Fraud and cybersecurity are two of the biggest risks challenging organizations and the economy today. Fraud has become its own industry, to the tune of $500 billion in estimated losses annually to the global economy.
Increasingly, the public seems resigned to the idea that such compromises are the new normal. An estimated 1.9 million records are compromised every day, and news of breaches seems to break constantly. All of this produces a kind of fraud fatigue that may be lowering consumers’ expectations for identity and online security. Still, businesses must continue their efforts to prevent fraud attacks to protect all parties’ interests. The rapid growth of fraud-related activity only reinforces the need for aggressive fraud prevention strategies and the adoption of new technology to prepare for the latest emerging cybersecurity threats.
Many businesses understand that combining data and technology to strengthen their fraud risk strategies can help reduce losses. Ever-evolving fraud schemes, changes in regulatory requirements and the advent of new digital initiatives make it difficult for businesses to manage all of the tools needed to keep up with the relentless pace of change. The systems used internally by businesses have become increasingly complex, expensive, and difficult to integrate and manage. This complexity tests an organization’s ability to scale in response to new risks quickly and causes too much friction for customers, often resulting in a bad customer experience.
These challenges highlight the need to improve the effectiveness of current processes and future technology roadmaps. The good news is that we know the elements needed to strengthen fraud risk strategies already exist. The question most often asked is how to utilize them, so I’ve put together strategies that I think are most important.
First, a multi-layered authentication and risk-based approach is the best method to prevent fraud. This aligns with the National Institute of Standards and Technology’s efforts to establish standards and guidelines for identity-proofing and credential management for consumers.
The most successful companies in this mission are those that take a comprehensive approach with true customer intelligence. Rather than rely on a single data point, these companies ensure they use multiple sources and types of data, for examples, combining personally identifiable information (PII) with digital identity or device intelligence. The combination of these seemingly disparate types of data not only offers a better picture of the customer but also makes it easier to identify when a fraudster has compromised the identity.
Those same companies are now able to frustrate criminals by broadening from a focus solely on the accuracy of an identity to looking at the use patterns associated with that identity as well. This strategy does two important things:
- Determine which identities—or pieces of identities—are potentially in use by someone other than their true owner
- Isolate those identity attributes that a criminal must re-use because changing them every time is too costly and complicated
Fraud-detection algorithms that analyze use patterns have long focused on the re-use of data elements through link analysis to identify common phone numbers and addresses. This represents a fairly basic approach to detecting fraud, but the sophistication of this type of analysis is evolving. Newer solutions on the market can link a wide variety of data elements in a user-driven manner within the customer’s enterprise so it is both dynamic and focused on fraud trends that impact a specific business.
Companies have also learned to avoid silos or have at least figured out how to build a bridge between silos so information can not only be shared but also leveraged in order to protect both the business and the customer while providing a better overall experience.
Lastly, organizations are recognizing when they are not getting full value out of the many fraud systems and products they use, and are making the strategic decision to rectify it through shared technology platforms that improve efforts to detect and respond to emerging threats. Combining all new and existing fraud solutions into one platform lets companies quickly respond to new threats, which means less fraud and more confidence in transactions.
By creating true customer intelligence, sharing it across the organization and then leveraging all of their available systems and tools, the most successful companies take a more open approach, which allows them to create greater operational efficiency by getting more out of existing fraud and identity systems. They also are able to deploy new fraud detection capabilities effectively and decrease the time it takes to go to market with new tools and strategies. Keeping more control in the hands of the fraud team to adapt and deploy strategies that match the pace of fraud also reduces the burdens on IT and data science teams.
The cycle of fraud loss and deterioration of the customer experience characterizes life in today’s globally connected digital world. With crime rings stepping up the scale, sophistication, and velocity of their attacks, it’s likely that such threats will persist and even increase in the foreseeable future.
The evolution of fraud prevention has shifted, allowing for users to create intelligence across an enterprise connected to internal applications and third-party solutions. This evolution strengthens fraud risk strategies and improves compliance. The link between data and technology ultimately determines the impact on overall fraud losses.