related purchases such as the flight, or an expensive pair of sunglasses. It can also flag a purchase in a specific location that doesn’t match with their intended destination.
Deterministic factors
Financial institutions must diversify their data sources. One data source might not be enough to identify fraudulent transactions. Finance brands must, therefore, acquire information such as customer behaviour, location and spending in order to determine if an activity is real or not.
If a customer, Jane, bought a latte in London, then minutes later a TV from an IP in Madrid, that once would have been a strong flag for fraud. Now, we know she may have been using a VPN. If we truly understand her, a more informed judgement can be made. For instance, knowing that Jane regularly travels to Madrid and wanted a TV for her second professional home would completely change a finance brand’s perception of the transaction. When marrying deterministic (facts – Jane is in London) with probabilistic measures (Jane goes to Madrid a lot so is more likely to buy a TV for there) you get much more accurate responses and avoid holding up customers unnecessarily.
Companies should find data partners that can help prove or disprove assertions about an individual without having to put the person through identity checks. There are data partners that offer validation of location by mobile phone, for example, or that share recent online spending habits or home rental information. Partnering with a data consortium could allow financial institutions to safely and securely combine insights to create a bigger, more accurate picture of customer behaviour that can help create more confidence and reduce fraud.
Fraudsters are great opportunists and COVD-19 presents a chance to take advantage of fear. The playing field is not level and they know how to take advantage of the environment. However, this is a key opportunity to help provide excellent customer experiences that ensure their online shopping journeys are smooth, and not held back by their bank or credit card company. Financial institutions must be ahead at every turn and ensure they work with identity suppliers able to reduce friction in the purchase process for customers.
