Ai Editorial: Working on apt approach to combat mobile commerce fraud

14th September, 2019

Ai Editorial: The behaviour of consumers when they shop via mobile and what makes such devices risky has to be ascertained. It is must to focus on the right data points to keep a tab on fraudulent transactions originating via mobile devices, writes Ai’s Ritesh Gupta

 

E-commerce players, including ones from the travel sector, are evaluating ways to keep a tab on fraudulent transactions emanating from mobile devices.

It is being acknowledged that merchants must drift away from those data points that aren’t astute pointers in identifying such type of fraud. The behaviour of consumers when they shop via mobile and what makes such devices risky has to be ascertained. When specialists point out that mobile fraud is different from traditional e-commerce fraud, it is owing to the fact that unlike browsing and accessing via a PC, mobile devices result in novel characteristics that obscure the user verification process.

Security measures for a mobile device

E-commerce players must dwell on ways to validate and authorize a purchase as quickly as possible.

For this, there has to be a mechanism for real-time mobile device detection and the journey for mobile orders. All of this isn’t easy. As Riskified points out, the aspects that make mobile commerce attractive and convenient for consumers also result in complex hurdles for merchants when it comes to keeping a tab and authentication mobile orders. Citing an example, the fraud prevention specialist shared that its team ended up unearthing a major botnet fraud ring by evaluating data garnered from consumers’ interaction with merchants’ e-commerce sites and mobile apps. For this, the team delved deep into the journey, starting from whether the order was placed on a mobile device or elsewhere. The team further explained: If mobile, note what type of device — was it an Android device or an iPhone? From here on, assess the starting point for mobile-related orders. Did the shopping originate on a PC and eventually finished the transaction via a mobile device? And was it via a mobile site or an app? Or did the shopper finish it via a traditional site only? If checkout was on a mobile device, it’s vital to identify whether the shopper was accessing the site through a mobile web browser, or the mobile app. By following these steps, a travel retailer can effectively spot the origin, and then plan and executive precise safety measures to combat fraud.

Analysis

Riskified also asserts that merchants “need to discern what is relevant for analysis”. The team refers to few crucial areas:

  • Cellular IP addresses are not unique identifiers. Be careful when it comes to marking a red flag based on this. In fact, lookout for unique identification number associated with such devices. Not easy for fraudsters/ hackers to spoof the same. This identifier would enable the merchant to track the device regardless of the Wi-fi or cellular network the device is using.
  • Remember that completing a transaction while being connected to a new Wi-fi network doesn’t necessarily mean that the order is fraudulent.
  • Riskified’s data shows merchants can safely approve over 94% of mobile orders with a partial AVS match, and over 70% of mobile purchases with a full AVS mismatch. The feeble connection between AVS results and mobile order fraud may be owing to the fact that users find it tough to enter their billing address on mobile devices’ smaller screens.
  • Securing the authentication process starts with the device itself. Using behavioral biometrics, merchants can verify a customer’s identity without making the process difficult for the customer. So focus on behavioral data unique to the mobile channel or focusing more on data that is equally reliable across mobile and desktop channels.” Mobile carrier information, GPS location, and advanced behavioral analytics can all be used. As a specialist in behavioral biometrics, SecuredTouch asserts that the days of static biometric techniques are numbered. Rather merchants now need to dwell upon continuous authentication that features device intelligence, behavioral anomalies. All of this becomes even more important as mobile-related fraud is on the rise, and the behaviour of consumers when they shop via mobile and what makes such devices risky needs to be ascertained.

It all boils to verification of the legitimacy of the user, but considering the usage of today’s devices for shopping and the tricks of fraudsters, merchants need to evolve as well.

 

For Ai’s upcoming events: click here