• Tushar Shah, VP Enterprise Services Platforms at PayPal


• 25.04.2019 06:30 am
AI , cybersecurity

Digital transformation has ushered in a new era of innovation-fuelled growth that is revolutionising the way businesses interact with their customers. In doing so, many of these same businesses have become unwitting victims of their own success and are attracting a new breed of fraudsters. These fraudsters are increasingly agile, operating across borders and using sophisticated tools and techniques to stay hidden in an attempt to trick risk teams.

To protect themselves, businesses need to respond with technological advances of their own to protect the bottom line, meet compliance requirements and manage and safeguard corporate reputation. This is where AI-powered systems can generate unique insights into threat patterns and behaviours and accelerate responses, all the while preserving the customer experience.

Digital profits mean digital fraud

If you were ever in any doubt of the size and scale that the digital opportunity for business offers just look at the latest predictions of global e-commerce sales, set to top $3.4 trillion (£2.4 trillion) this year.[i] Or consider the World Bank’s estimate that $380 billion (£287 billion) could be generated from reducing the global unbanked population.[ii] Closer to home, 79 percent of UK business leaders said last year that digital transformation is a strategic priority, and those who said so are three-times more likely to be confident about future growth, according to Vodafone.[iii]

The challenge facing these organisations is how to reap the competitive advantages and efficiencies associated with digital transformation while keeping fraudsters at bay. Around $130 billion (£98 billion) will be lost by global retailers through card not present (CNP) fraud between 2018 and 2023, according to Juniper Research.[iv] In the UK, online retail fraud jumped by 24 percent year-on-year in the first half of 2018, while fraudulent applications for new cards also increased sharply (12 percent), according to Cifas.[v]

Firms need to find a way to drive conversions and keep on enhancing the customer experience whilst spotting fraudulent transactions, minimising operational overheads and meeting strict regulatory requirements. In the financial sector, new PSD2 and Open Banking rules will later this year enforce Strong Customer Authentication (SCA) which, if not handled correctly, could introduce major customer friction for retailers. In this scenario, the remedy may be worse than the disease, if it leads to abandoned shopping carts.

Out with the old

The problem with many legacy approaches - like linear models and point intelligence products - is that they can’t keep pace with the dynamic nature of modern fraud. The data they work from is often siloed and insufficient in scope and freshness to drive informed decisions. New rules can take weeks to test, so they are out of date before they’ve even been approved. The resulting lack of insight can generate too many manual reviews, overwhelming risk teams, damaging the customer experience and increasing operational overheads.

The truth is that fraudsters have access to a huge amount of personally identifiable information (PII) data today thanks to the ongoing epidemic of data breaches affecting global firms. According to one vendor, over 3.3 billion records were breached in the first half of 2018 alone.[vi] Fraudsters can stitch together this information and/or create new synthetic identities to commit fraud, and often use anonymizing tools to hide their true identity and automated bots to test credentials and mimic human behaviour en masse.

The power of AI

The time has come to fight fire with fire. If fraudsters are using advanced tools to harness customer data in their attacks, organisations must turn to emerging tools like AI and machine learning to generate unique insights from identity data. The trick is to analyse large volumes of this data from as wide a range of internal and third-party sources as possible, including device intelligence; transaction, third-party, session and historical data; global blacklists, and much more.

Then it’s about applying multiple machine learning models to generate key fraud insights. The crucial point here is to support the expertise of human fraud analysts. The machine learning models should take manual rules built by experienced teams and then use them to continually detect anomalous patterns which may be missed by human eyes. In this way, fraud prevention efforts are customised to the individual organisation and combine the best of human and machine intelligence. 

Organisations need to drive value from fraud prevention by blocking bad transactions whilst minimising friction and manual reviews. It means having the confidence to launch innovative new services to get closer to your customers whilst having the assurance that, even as fraud patterns change, your AI is smart enough to evolve accordingly.