Online fraud prevention is a tough business, especially if you’re a small or medium business being targeted by fraudsters. Whether professional or amateurs, fraudsters A/B test too and try to find weaknesses in your defenses. That is why one of the things you realize very quickly once you fraud prevention team is set up is that there are indeed clear cut good and bad cases, but a lot of the purchases you look at fall in between, in the hard-to-categorize category that’s difficult to make a decision on. That’s part of the reason so many purchases are still reviewed manually, and when reviewed, are usually being decided on incorrectly. In our work with large and small retailers we’ve discovered several of these areas, and we’d like to tell you a bit about why they happen and what we do to solve them.
The approach at the core of Signifyd’s is called “graph traversal”: we understand what people are involved in different actions in your system, where they are and what actions they are doing. We automatically detect whether they are related or completely different people. As a result, Signifyd can point out whether they’re good, bad, and are they who they say they are or maybe someone else altogether. Using predictive algorithms that we’ve been working on for a few years, we can understand that a person isn’t behaving as we’d expect them to. This makes a big difference with the following big problems:
- Mass account compromise: strong businesses have loyal customers. Most businesses retain customers by having them sign up, remember their last used card, and reward their loyalty. That’s a great way to work with consumers, but it does create the risk of compromised accounts.You can never educate all of your customers and prevent them from clicking suspicious links or responding to phishing emails. What happens when many of your accounts suddenly get accessed by the same IP address? The first thing that’s lacking is detection – many retailers have a problem detecting this kind of activity in real time. Even if you can pay a high price for a service to tell you that something like this is happening, what does it mean? Are you being hacked by someone at a university lab or did last week’s promotion finally kick in? Did people just go on an organized tour to Thailand or is your password database compromised? These questions need to be resolved quickly to reduce exposure and prevent rejection of good business.The key to detection and analysis is understanding who’s accessing your system and where from. Are they hiding behind a proxy? Are they connecting from an internet cafe? Many times your accounts will be quickly accessed from a never-before seen machine, in order to evaluate their value before being sold on the black market. These behavior patterns are often very hard to detect since they are so fast and usually only consist of a login and logout. Signifyd looks at connection patterns between accounts to figure out the risky from safe ones, by analyzing which details repeat themselves and at what frequency.
- Excessive shopping: you want your customers to like your business so much that they come back and shop often. What happens, though, when a new customer starts shopping in ever growing amounts? Do you block them, or call them, or just let them go undisturbed? Is an established customer who’s been around for a while but suddenly buys three cellphones legitimate, or is their account hacked? Maybe their kid is feeling lucky?Detecting bad excessive shopping is context dependent. I may shop for multiple items that are related to one another, or to the trip I’m planning, or not at all. I may be visiting friends for the holidays and getting gifts; or I could be a fraudster who stole someone’s identity and is trying to score big and fast. Most businesses don’t have context analysis software that can understand what items are related and do not have the manpower to create a manual database of relations; it’s also hard to automatically find what people are planning to do. As a result, they often both limit good customers from buying and get hit with multiple chargebacks on the same credit card. Using historical (and anonymized) data from multiple retailers is the quickest way for doing so, as long as you can understand how different items and people are related. Signifyd connects multiple businesses to create this reference database and compare shopping behaviors across seasons, industries and shops.
- International shopping: the worst phenomenon we saw with international shoppers is that due to the complications of case review, businesses reject much more international business than they have to (up to 50% of potential business). Lack of standard and identity databases (there’s no AVS checks for address to card links in most countries), various languages that make online information hard to comprehend for review staff and simply different shopping and payment behaviors all complicate accepting international purchases.Being able to connect the person buying the goods with the person receiving them explains a lot; maybe they’re relatives, maybe they’re co-workers. Realizing that, for example, one has an Israeli name that’s connected to a US card and is shopping from an Israeli IP could make sense is an important aspect of graph traversal. Finally, connecting all of these dots automatically, with low false positive rates, is what allows your business to grow into international markets.
Fraud constitutes a problem for retailers, often in the form of limiting their expansion and cost of operation rather than actual losses. Using a solution that provides real time decisions and covers fraud losses lets you expand with less concern and much better margin. Take a look at our website and let us know how we can help you!