Ever wondered why Apple releases its most anticipated products around mid-September each year?
While e-commerce sales accounted for about 10 percent of all retail sales in the developed markets, with $1 Trillion forecasted for the United States and 600 million € in the EU alone, the fourth quarter of any year is universally the most important time for any retailer, including the ones who operate online only. With the Black Friday and Cyber Monday over, the Christmas euphoria is gaining momentum, meaning the sales are going strong, especially online.
Quite naturally, more transaction volume brings with it more fraud risks, making this time especially nerve-wracking for the business owners, online merchants, and the risk analysts. With the majority of customers buying with a card over mobile phones, consumers and businesses can become easy targets for the fraudsters.
Fraudulent tactics and behavior
While proportionally the number of fraudulent transactions may not be higher during the holiday season, the atypically high number of transactions on consumers’ accounts at this time of year can make it more difficult to quickly and reliably identify — for both the consumer and the business — if they have been a victim of payments fraud. This is why the anti-fraud logic that online merchants use year-round needs to be adjusted accordingly for the season.
The vast majority of fraud involves the use of payment and card details that have been fraudulently obtained through social engineering, or account takeover, or data breach (hacking). When stolen card data is used for purchases online and is being entered at that store for the first time, it is more difficult to identify a fraudster, but it is possible. First of all, the first transaction with a stolen card may not be successful since criminals do not know how much money they had gained access to. Fraudsters can “test” cards resulting in an incomprehensible choice of goods, accumulate payment refusals, shop only at stores without a 3D secure payment confirmation, change delivery addresses, use different made up names each time, make purchases late at night so that the real owner cannot react. This site behavior can be tracked and analyzed fairly easily.
Fraud can be more dangerous when not just the card data, but entire customer profiles have been compromised. When fraudsters gain access to a customer’s transaction and payment data, risk analysts can still detect fraudulent behavior in several ways to determine they are not dealing with the same user as before. Sudden password change, a new device, a delivery location type (office instead of residential) that differs from the usual one or an address that is radically different can mark transactions as suspicious of fraud.
Before Christmas, as merchants anticipate new purchase patterns, some relax their typical anti-fraud rules, just at the time when it is more difficult to determine a fraudster. This creates a potentially costly situation for a business not only in financial terms, but can also lead to loss of consumer confidence and trust for a brand’s reputation.
Fortunately, with certain tools, this situation can be avoided.
A Hybrid Approach to the Rescue
Keeping false positive rates low while avoiding insulting legitimate users can be achieved when certain dynamic parameters are added to the logic risk. How does this actually work?
Even the most cutting-edge solutions use a blended, part machine, part human intelligence approach.
Historical transactions with fraud alerts, chargebacks, complaints, and other transaction data are first used for machine analysis and compared with industry-specific datasets to uncover patterns of suspicious and trustworthy activity patterns. The more data there is to analyze within a specific vertical, the better the system becomes at detecting and preventing fraud in that area.
Then either a supervised or an unsupervised machine learning algorithm can be developed. Unsupervised machine learning allows risk analysts to approach problems with no exact idea about what the result will look like, but the risk logic will be opaque and not open for interpretation by human risk analysts.
Flexible anti-fraud platforms like Covery use supervised machine learning because it allows using existing human intelligence with unique business knowledge, and then delivers new real-time insights that help risk managers detect anomalies and prevent new forms of fraud.
Fraud Prevention Beyond the Holidays
When human insights that tend to create rigid rules-based systems are blended with machine learning analytics, subtle fraud trends are more quickly uncovered, with the algorithm remaining clear and understood by risk experts.