Threat Management, Network Security

Online fraud detection: Three recommendations

Estimates vary on the global cost of online fraud, but they are all in the billions. The 2013 LexisNexis True Cost of Fraud Study reveals that merchants paid more per dollar of fraud in 2013 as a result of an increased proportion of fraud through online channels. Online fraud cost merchants $3.10 for each dollar of fraud losses, and the main contributor to this higher cost is a 36 percent increase in fraud among merchants accepting online payments.

Online fraud costs organizations more every year, in terms of both actual losses and the amount of money paid out to manage it. Fraud managers have the thorny task of safeguarding their organizations and its customers against fraudsters. New best practices in online fraud detection (OFD) have emerged that advocate a “five layer model.” Below are three core recommendations that discuss the latest tools and techniques to ensure maximum fraud protection.

First, it is imperative to  monitor behavior through continuous profiling of users and accounts through their entire lifecycle across multiple channels, including: desktop and mobile web, mobile apps and call centers. Continuously profiling user behavior empowers two key capabilities. First, it enables fraud managers to detect and respond to fraud sooner, reducing both risk and fraud loss. Second, when the user does reach a transaction point, fraud managers have full context of all their previous actions and behavior to make a better decision on the transaction. This affects revenue in three ways by providing:

  • Holistic behavior information in context to reduce the time manual reviews take.
  • Assurance of the data, enabling acceptance of a greater percentage of orders.
  • Stronger fraud attempt detection, reducing the number of manual reviews.

Second, using a layered approach increases the odds of beating fraudsters. Endpoint, navigation and user/account are the first three layers of fraud detection. All provide powerful tools for recognizing fraud, but when combined, they reveal patterns that could not previously be discovered when the layers were viewed discretely.

An example of the utility of this layered approach is being able to identify a user based on typing patterns and user behavior, even though the user is accessing a site via a new device. This is far more powerful than merely recognizing that the user isn't using the same device as previously.

Fraud detection accuracy sees an extraordinary uplift when these layers are closely knit together. By expanding protection across all five layers, organizations are able to identify anomalies, risks and fraud attempts across channels (such as mobile channels and different brand websites) and by using specialist non-personally identifiable information data networks (layer five).

These layer five data networks analyze user behaviors and billions of other transactions to create a store of anonymous identities that are categorized as good users and users who have been implicated in fraud. These identities remain completely anonymous and adhere to stringent privacy laws. With this collection of identities, an organization is provided an early warning system that is able to alert them when a “bad” user approaches, even if it is the first time the user is approaching one of their sites.

These examples should make it clear that a layered approach is critical. It allows each layer of fraud detection to communicate with the others, identifying behavior and relationships that aren't visible when considering each layer independently – a mistake many firms make. All layers should be monitored in order to ensure robust detection for the three main types of fraud:

  • Use of stolen financial credentials
  • New account fraud
  • Account takeover fraud

The third recommendation is to use account profiling,  layered protection and behavioral analytics. A layered approach enables all fraud detection layers to interact seamlessly, identifying behavior and relationships that aren't visible when considering each layer independently. Allowing layers to communicate with each other enables the discovery of emergent patterns that are impossible to detect otherwise. As a result, organizations are able to detect more fraud and reduce false positives, both of which save money.

Businesses that accept online payments continue to lose billions of dollars annually; they cannot afford a lukewarm OFD strategy. Continuous behavioral monitoring across all fraud detection layers enhances visibility into potential fraud activity. This approach creates a robust detection framework that can reduce costs, increase revenue and preserve brand. With an interconnected, multi-layer approach to OFD, fraud managers can see patterns that they would never otherwise be able to see. Organizations that adopt these three recommendations set themselves up for best-in-class protection from fraudsters.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.