Ai Editorial: Fraud prevention isn’t a set it and forget it exercise. It is the role of data in evaluating risk that is the focal point. Also, important for analysts to understand what’s happening and fine-tune the system without making security too strict.
12th April, 2021
It is imperative for a merchant to spot anomalies or a potential fraudulent activity/ any illegitimate act in a swift manner. Experts also point out that not all machine-learning solutions are created equal. This is largely due to how transparent the system is. Since digital fraud is evolving rapidly, what to focus on – whitebox or blackbox machine-learning?
Ai’s Ritesh Gupta spoke to Tamas Kadar, Co-Founder and CEO, SEON, about how to combat a threat and lot more. Excerpts:
Ai: Looking at the speed with which digital payments has shaped up in the last year, what’s your recommendation to travel merchants when it comes to managing payment-related fraud from here on?
Tamas Kadar: Digital fraud is evolving day by day – providers should focus on real-time data collection and a white box machine learning model (easier to explain and interpret) could help to keep up with fraud trends. The former helps you screen out both resellers and helps in the chargeback dispute process in the case of friendly fraud. The latter comes in handy when there is a new fraud threat that needs to be stopped without causing too many false positives.
Ai: How are fraudsters currently targeting the travel sector?
Tamas Kadar: Chargeback fraud rose greatly during the pandemic. Account takeovers and stolen credit cards are still huge, and we expect them to rise as global travel rebounds.
Ai: What would you term to be the biggest challenge in managing fraud today – would it be false positives?
Tamas Kadar: In recent years there was a massive trend towards blackbox machine learning solutions, hoping that it can automate the pain away of fraud management. But it leads to a large number of false positives, which of course cause all sorts of other pains when it comes to handling them, money lost due to customer insults, etc.
We now see that there is a counter-trend, a need for Whitebox solutions, so analysts can understand what’s happening and fine-tune the system without making security too strict. Furthermore, some fraud rings come out of nowhere, and the BlackBox model might not have enough meaningful data about a complex scheme to stop it, whereas a white box solution can identify enough patterns quickly to stop it.
Ai: Considering that mobile plays a pivotal role in commerce today, how are fraudsters finding ways to commit mobile commerce fraud?
Tamas Kadar: Practically everybody now relies on SMS based 2-factor authentication for account security. The problem is that SMS is not a protocol that was designed with security in mind, and we can see a massive increase in SIM swapping attacks across the board. This leads to a serious problem when it comes to account takeovers, as the setup gives a false sense of security which cybercriminals love to abuse.
The other big deal is device spoofing, obviously, it’s very easy to hide a complex fraud operation behind a mobile emulator that seems like a normal customer transacting on their phone.
Ai: There have been interesting discussions around improvising on both traditional/ rules-driven as well as machine learning to combat fraud. What’s your advice to merchants when it comes to working out a solid defense mechanism?
Tamas Kadar: We swear by real-time data enrichment that gives you much more solid input for your rules. Combining that with a white box approach beats almost everything, as the fraud analysts can really understand what’s going on behind the abstract data, what’s the most likely user story, allowing them not just to catch more fraud, but to confidently accept more customers who would be considered too risky under the legacy systems.
Ai: Shopping patterns have evolved – for instance, order during day-time as people mostly worked from home this year. How to ensure there is a balance between security and CX?
Tamas Kadar: Fundamentally, it’s a trust issue. The less you trust the customer you’re dealing with, the more friction you introduce into your purchasing process. Serious fraudsters of course have adjusted to these changes and can find ways to bypass it, but you also end up losing good customers. That’s why we prefer to run a light KYC check in the background that establishes a baseline, that the customer is indeed who they say they are, instead of blanket strict measures.
Ai: How have supervised and unsupervised machine learning shaped up in fraud prevention? Can you comment on their efficacy in the travel sector today?
Tamas Kadar: Blackbox did a great job in eliminating a lot of manual work, but supervised ML is able to reduce false positives and adapt to new fraud trends quickly. We saw last year that in volatile times, cybercriminals are quick to innovate. You can only beat that if you are able to react fast to a changing threat landscape, and supervised ML can help you do just that.
Ai’s upcoming events: https://www.aiconnects.us/events/upcoming-events/