Fighting Fraud in the Era of Real-Time Payments

How “Layering” Fraud Detection Could Help Hasten Detection and Response

October 30, 2018

As real-time payments set a new gold standard for transaction convenience, customers are more empowered than ever before by an expanding choice of payment methods and channels (buy online, ship to home, ship to store, buy at store and ship home, etc.). Parallel to this rise, however, is the demand for faster order fulfillment, and the combination of the two brings about more fraud risk challenges, both online and in-store.

Management of Chargebacks is no easy or inexpensive feat; thus, we’re seeing the demand for interoperable fraud detection reach critical mass at the point of customer payments. As an indicator of this concern, ACI’s “2018 Global Payments Insight” survey found that 61 percent of merchants believe they’re at greater risk of a data breach than a year ago, while 22 percent of merchants have experienced data theft in the last year alone.

Spurred on by Chip-and-PIN requirements and the ability for consumers to store card information on their mobile phones, fraudsters are moving to the online and mobile eCommerce space at a rapid clip, applying various fraud behaviors and tactics including, but not limited to bot attack, credential stuffing and cracking, account takeover, clean fraud, friendly fraud, and coupon or reward cash abuse. Juniper’s latest research found that retailers stand to lose as much as $71 billion globally from fraudulent CNP (Card-Not-Present) transactions over the next five years. The need for interoperable protection is further underscored by ACI’s latest “Global Consumer Trust and Security Perceptions” report, which revealed that 65 percent of consumers in 20 countries would stop shopping with a merchant after experiencing fraud or a data breach.

As payments and data are exchanged more openly, the tools in place to protect them must adapt too. To support this transition, and help merchants protect their bottom line, here are a few things to consider when “layering” different fraud systems under a single cohesive strategy to optimize fraud detection.

Sayonara Siloes, Time for Layered Fraud Detection

A critical component of “layering” is building a system or workflow on which merchants can create visibility into which tools and methods are working well (high fraud detection rates) vs. causing false positives depending on the scenario. For example, “device fingerprinting” does not work in scenarios where goods and services are ordered via phone or store kiosks, while mobile kiosks used in public locations by multiple people cannot track an individual’s purchase habits.

A siloed approach to fraud detection restricts the ability to discover and mitigate emerging fraud behaviors in cross-channel fraud. Criminals use a mixture of customer information to defraud multiple purchase channels in quick succession, which can compound the negative experience a customer has when making a purchase decision.

Failing to recognize the nuances of different fraud detection technologies can also create a program rife with false positives, where legitimate customers are rejected for concerns of fraud, a costly decision that comes at the expense of their interest, merchant revenue and, most importantly, the consumer’s long-term loyalty to the brand. If you didn’t have reasons to sunset a siloed approach to fraud detection, you do now.

Next-Level Layering: Machine Learning & Consortium Data

A second element of successful layering is the introduction of machine learning, a broad field of advanced technology through which merchants can build predictive models to automatically identify valuable transactions, ascertain how they compare to a customer’s purchase history and isolate the potentially fraudulent ones with greater accuracy – all in near-real-time.

Merchants can further improve decision-making in fraud detection by pooling their fraud insights within a consortium framework. This entails merchants, or other like-minded organizations, sharing select pieces of customer intelligence collected from their respective customer profiling techniques, all of which comply with an industry standard such as the Payment Card Industry Data Security Standard. Rather than compromising market share, this open approach allows merchants to flag spoof addresses and suspect consumer behaviors more accurately, by formulating a deeper understanding of their spending habits.

A collaborative approach to verifying transactions with less friction also creates a smoother customer experience and that convenience translates to more business for the industry as a whole.

The Final Word

As merchants adapt to new technologies and expectations for fraud protection in 2018 and beyond, it’s essential that they build cohesion between their different fraud fighting resources, including those of other merchants where possible, so that valuable insights and the revenues they generate don’t slip through the cracks between different systems. Real-time payments may bring tremendous commercial opportunity, but failing to consider how this new dynamic affects fraud risk can quickly trigger negative outcomes that are just as costly.

Erika Dietrich, Director of Risk Management, ACI Worldwide

In this webinar, we review the rise of cloud access control and access control as a service, its advantages and disadvantages, and how to select the optimal cloud access control solution for your company.

Security leaders need to accept and act on this reality and take measured and thoughtful steps to mitigate the risk and train staff about the growing likelihood of such violent incidents in their facilities and workplaces.