By Felix Eckhardt, Managing Director, and Piet Mahler, Chief Operating Officer, RISK IDENT
The world of technology is constantly evolving. Each day brings new innovations, new systems…and new exploiters. Fraudsters are incessant; they work tirelessly to breach weaknesses in merchants' systems, and so we too must match their efforts.
When fraud isn't fraud
It is important to recognize that it is not always fraud, but retailer's fear of fraud, that hampers retailers. This fear leads to false positives, where a retailer's antifraud setup incorrectly determines that a genuine purchase attempt is fraud, costing the industry millions in lost revenue each year.
Fortunately, there are several methods—including device identification, and linking and analyzing multiple data points—that can effectively identify genuinely fraudulent acts. The problem is that fraud managers can't process all this data alone. The volume simply is too great. When teamed with machine-learning equipped software however, they can scale their fraud strategy and ensure that defenses get stronger over time. This partnership is essential for staying one step ahead of the fraudsters.
Free-thinking approach to fraud
Fraudsters are not hooded figures hunched over laptops in darkened hideouts. They are skilled professionals operating with one sole objective: to extract as much money from digital transactions as possible, as quickly as possible. In order to combat them, we need to counter this exact approach by working towards a single goal and matching their freedom to innovate.
Antifraud technology should center on the customer. Crucial to ensuring the efficacy of this approach is a quick time-to-market delivery, not only in markets that fraudsters target across e-commerce, telecoms and financial services, but in new, emerging markets around the world.
Catering to these markets with industry-leading fraud prevention requires a special kind of problem solver, equipped with the skills and tenacity to pursue an ever-evolving threat. Fortunately, out-the-box thinking is part and parcel of a software engineer's job description, and this, combined with phenomenal technical competencies, facilitates the continual development of innovative products for the sector.
Stepping into the shoes of a fraudster
Thinking like a fraudster requires stepping into the shoes of one. This is exactly the tactic Benedict Cumberbatch's character Sherlock Holmes employs when trying to solve his seemingly impossible cases. The British detective steps into his "Mind Palace," a technique where he mentally revisits his memories so he can link, analyze and work out the true story behind a crime.
Crucial to getting inside a fraudster's mind is to analyze them as such. In order to visualize the potential steps they may take, you need to understand their motivations and trace their actions. Fraudsters do not seek the one-hit wonder; it is never just a single transaction or victim. These criminals work diligently for a series of successes. They are organized professionals, even attending their own secret "conferences" to share best practice. And, with the advent of the dark web and repeated large-scale data breaches, such as those recently highlighted by Ticketmaster and British Airways, their information sources are increasingly productive.
This is what we're up against. This is a game of technological chess, and in order to triumph, you need to know your enemy's next move.
Scaling an approach to fraud
The Spotify model of development inspires many businesses across the tech development community today, who apply their own version of it to match their objectives.
We are equally fond of the OKR mindset—Objectives and Key Results—inspired by Intel and Google. Certain studies have shown that this approach to team structure helps improve productivity and performance by enabling developers to create a mutual commitment to achieving specific targets.
In short, it produces an ambitious yet achievable focus, and gives software engineers and data scientists free rein to decide which method they choose to fulfill this. Defining these targets in our industry is based on the experience and knowledge of fraud experts, combined with regular, honest, unfiltered feedback from merchants on the challenges they're facing.
Fighting fraud in the future
As fraudsters maintain their constant barrage against merchants' defenses, strategies are evolving day by day. However, online commerce also evolves by the day, and at an extraordinary pace. When was the last time you interacted with a retailer, a loan provider, or even your phone company? Chances are you did so online.
This increasingly digital development creates demand for ever faster delivery of products and services, which puts massive pressure on companies—whether the goods be digital or physical, we expect a quick and seamless payment process, followed by the immediate dispatch of goods. This means merchants are now left with a fraction of time in which to confirm whether a transaction is fraudulent. Merchants face a tough call—too many delays and you risk losing customer loyalty, not enough vigilance and you risk valuable goods falling into the hands of fraudsters.
So, the solution is to improve response times for active payments processing and allow quicker fraud decisions to be made. This cannot be achieved by fraud managers alone, and nor can machine learning master the same specialist knowledge of the company fraud officer. The winning formula? Combine the two.
Felix Eckhardt and Piet Mahler are senior executives with RISK IDENT, a software provider that offers anti-fraud solutions to large companies within the e-commerce, telecommunications and financial sectors. Eckhardt, a former CTO of the company, serves as managing director and Mahler is the current Chief Operating Officer. The company specializes in writing scalable software products based on supervised machine learning algorithms. Use cases include payment fraud, account takeovers, identity theft and fraud within consumer lending.