Artificial intelligence (AI) and machine learning (ML) are helping merchants and online platforms get smarter about detecting risk.
The bad guys have high tech too. Deepfakes are gaining ground, along with synthetic identities. Major payments players are fighting back with a unity of sophisticated AI, ML and a mountain of data that outsmarts cyberthieves before they score.
Think of it as robot versus robot.
As PayPal’s Arthi Rajan Makhija, senior vice president of global fraud risk, digital identity and Platform-as-a-Service, told PYMNTS, the stakes are high.
“In this incredible acceleration to digital commerce that we have seen, particularly in the last two years since COVID, many different types of consumers are coming online for the first time,” she said. “You have the traditional, tech-savvy, educated consumer base. But we also have a consumer base coming online that doesn’t typically interact much in a digital ecosystem.”
And as PYMNTS data has shown, as many as two-thirds of consumers are inclined to abandon a merchant if there is a single incident of fraud or data theft. The merchants are aware of the problem and are on track to invest tens of billions of dollars in fraud prevention efforts through the next five years.
Drilling down a bit, it becomes apparent that certain payment types and transactions are gaining traction — not just with consumers and merchants, but with fraudsters as well. Buy now, pay later (BNPL) stands out here, with PayPal having a significant presence in that market.
As Makhija noted, while traditional types of fraud may attack BNPL activity — think account takeovers, synthetic IDs and the like — there are additional potential concerns and nuances that must be considered from a credit underwriting perspective.
For now, identity is king, and is the way toward a truly passwordless future. But establishing and authenticating identity involves a tradeoff between friction and ensuring the great customer experience that is promised by digital platforms and payments.
The Chargebacks
Merchants have their own challenges, as they must tackle shipping, logistics and unforeseen supply challenges — and they have to protect themselves against chargebacks. That’s especially true with cross-border enablement, which is a huge value-add in the age of pandemic-spurred digital commerce.
There’s the desire to use alterative data sources, and the platform model that looks for a streamlined and “light” onboarding experience. In the meantime, the standard technologies and processes used to safeguard data — the password chief among them — are losing some of their effectiveness. The rule of thumb might be to assume that any password has been compromised and is floating around on the dark web.
If the common problem is the password, there are several ways of finding the solution. Fingerprint biometrics, said Makhija, can enable repeat customer transactions without introducing much friction into the mix. Device-level data — location, for example — can be useful as well. So can “one-touch” authentication, which extends authenticated credentials across devices.
Looking ahead, said Makhija, “we will have to go to a combination of biometrics — whether it is unlocking [identity] through facial recognition or through a combination of face, fingerprint voice, etc., based on the situation and the setting. So, it can’t be one size fits all. It’s very much dependent on the context of interaction, whether a user is online or transacting in an offline environment.”
Over the next 12 to 18 months, she predicted that passwords will still be in the picture, as it’s hard to change consumer behavior. And even as new technologies emerge, no one is going to rest on their laurels.
As Makhija said, “for all of the things you can put out there from a fraud mitigation protection standpoint, whether it’s biometric-based authentication [including voice and even facial biometrics], I think you can safely bet that fraudsters are getting more advanced.”
For the eCommerce ecosystem, the investments in AI and ML aren’t really differentiators — they’re fundamental to staying ahead of fraudsters, whom Makhija likened to “quality testers” of anti-fraud systems and technology investments.
“All of the best investments and the best success stories are only good until the next major fraud attack,” she told PYMNTS.