January 24, 2018
Static point scoring systems are simply not viable in today’s world of rapidly-metastasizing fraud. Same with fraud history databases—the moment you detect new fraud attacks, fraudsters change devices, addresses, or card numbers.
In essence, you’re always a step behind—fighting the last war and defending against yesterday’s attacks. That’s the state of affairs that is driving the migration to Fraud Detection 2.0.
Fraud Detection 2.0 encompasses fraud detection and prevention solutions that employ artificial intelligence (AI), machine learning, persistent identity, persona linking, mobile device ID, dynamic risk scoring, behavioral biometrics, and more. It’s a move from static to dynamic that strikes at the heart of fraudsters’ increasingly sophisticated capabilities to rapidly change their methods of attack and circumvent passive fraud defenses.
SOURCE: Mercator Advisory Group
Let’s take a closer look at how these next-generation fraud detection systems bring a strategic, multilayered, and proactive approach to risk assessment in online and mobile eCommerce.
Artificial Intelligence (AI) and Machine Learning. These two technologies are often conflated, but they are, in fact, different. AI is the broader concept of devices that appear to think like humans, yet take advantage of the immense power of today’s computing and memory resources to crunch massive data sets in order to render decisions in milliseconds.
Machine learning is the technological underpinning of AI. It enables computers to review data, discern relationships that exist in the data, and then determine what specific actions should be taken for particular data inputs. There are two types of machine learning:
Unsupervised machine learning. Unsupervised methods analyze unlabeled data looking for hidden relationships and structure in order to group data sets, thus establishing clusters of data based on similar (often unrecognized) attributes.
Supervised machine learning. Based on the original input data and desired objective, the algorithm is trained to classify new records correctly. Recent advances enable the training to become continuous after deployment, a technique called ‘online machine learning,’ or just ‘online learning’.
Machine learning is ideally suited for online fraud detection. It’s able to process huge amounts of data to identify fraudulent transactions while reducing false positives at the same time.
Proactive Fraud Detection Tools. A number of next-generation technologies are used to power dynamic fraud detection:
Dynamic Risk Scoring. Dynamic risk scoring algorithms continually update based on each user’s ever-changing profile and the merchant’s continually-evolving risk tolerance (rather than static data in a batch-updated database). Online learning self-learns from every transaction and can predict new and previously unknown fraud types in real-time.
Mobile Device ID. An online survey found that almost 80% of online businesses support mobile transactions, but 14% cannot tell if a transaction originates from a mobile device. With 60% of all fraud originating on mobile, it’s critical that next-generation mobile device ID technology can dynamically detect anomalies, regardless of user input.
Persona Linking. Statistical mathematical plotting algorithms use hundreds of variables to construct dynamic links between Persona attributes, such as number of credit cards, number of email addresses, actual location of the device, mobile or browser-based characteristics, and more.
Behavioral Biometrics. Behavioral biometric solutions collect information about how an individual using a device moves the mouse, swipes the screen, and enters data. When sufficient behavioral information is collected, it’s possible to confirm that the current user is the same as the user on record. It can also detect when the user is NOT the one on record, or is a bot. Further, behavioral biometrics can establish a risk rating associated with each sales transaction and quantify the likelihood that the user is not only a person, but the right person.
Persistent Identity. An extension of behavioral biometrics involves devices and software that continually monitor a user’s voice, face, gait, typing style, and more to create a persistent identity—a constantly updated trust metric for authentication. This biometric identity is nearly impossible for fraudsters to spoof. In fact, future advancements may make persistent identity so reliable that eventually passwords, logins, and other authentication methods will become unnecessary.
Want to know more about the future of Fraud Detection 2.0? Download the white paper “Fraud Detection 2.0: Dynamic Tools For Fighting E-Commerce Fraud”.