Provider & Fraud Knowledge – Square One

It’s tempting to approach fraud management in the same manner I assemble my son’s toys. Start at step 7, jump to 15, let out a few gasps, an occasional holler… and settle on whatever mix of parts you can jam together. Lucky for me, a toddler is often just as happy to play with the box as the actual toy. Businesses with online fraud problems aren’t quite as fortunate.

With respect to online fraud management, I find it beneficial to to revert back to square one. Learn about the different pieces and parts. Get a high level understanding of your options. And while there aren’t any one set of instructions, you will have a good foundation of knowledge and be able to move through your buying journey with confidence.

Here are some definitions for various fraud concepts and provider classifications. They hopefully lay the groundwork and/or fill in some gaps. As always, people vary on the specific language and groupings. This is ours. If you have additions/changes that you think would improve this list, we welcome all feedback.

Enjoy!

 

Provider – Functionality

Platform & Decision Engine

These solutions offer a fraud prevention platform that can manage fraud at various touch points, producing risk decisions and/or scores. Rules engines and/or machine learning are at the heart of these solutions, deployed with varying methodologies. While the core functionality is the same, these solutions can vary greatly in technology, fraud/vertical coverage and other distinguishing features.

Identity & Authentication

These solutions sit at the authentication stage of the fraud continuum, focusing on verifying digital identities and mitigating identity and account fraud. While also incorporated in some platform & decisions engines, these solutions are known for utilizing behavioral analytics, biometrics and device identification to authenticate users and protect accounts. These approaches and practices often roll up into higher level methodologies like multi-factor authentication (MFA) and risk-based authentication (RBA).

Identity & Data Verification

These solutions also verify digital identities, but their core functionality is leveraging identity data at scale. Whether via API calls or web tools, these solutions verify numerous identity attributes to help businesses confirm legitimate customers at various touchpoints.

Chargeback Management

These solutions are dedicated to investigating and winning chargeback disputes through in-depth research and domain expertise. While some solutions manage chargebacks, these solutions differentiate with a dedicated focus on this layer of fraud management.

Network & Alerts

Secure networks and alerts between industry stakeholders to identify and prevent fraudulent transactions, outside of the traditional payment network.

KYC & AML

Verifying the digital identities of your customers in order to comply with regulatory mandates. Anti-Money Laundering (AML) is the largest use case for verifying identities in this capacity, commonly referred to as Know Your Customer (KYC).

 

Technology & Data

Biometrics

The use of distinctive, measurable physiological characteristics to verify an individual’s identity. Physical biometric analysis includes techniques such as retinal scans, fingerprints and voice prints. Passive biometrics use behavioral data to authenticate, identifying anomalies to develop behavioral risk profiles. While subtle differences, passive biometrics are similar to behavioral analytics.

Behavioral Analytics

The analysis of behavioral traits, signals and patterns as individuals interact with various devices online. Anomaly detection and atypical behavior help understand high risk behavior and verify digital identities.

Machine Learning

A subset of artificial intelligence, machine learning has the capacity to learn over time without being explicitly programmed. It can ingest a large amount of data and detect patterns and anomalies at scale. Machine learning models are trained to make risk decisions and/or generate a risk scores. For now, we are including supervised and unsupervised machine learning under the same category.

Rules Engine

Fraud rules are algorithms that use specific attributes and parameters. A Rules engine allows for the creation and management of these fraud rules in order to make risk decisions and/or generate a risk score. While not self-learning in nature, rules engines enable analysts to test, modify and improve rule performance.

Device Identification

Identifying and tracking device activity by capturing and evaluating multiple device signals, commonly referred to as a fingerprint or DI print. Device registration and networks of coordinated device intelligence also assist in identifying and understanding device behavior.

IP & Geolocation

The utilization of an IP address, along with other device signals, to determine location and assess matches. Proxy detection rolls up into this broader category.

Identity Data at Scale

The cultivation and utilization of massive amounts of identity data to verify digital identities. This can be done through API calls, web tools or integrations into workflows and data models.

 

Fraud & Abuse Types

Payment Fraud

Illegal or fraudulent purchase of goods and/or services. Traditionally, these transactions are executed with compromised payment information, including credit cards or alternative payment methods.

Account Takeover

Unauthorized access to a user’s account in order to steal identity credentials, make a fraudulent purchase or engage in varying types of abuse.

New Account Fraud

Unauthorized setup/access to a new account in order to make fraudulent purchases or engage in varying types of abuse.

Identity Fraud

Unauthorized use of personal identity data to deceive and/or defraud another individual.

Synthetic Identity Fraud

Unauthorized use of real identity data, often different pieces from different individuals, in combination with fake identity data to create a fabricated identity.

Promo Abuse

Abuse of promotional offers by circumventing conditions/rules in order obtain significant discounts.

Loyalty Abuse

Abuse of loyalty points to obtain significant discounts or sell for profit. This abuse can include account takeover as a means of stealing loyalty points.

Content Abuse

Abusive or malicious user-generated content. This abuse can include account takeover and/or new account fraud. Spam falls under this layer of content abuse.

Reseller Abuse

Abuse of purchasing quantities in an effort to resell product for a profit. While reselling is a common practice, abuse can damage a client’s brand and/or deplete product availability for other customers.

Call Center Fraud

Exploiting call centers as a channel in which to launch fraud attacks, spanning varying forms of fraud and abuse.

 

Provider – Value Added Features

Try Before Buy

Ability to test solution features, functionality and performance before committing to a contract with the fraud solution provider.

Sandbox Solution Testing

Ability to pass data into a non-production environment in order to test integration and other synergies.

Demo Testing

Lens into the products, features and functionality without passing actual data.

3rd Party API Capabilities

Ability to send API calls to third party vendors.

Pre-Authorization Risking

Capability to provide risking functionality before payment authorization.

Payment Gateway Capabilities

Offers payment processing capability directly through their platform.

Sandbox Rule Testing

Testing of rules against historical data in non-production environment, helping to tune rule performance.

Mobile SDK

Software Development Kit available for Android, iOS and Windows

Managed Services

Professional services offered as a paid ad on, with a dedicated team and/or resource. Common services are manual review, chargeback management and risk management.

Chargeback Guarantee

Provider absolves client of chargeback liability, covering 100% of fraud losses.

Posted by / November 21, 2017 / 0 Comments
Posted in AF Education
PJ Rohall

PJ Rohall

PJ manages Strategy & Growth for about-fraud.com and is responsible for enhancing and sustaining platform value. He owns the strategic roadmap and contributes his own thought leadership. Outside of about-fraud.com, PJ manages a team of fraud analysts at Radial in addition to product strategy. He studies the card-not-present fraud ecosystem, value propositions and emerging technology to help inform product value enhancements. Radial is a provider of omnichannel technology and operations, including a full service fraud solution.

Leave a Reply

Your email address will not be published. Required fields are marked *

*
*