With all the positive change and innovation happening in payments, there’s an unfortunate correlation with challenges and threats.
Innovation builds the business and stays stride-for-stride with the digital-first consumer. But right behind those consumers come the fraudsters representing the challenges and threats. Want instant payments? They have instant fraud.
To battle the fraudsters — to make it too costly and time consuming to ply their trades — it’s time for financial institutions (FIs) to adopt the vaccine approach. In other words: The approach may not be 100 percent effective, but without it, firms don’t stand a chance. And like the vaccines against COVID-19, it’s an approach that does the job well enough to protect the vulnerable.
As Featurespace Founder David Excell told PYMNTS Karen Webster, FIs must address fraud from every aspect of the transaction in order to gain maximum protection. That examination is intimately tied to the consumer journey, pre-, during and post-payment. Along the way, with the aid of advanced technologies, FIs can separate behavior from intent, which separates the bad guys from good customers. That entails a shift in how FIs examine commerce.
“It’s about looking at the transaction within the channel,” he said. “And that is usually where a lot of the strategy decisions [from FIs] are made about fighting fraud — within a debit card set of transactions or within ACH or my checks.”
But a more modern approach to fraud fighting demands that banks and other financial services providers know as much about their consumer as they can. They need the proper insight into how consumers pay for goods and services and how they interact with different companies. That knowledge can be leveraged to authenticate consumers and even anticipate transactions, while uncovering efforts to mimic “true” behaviors and impersonate legitimate consumers.
Diving Into The Customer Journey
Changing the mindset and the approach to consumer interactions demands that FIs insert themselves into the actual commerce journey and gather the best data available that can be used in crafting the most robust fraud strategy. Excell noted that collecting the data across far-flung silos within FIs is just a starting point — and it’s no easy task. But it’s an urgent one, considering that fraudsters are doing everything they can to use what data they can pilfer in the never-ending bid to construct synthetic identities and gain access to bank accounts and raid them or conduct credit fraud.
“There are always new use cases in fraud,” he said. “And the current environment — the relative anonymity in the eCommerce age, the use of devices — has provided strong cover,” he said.
Just knowing and protecting usernames and passwords is not enough, said Excell, because that data can be compromised. Device-related metrics are not always perfect lines of defense, either.
“We’re often working in an imperfect world where we don’t have all of that data,” Excell said. “We can’t see the circumstance around the consumer when they’re making that purchase other than subtle clues that we can potentially have around — especially — life changing events, like having a new baby or moving to a new house or getting married. All of those types of things sort of have certain intent and behavior and perception around them.”
Observing the minutiae of what consumers do when they go online through those very interactions, and when they are actively working with their FIs, can provide the tells that tip FIs to who’s acting right and who is not, he said. Do they always go and check their balance? Do they look at the last 10 transactions they made to recognize them? This information illuminates what is individual about online consumers, well beyond the basic checking and savings accounts activity.
As Excell put it: “You can start to understand, well, what is the information and what is their experience when they go through that digital platform?”
A fraudster might just check in to see the balance or move straight to setting up online accounts. It’s the perception of an action — the perception aided by data — that can help an FI assess the probabilities that malicious intent is underway. And that can make all the difference.
Artificial intelligence (AI), among other high-tech tools, including behavioral analytics, can observe as consumers open accounts, move money or push money to other accounts and beneficiaries, creating a sense of context.
“They need to go back and interact with the website, they may need to use the same browser version or the same operating [system] … all of those types of things, to try to impersonate back to the actual consumer,” Excell said. “If we’re able to detect differences in what the product is doing compared to what the individual would typically do,” the fraud can be stopped in its tracks.
Verifying Intent
Excell noted that verifying intent — gaining assurance from consumers that they do indeed want to make a transaction or open an account — might introduce a bit of friction in the process, but it might cement loyalty, too.
“Sometimes I may feel that I want the bank to challenge me because then I know that they are treating my money safely, and it wouldn’t be as easy for someone else to go and access that account,” said Excell.
And upon finding that the action that might seem suspect may indeed be a work of fraud, it’s important that the FI have the ability to take control away from the individual, terminating the online session or sending a one-time challenge that, in effect, acts as a gateway to verifying an individual, which is of increasing importance in the age of real-time payments. All of this friction serves to make things harder for the fraudster — to use their greed against them or dissuade them from further efforts.
“The fraudsters are operating as a business,” Excell said. “They’ve got a bottom line, they’ve got costs and … they’re trying to be as profitable as they can. So how do you add in the friction, and how do you make it as hard for them to commit the fraud as possible?”
High-value transactions are low-hanging fruit, he noted. So, making those payments hard to co-opt or access in the first place is critical (splitting them into multiple transactions is one way to go). Consumer data can not only prevent fraud, but it’s useful in new product development and innovation — and sharing findings across the financial services ecosystem to standardize and share best practices.
Battling fraud in the context of the payments journey, said Excell, “is about making sure that we’re protecting the consumer’s information, protecting their money, ultimately making sure that they have that highest level of trust with their financial institution.”