First published on 21st December, 2016
Ai Editorial: Real-time automated fraud prevention means that the fraud solution is fully automated to make real time decisions, without any need for manual reviews at all. How far are we from attaining this, explores Ai’s Ritesh Gupta
Commerce today is about seamless movement between devices, and this also means one-click or no-checkout options in an omni-channel environment.
With all this, security is certainly the issue, and in an increasingly global world, so is the ability to accept a variety of payment methods, currencies and devices. Customers want to be able to shop and buy, no matter where they are or which channel they're on – offline, online, mobile, app. Airlines and brands must position their products, goods and services for all channels – keeping in mind that customers of tomorrow will increasingly be interacting primarily or solely from mobile devices.
On the fraud front, improvements in biometrics, authentication, verification and identification will gradually reduce the risk of fraud. The blockchain process, developed for cryptocurrency verification and authentication, holds a lot of promise for increased payment protection in the mobile environment.
Better fraud management
The workload on financial institutions has risen with the advent of real-time payments.
Key components of real-time transactions include certification of payment, availability of funds, instant settlement and confirmation of the transaction. The industry has had to figure out configuration for inter-bank settlement, and also core processes should be available in an unbroken manner. As Accenture points out, considerations include real-time settlement of every payment or deferred net settlement, loss-sharing agreements or prefunding of settlement accounts etc. Global payment infrastructure has been moving toward faster payments and real-time settlement. So considering new ways in which transactions are happening, say via mobile, how this demands better fraud management effort?
Justin Lie, Group CEO, CashShield, a SaaS based self-learning fraud prevention solution for ecommerce, says a decade ago, the payment landscape was largely dominated by banks, and these banks set in place industry security standards and protocol to protect merchants and themselves from breaches and hacks. “However, with the rise of financial technology or FinTech, so has the number of FinTech companies. With more than 9000 companies currently around, and with the number expected to grow, the number of points of breaches have grown as well, since these FinTech companies do have to deploy or adhere to the same security and safety protocol that the banks stick to for protection. Here, the entire payment ecosystem on the whole has weakened with a larger number of fail points,” says Lie.
In addition, traditional rule based fraud solutions require manual reviews to be done before the settlement period (normally the next day after the transaction is processed).
“Real time settlement will greatly hinder these conventional solutions since they will have to either auto accept or reject these manual reviews to process payment,” says Lie.
He says to deal with this, merchants have to either accept almost all transactions (thus increasing chargeback rates) or reject seemingly risky transactions quickly (thus lowering conversion rates). This traditional fraud management is seen as static defence, but it has become evident that such traditional methods are falling behind newer methods that fraudsters are designing to launch their attacks.
“With new channels of payments such as mobile or NFC, more creative modes of fraud are expected to appear. It is important for us to transit then, instead, to active surveillance by deploying big data user and entity analytics to understand the user behaviour behind each transaction. Considering that most fraud attacks come as a coordinated attempt from a single script, automated to maximize the number of hits in the least amount of time possible, they will leave behind a pattern that can only be detected by understanding user behaviour. Even as new forms of payments become popular and mainstream, active surveillance will be more relevant (rather than static defence) and effective in dealing with fraudsters,” explained Lie.
Mobile as a platform for transactions is facilitating new ways of payments.
But mobile fraud is relatively more challenging to handle.
“It is so (mobile fraud is challenging to merchants) as transactions that are made through mobiles collect less information than web transactions, and therefore look much more similar. Without the appropriate technology or expertise, it is difficult for merchants to be able to differentiate between the real or fraudulent orders. As a result, higher costs are incurred, which includes the greater chargeback rates, lengthier time for manual reviews and bad service rendered to users,” said Lie.
Even though, the risk of fraud is greater as there are additional hindrances when it comes to cardholder and device authentication, apps like Apple Pay and Samsung Pay could actually help deter fraud. Both of these apps rely on biometric fingerprint technology in order to authorize a transaction. Therefore, in order for the user to authorize a transaction, the cardholder needs to provide a fingerprint. Not only is this a strong deterrent against unauthorized transactions, but the customer’s fingerprint attached to a transaction is very compelling evidence in the merchant’s favor in the event of friendly fraud.
Real-time automated fraud prevention
Lie says most existing fraud solutions around are still quite far away from achieving real time automation.
While more and more solutions on the market are currently using machine learning to detect fraud, these types of machine learning rely heavily on training data sets to predict probabilities (as opposed to real time automated decisions). These data sets are based on new fraud trends from either
(1) filed chargeback information as historical data (which could be at least 30-90 days old) or
(2) from human intelligence of the large risk analyst team to manually provide inputs.
“The way these machine learning algorithms are designed forces the solution to rely on these training data sets, requiring at least 10-30 days (or even months) of training. As a result, the long training gap and the reliance on training data sets prevents the solution from making decisions instantly, but rather only allows it make predictions of the probability of fraud,” says Lie.
He says real time machine learning is required for real time automated fraud prevention. Real time machine learning means that the fraud system is able to learn instantly on the fly with each new incoming transaction, and requires no lag time or historical training data sets to provide information on the new transaction. Consequently, the system is able to make optimized decisions instantly, without the need for manual reviews.
However, it seems like it will still take 2-3 years for the industry to switch from predictive models of machine learning towards real time machine learning, due to the rarity of such solutions.
Are you bold enough to survive in the brave new world? Assess your preparedness at 11th Airline & Travel Payments Summit (ATPS).
Date: 03 May 2017 - 05 May 2017
Location: Berlin, Germany
For information, click here
Follow Ai on Twitter: @Ai_Connects_Us