Honesty is the best policy, but sometimes people are punished for telling the truth. For example, consider whenever you ask a friend what they think of your new outfit. The expectation is that the friend will compliment you, and you can feel good about your choices. However, if the outfit doesn’t flatter you the way you had hoped, a good friend will tell the truth. As long as the friend was being honest either way, both are considered transparent — even if one could potentially lead to negative consequences. The same can be said for fraud prevention solutions.
As we covered in our first post about fraud prevention myths, the discipline of fraud prevention has changed rapidly over the past five years causing many outdated myths to float around. We first tackled why comprehensive fraud insurance won’t fix everything.
In this next post, we’ll cover the misconceptions that a fraud prevention solution has to provide scores or reason codes to be considered “transparent.” This is not true. Let’s dig into why:
AI and Machine Learning Allow Fraud Prevention to Transcend Rules-Based Systems
There are a lot of misconceptions about transparency in the fraud prevention space. Many vendors will shout about it and point to a simple set of reason codes as proof that they can help customers understand the reason for every decision they make.
Here’s the hard truth: a simple set of reason codes isn’t a feature, it’s a bug.
Reason codes are the result of simplistic technology — a rules-based system that can produce only a limited number of outcomes or a rudimentary use of machine learning. Unfortunately, fraudsters don’t act only within the confines of these restrictions. With scammers using new, sophisticated tactics, their behaviors cannot be boiled down to common reason codes such as, “unrecognized IP” or “address mismatch.”
This is why e-commerce retailers are increasingly turning to advanced machine learning and artificial intelligence (AI).
Consider someone making a purchase from a new device at a San Francisco IP address, via a German language browser, with a shipping address in England. One would think that pattern would be a scammer, right? Not necessarily.
AI with information on that specific online identity could determine that the person is actually completing an order for their paternal grandfather when she is visiting him at home in San Francisco. Clearly, approval is the right decision here, but how do you boil that down to a reason code? Why should that even have a reason code? Retailers can drill into the details of the decision if an investigation becomes necessary to further down the line.
Third-Party Datasets Just Aren’t Going to Cut It
Unfortunately, some vendors distill their assessments down to scores and reason codes because that’s all their dataset will allow. Some solutions knit together data from Tower Data, ThreatMetrix, Emailage, and more – using the total to inform their decisions. Pulling in all this third-party data can create problems because third parties may have conflicting data on an identity that is hard to reconcile, and pulling sources together can prolong decision time.
For example, one third party could have information on an identity that they typically make purchases from an American Express card from Chicago, while another reports the same identity frequently buys from New York with a Mastercard. What both don’t account for is that this individual works from home in Chicago, and frequently make purchases there with his personal credit card, but is also tasked with buying inventory for his company’s New York office with his business card.
Simplicity Isn’t Always a Strong Suit for Fraud Prevention
Fraudsters are increasingly becoming more professional on the road to exploitation. Just as technology has evolved for the defenders, it has also evolved for scammers. If a fraud prevention solution is distilled down to a handful of reason codes or a score, scammers can just reverse engineer the outcomes they want — manipulating the right attributes to affect their score or avoid a predictable reason code.
This is the downfall of simplicity: it is just as attractive to fraudsters as it is initially to retailers. Luckily, as illustrated briefly above, AI and machine learning can be used to stay ahead of scammers. Together, these technologies can address both known and unknown forms of fraud. How? Both AI and machine learning see patterns and by surfacing those patterns, they can pinpoint a blunt force attack, a fraud ring, or new bot behavior.
Back Up Your Transparency with More Than Just Outdated Rules
Transparency does matter, but retailers should not have to settle for less in regards to fraud prevention just because a vendor is being upfront about their techniques. With modern solutions that use AI and machine learning to make informed transaction decisions, e-commerce businesses can feel settled knowing that transparency is backed by data rather than legacy-based rules.