Using Data to Stop Fraud: The Good, The Bad, and The Ugly
When many of us started in the fraud prevention game, we were seeking to detect and prevent “bad” credit card transactions. We measured ourselves on basis points for losses on credit cards, and compared ourselves against our peers and other territories to see how we were going.
Nowadays, many fraud managers are responsible for credit cards, debit cards, proprietary cards, mobile banking transfers, Internet banking transfers - the list goes on. As we get more clever analyzing these transactions, we beg our IT departments for more information so that we can utilize more events such as logons, password changes, phone number changes and additions in our fraud prevention strategies. We also want to incorporate data like scores from malware tools, click stream analysis, and device footprints, to name a few.
All of the events that we now receive for analysis means that our percentage of fraudulent transactions (transactions meaning both financial and non-financial events) has actually gone down. But of course, our losses are not necessarily going away, just moving channels and changing identity.
So, how do we find the proverbial needle in the haystack? The days of alerting for “whitegoods purchase, 2am, foreign country” are long gone. We need to remove as many as possible of these “good” transactions from our pool of data, allowing us to focus in on anomalies that will now be more evident. This is where profiling comes in. Simple methods such as identifying that the customer is logging in to a banking site from the same IP address, with the same device’s footprint, as per their profile. Great. We know them. Remove from further analysis. In other words, remove these good transactions so that we have fewer transactions to sort through while looking for those bad transactions. We might alert when we see a transaction from a small Pacific Island country, but not if we can see that the customer is a frequent visitor. Profiling can take many forms – we can not only profile the customer as an entity; we can profile their individual accounts.
We can also profile the instruments that are used – a financial institution’s debit card product will have entirely different characteristics to that institution’s premium credit card product. We can profile individual merchants and we can profile the merchant’s peer group. Or we can go more granular, and profile individual merchants terminals. Of course, a certain amount of fraud will always slip though; that’s the nature of the beast. But reducing the amount of data you need to analyze will almost certainly make those bad transactions more evident and benefit your fraud prevention and detection strategy going forward.
Oh, and the ugly? There is always something that we haven’t thought of or seen before and just don’t have our defenses ready – SIM swap anyone?
Related Blog Posts
Multi-layered Fraud Strategies are Crucial to Win the Battle against Authorized Push Payment Fraud
This blog was co-authored by ACI’s Jay Floyd and Iain Swaine, head of Cyber Strategy for BioCatch in the EMEA region
Have you ever received a text from your bank asking you to confirm a transaction by replying Yes or No? You then realise you don’t recognize the transaction, reply No, and receive another text instructing you to call a telephone number to discuss this unknown payment further. Suddenly you’re hit with the fear that someone has hacked into your bank account. But, do you ever consider that the text you received was, in fact, a scam?
Helping Merchants Protect Themselves: Cybersecurity Tips from a Former White House CIO
In a world full of open technology, the devices that make our lives easier also leave us vulnerable to being hacked, according to Theresa Payton, former White House CIO and star of the CBS series Hunted. Payton recently joined me for an exclusive ACI cybersecurity webinar, sharing expert insights into how merchants can enable growth, enhance the customer experience and prevent greater instances of fraud.
Why India's Payments Players Need to Fight Fraud with Machine Learning
By 2023, experts are predicting 60 billion UPI (Unified Payments Interface) transactions annually, accounting for more than 50 percent of India’s total digital payments transactions. And it’s estimated that today nearly 50 percent of all real-time payment (RTP) transactions globally are processed in India. It’s an exciting market for payments innovation, with a wide range of digital overlay services available to consumers and merchants, thanks to the introduction of UPI.
The Untapped Opportunity of Machine Learning for Real-Time Payments Fraud Prevention
Artificial Intelligence (AI) is among the buzzwords of the moment, but when it comes to tangible innovations that have the potential to drive rapid ROI, machine learning should be part of every bank or processor’s strategy. No matter the size of the institution.
How Banks and Acquirers Can Deliver on the Benefits of PSD2 SCA Exemptions and Differentiate Their Merchant Services
PSD2 is an opportunity for acquirers to differentiate themselves by delivering improved services to their merchants, if they implement modern solutions to manage SCA exemptions. This will drive the best customer experience in combination with regulatory compliance.
Cooperation, Consultation and Collaboration Are the Keys to Countering CNP Fraud in Australia
As Europe, and other parts of the world ramp up for regulatory changes around PSD2, Australia is about to launch its own strategy to combat Card Not Present (CNP) fraud.
PSD2 and Strong Customer Authentication – What's in Store for Merchants?
With the final pieces of the Payment Services Directive (PSD2) puzzle coming together, payments businesses are highly focused on meeting their compliance obligations. But the forthcoming changes will affect everyone in the payments chain – and it’s important for merchants and PSPs to understand the practical implications for their businesses and customer relationships.
Why Banks Must Democratize Machine Learning for Fraud Prevention and Payments Intelligence
Banks are already actively on the path to digital transformation, considering new technologies, new customer experiences and new business models. A critical piece of this digital transformation centers on better understanding the wealth of data within the banks’ systems and mining it for improved customer insight. In the New Payments Ecosystem, data is as valuable to the bank and its customers as the deposits held in their accounts, and it should be protected, and leveraged for the benefit of the customer.
Payments and Fraud: The Paradox Twins
Digital commerce through web and mobile is where merchants predominantly experience shopper growth today. This has become a hugely important domain for their focus. It offers a means for international growth, new market penetration and a way to engage with shopper-hungry Millennials in their culture. Merchants frequently adopt a Digital-First, eCommerce-First or Mobile-First strategy to ensure full corporate buy-in to this strategy.
Building Trust in Open Banking with Behavioral Biometrics and Machine Learning
Strategies for fraud prevention in payments are having to evolve quickly, as new technologies emerge and digitalization of the banking ecosystem continues at pace. I spoke with Giselle Lindley, Principal Financial Crime Consultant at ACI Worldwide and Tim Dalgleish, Head of Threat Analytics, Asia Pacific at BioCatch to understand how financial institutions can use payments intelligence to build trust in this challenging environment.