11th March, 2020
Ai Editorial: There is much bigger loss in revenue when a merchant declines transactions without taking an initiative to dig deeper. One needs to learn how to manage risk and how the use of machine learning can contribute in the same, writes Ai’s Ritesh Gupta
The way travel merchants differentiate between a fraudulent and legitimate transaction is evolving, and one aspect that has stood out relates to managing the risk.
Rather than avoiding risk altogether, the approach is to pave way for more revenue based on a bigger risk appetite. A key learning: there is much bigger loss in revenue when a merchant simply declines transactions, rather than risking clearing a fraudulent one and learning from what all is being done. The time has come when the focus must be on managing false positives better.
Monica Eaton-Cardone, COO of Chargebacks911, asserts that the fear of fraud is a huge issue, and for merchants, it comes with a burden of $118 billion every year.
“ That’s roughly 20% of total US e-commerce spending in 2019. But here’s the real shock: while $118 billion is an almost unbelievable figure, reports show merchants spend 10 times that much trying to prevent chargeback fraud,” Monica, wrote in a blog post recently.
Doing away with “rules”
Staying away from risk at any cost is reflected in rule-based fraud prevention systems. For instance, rules based on geo-location that could oppose all transactions from one area/ market. Traditional fraud prevention methodology impacted sales in an adverse manner. Fraud prevention specialists chose to avoid taking the risk of accepting a borderline transaction (which could be genuine), resulting in much greater false positives. At the same time, rules deployed (location based, amount based, time based, etc) limit genuine users from making transactions. But today merchants are finding ways to overlook rules when positive behaviour is identified.
On the basis of calculated risks, the system passes the optimized number of transactions while ensuring that chargeback rates are still under control. As a result, borderline genuine transactions can be passed and unnecessary rules and bans are lifted, improving sales greatly. So merchants are drifting away from hard rules and relying on behavioural analysis – evaluating a combination of variables and patterns – a judicious way to obstruct fraudsters/ hackers and yet cut down on false positives at the same time. A more methodical tactic is to craft a risk engine. It blends rules and policies that are optimized through the use of machine learning. Along with this, other methods such as data signals for transactions, real-time behavioral analytics and device fingerprinting, too, are coming into play.
Working out a multi-disciplinary line of attack against fraudsters, featuring technologies - both supervised and unsupervised machine learning - would better prepare merchants for fraud management. Unsupervised machine learning is useful to learn on the fly and spot deceptive patterns even without having been trained with past data, i.e. able to unearth anonymous fraud attacks. Thereafter, predictive analytics may still be used to run the probabilities of fraud, giving a risk score.
Machine learning systems are lending a new dimension to fraud prevention, one that over the years has largely revolved around the use of rule-based systems. This way the industry is gearing up to reduce reliance on hard rules and to filter out fraud while passing more genuine users. However, machine learning systems only provide probability scores - or fraud scores - and would still require a team of manual reviewers to make sense of the score and thereafter a decision to pass or reject a transaction.
Also, it is important to understand that merchants are battling with various types of fraud, and putting the best foot forward is about monitoring and evaluating each for risk. Clearly, the industry is counting on behavioral and situational attributes to apply right friction to the right person at the right time. As Sift points out, it is vital to overlook legacy fraud-fighting solutions. All of this means a merchant is only applying friction in a blanket, indiscriminate way to all users, shoppers and fraudsters alike. With dynamic friction, risk level is assessed in real-time so that merchants can offer safe, convenient, and customized user journeys that only become more accurate and appropriate over time. In case a risk touches a given threshold, extra verification comes it play. If the interactions come across as reliable, that extra authentication is eradicated, providing the shopper a more rationalized experience.
Monica highlighted a couple of aspects related to dynamic friction:
1. A dynamic friction system works out verification for an individual user and it learns as it goes. By assessing data on an ongoing basis, including the analysis of previous interactions, a blanket approach is avoided and such drilling eventually paves way for friction in only certain cases.
2. A merchant’s best customers are subjected to the least amount of friction necessary for secure validation. Legitimate customers proceed with minimal friction.
(Read: How to leverage dynamic friction to only target dodgy shoppers?)
Dynamic friction cuts down the risk of alienating good users and causing false positives. The user journey needs to be evaluated holistically, from end to end; as a user moves through each stage of the journey, each interaction is evaluated for risk. The best part about dynamic friction: make it extremely tough for fraudsters to succeed, and at the same time not hampering the experience of genuine shoppers and them being unaware of the fraud detection mechanisms being used.
Ai’s 2020 conference dates: http://www.airlineinformation.org/upcoming-events2/370-2020-conference-dates.html