True anitfraud strategies aren’t just about preventing losses from fraud. They’re about proactive fraud detection and prevention, or the ability to see around corners and stop fraud before it happens — not after. Gaining that ability has been particularly challenging for financial services and fintech companies, especially since 2020.
“Since bank branches and financial offices were either closed or had reduced hours in 2020, many companies had to accelerate online business,” explained David Mattei, Senior Analyst for Aite Group. “The acceleration meant financial companies had to adapt to this thing we called ‘digital newbies.’ These are people who primarily went in-branch to get their services but became first-time users of digital channels to do their banking.”
Unfortunately, once banks and financial institutions went online to help their customers, bad actors weren’t far behind. Among financial institutions, Aite Group found, online and mobile fraud losses rose significantly between 2018 and 2020. 27% of financial institutions surveyed said online losses were up 10% or more. And 20% said mobile fraud losses were up 10% or more. So what can financial institutions and fintech companies do?
In a recent webinar, “Frictionless Fraud Prevention in FinTech,” experts from Kount, Equifax, and Aite Group outlined three key elements for proactive fraud prevention: adaptive authentication, deep data insights, and physical and digital identity elements
1. Adaptive authentication for frictionless customer login experiences
Adaptive authentication is the ability to authenticate a user’s identity at login according to their level of identity trust. When a user’s activity exhibits low levels of trust, banks and financial institutions can challenge that activity through step-up or multifactor authentication (MFA). The right tools can determine a user’s trust levels according to their geolocation, account age, device used, transaction velocity, IP risk, billing address, and more.
Adaptive authentication is essential for preventing account takeover fraud, which is growing in the financial industry. 32% of financial institutions surveyed said account takeover attack rates are up 10% or more today, compared to attack rates before the pandemic, according to Aite Group. Not only can adaptive authentication prevent account takeover attacks, but it can also create frictionless login experiences for new and returning customers. This is especially valuable for fintech companies and banks whose customer bases are expanding.
“As we start to see younger consumers seek out financial services, fraud mitigation strategies need to be refined to incorporate evolving consumer behavior,” explained Benjamin Teal, Fintech and AltFi Industry Expert for Equifax. “We know that younger consumers are digitally native and have fewer obligations requiring them to remain in one place. They engage in behavior that looks very different to older consumers. Sophisticated strategies will factor in these generational differences and create experiences that lead to higher conversion while keeping bad actors out.”
2. Deep data insights to determine identity trust
These days, fintech companies and financial institutions need more than more than payments-related data to make accurate identity trust decisions. Identity trust is the level of trustworthiness behind every account creation, login, application, and payment event on a bank or financial institution’s website or app. Having enough data to make a good decision about an event takes location ID data, digital identifier data, and unique customer data, in addition to payments data.
“It’s not necessarily enough to just look at payments data to compete against some of the largest banks and card brands, which have massive data networks,” explained Shawn O’Neill, Enterprise Account Executive for Kount. “When it comes to payments-related data, it’s really easy for big banks to say they know what a normal payment looks like and therefore know what an abnormal payment looks like. And that’s true, but you need more than that to make the best decisions.”
O’Neill asserts that other indicators of fraud include country codes, geolocations, BINs, transaction amounts, and email addresses. And all those elements need to be linked across a global network of fraud and trust-related signals. When financial institutions combine payments data with all known elements — all fraud and trust signals related to an event — they get a more accurate picture of what’s normal.
3. Physical and digital identity elements for accurate risk assessment
Finally, Kount’s webinar panelists said that proactive fraud prevention for fintech and financial institutions requires complete identity trust profiles for each user. A complete identity trust profile is made up of physical and digital identity elements that, when combined, make for accurate risk assessment.
Physical identity elements include addresses, phone numbers, Social Security numbers, tax IDs, payroll information, and credit histories. Digital identity elements include device information, email addresses, geolocations, payment information, account creations and login behavior, and account modification information. Having complete profiles can give fintech companies and financial institutions more confidence in how users interact with their services.
“This idea of a complete digital identity also applies to the concept of ‘digital newbies,’” O’Neill said. “For example, my mother and father are super conservative when it comes to digital adoption. They were not even the type of folks who would mail in their mortgage payments. But, now, my mom is probably one of Kroger’s biggest online customers. But she has a different identity trust profile than, say, my wife and even my kids. So someone who sits on a fraud security and risk team needs to be able to assess risk based on complete profiles.”
Access key elements for fintech fraud prevention in one platform
Adaptive authentication, deep data insights, and combined physical and digital identity elements are essential in fraud prevention. And accessing them from one platform isn’t impossible. Kount’s Identity Trust Platform allows fintech companies to combine physical and digital identity elements to establish trust behind each account creation, login, and payment event.
Kount’s platform is built on the Identity Trust Global Network, the largest data network of trust and fraud-related signals. The global network links payments data, location ID data, and digital identifier data from billions of global, annual interactions to drive accurate identity trust decisions in milliseconds. Meanwhile, Kount’s advanced AI links global network data using unsupervised and supervised machine learning to protect against new and existing fraud attacks.
Fintech companies can use data and advanced AI to block or challenge low-trust events and create frictionless experiences for high-trust events. They can also use tools like Kount Control to challenge low-trust login activity with multi-factor authentication (MFA) and deliver frictionless experiences for high-trust activity and good customers. Not only does the platform block digital fraud and stop account takeover attacks in real time, but its deep data analytics can inform future fraud strategies.