The COVID-19 crisis has had a profound impact on the way we live our lives. The digital transformation, accelerated by the pandemic, has fundamentally transformed how businesses interact with consumers and vice versa. Consumers have migrated increasingly to online channels, which has had myriad effects on the way financial services interacts with customers and new business risks associated with these changes. For example, fraudsters have been testing new modes of attack made available by the changing dynamic between consumers and businesses. In turn, business have had to change the way they access information, track transactions—and ultimately, combat fraud.
Of consequence of all the market changes in 2020, eCommerce and retail have seen a change in how fraudsters are testing our defenses. As industries shift, grow and stumble to accommodate the realities of 2020, enterprising fraudsters are finding new opportunities to exploit vulnerabilities, and as a result, fraud has been soaring. One example we can use to illustrate this trend is through the buy online pick-up in store (BOPIS) option that many consumers have adopted since the start of the pandemic. Mid and large sized retailers that sell only physical goods have seen a sizeable increase in the average percent of mobile transactions involving in store pick-up, from 43% prior to the shutdown to 55% during.1 Fraudsters have seen the increase in this buying channel as an opportunity and are capitalizing on vulnerabilities they have found within it. Fraud rates in this channel have increased 250% over the previous year.2
One reason: as consumers eschew brick-and-mortar stores and in-person transactions, new devices are entering the system, bringing with them new digital identities. Mobile transactions are becoming more favored than ever and mobile-only transactions are most definitely trending. More than 66% of online transactions today originate from mobile devices.3 As brick-and-mortar stores re-opened, nearly 36% of consumers were buying retail goods online in May, compared to 29% in April when most retail stores were still closed.4 These numbers were undoubtedly higher than what we had seen in the days leading up to the first shut downs in March at just over 10%.5 Traditional brick-and-mortar strategies have needed to evolve quickly to accommodate the accelerated migration from cash register to online transactions.
Not all consumers have been comfortable with the migration to digital channels. Large segments of consumers who have traditionally shied away from online transactions are typically uncomfortable or unknowledgeable about online or mobile transactions and are only doing so because the pandemic has forced their hand. As many consumers began transacting in a platform unfamiliar to them, fraudsters gained a fertile opening to prey upon vulnerable people or hide among confused applicants struggling with new channels. For example, elderly customers who had traditionally relied on brick-and-mortar shopping for their entire lives have starting using online shopping platforms for the first time to maintain quarantine protocols.
Fraudsters are evolving and view the shift to digital transactions as well as the disruption in typical retail workflows as an opportunity to take advantage of new vulnerabilities. These bad actors are continuously testing and evolving their methods. Organizations must evolve as well to combat these fraudsters.
Trend #1: Pivot to a holistic approach that combines platform and products.
For a variety of reasons, consumers became hesitant to engage in typical in-store shopping, and local ordinances made in-store shopping difficult in many geographies. Overnight, retailers had to migrate from a showroom and cash-register model to a curbside model. This sudden workflow change was necessary for brick-and-mortar businesses to survive but was also a unique and unprecedented opportunity for fraudsters to test new schemes against these fledgling systems. The criminals’ modus operandi has always been simulating elements of true identity to trick a system into believing that a business is interacting with an authentic identity. No surprise, then, that the expansion of faceless, remote transactions accelerated by COVID-19 creates an unexpected windfall for them.
Even with a plan for vaccines and discussion of a return to normalcy in 2021, it seems likely that consumers may continue the newly found ease of digital transactions. This trend changes how identities transact online and must be managed accordingly. Those who fight fraud must look far more holistically into how to react to a broader identity footprint. The more holistic the review of identity, the more it is possible to differentiate a true identity from a synthetic, stolen or manipulated identity.
What does that portend for fraud fighters? For one thing, data is getting broader with more fields, increased complexity, and an expanded footprint that spans across physical, digital and behavioral environments. Along with the complexity of data comes a complexity of solutions which require analytic approaches that can be implemented in a scalable and useful way across multiple channels.
Let’s explore what that means. Every product designed to combat fraud has a particular focus where it performs particularly well, especially when considering the various fraud types, identity elements (digital, email, SSN, etc.), and business verticals (credit card, auto lending, unsecured installment, etc.). A holistic, multi-layered product approach will, by definition, provide greater effectiveness in mitigating fraud by expanding due diligence across a variety of different fraud schemes. But when the layering is done through an integrated solution that combines both platform and products, a greater level of seamless efficiency is achieved.
Trend #2: Embrace more unsupervised machine learning.
If fraudsters are evolving—and they are—we need to update how we think about risk prediction and we must scale to the magnitude of data. We must be flexible with performance definitions and allow our models to evolve. There is power in evolving data and analytic approaches to capture the many different approaches that a fraudster might take.
For example, supervised machine learning is an important and effective tool for fraud control. This sort of algorithm development identifies trends related to specific fraud schemes to identify markers or performance tags and use data science principles to paint a picture of those precursors that portend the execution of specific fraud schemes. These can be powerful tools with specific cut-and-dry performance parameters; for example, identifying “stolen identity versus not stolen identity”. However, we must also consider that fraudster evolution requires us to combine less structured unsupervised approaches in combination with the supervised approaches. These unsupervised approaches identify emerging identity anomalies that are less likely part of prior fraud definitions.
Along with the emphasis on the detection of anomalies, decisions are being automated that couldn’t previously be automated. As a result, it is now possible to offer analytics to a broader set of businesses. These unsupervised machine learning models can be retrained on a regular cadence, ultimately leading to better decision outcomes.
Unsupervised machine learning, layered on top of supervised approaches, enables businesses to approach a single model from different angles and really hone in on the signal amid all the noise.
Trend #3: Layer in behavioral biometrics.
One goal of fraud assessment is to determine if a presented identity corresponds to a true person, versus a bot or other bad actor that may behave differently than the consumer. Another way that technology has increased signals on available platforms is through behavioral biometrics that relate to measurable patterns in human activity. Behavioral biometrics looks at interactive gestures such as how an individual types on a keyboard, moves a mouse, holds a phone or taps a touchscreen and compares those characteristics with known digital behavioral traits common to fraudsters, bots and trusted users. It is an effective way of differentiating between trusted and high-risk behavior, as well as human and non-human traffic. When combined with other traditional risk signals, behavioral biometrics generate a very strong fraud prediction lift. A recent validation showed that behavioral biometrics has identified two-and-a-half times more synthetic fraud simply by segmenting simple elements.
Behavioral biometrics provides an additional layer of defense to risk assessment without creating a negative user experience. Unlike point solutions, which often plug individual vulnerabilities, a layered defense can inform better risk decisions. In fact, combining behavioral biometrics with physical, digital and transactional elements can improve the ability to identify fraudulent behavior during high-risk events such as new account onboarding and payments.
Trend #4: Adapt to an ever-changing environment.
It is an art in keeping up with enterprising fraudsters, who in effect, are clever data scientists as well. So, the financial services industry has its work cut out for it to fight fraud. By applying data science principles, we can collectively make the world a more secure place by facilitating how consumers interface with companies safely.
The future of fraud will continue to be an exciting place. On the horizon, LexisNexis® Risk Solutions foresees providing platforms to empower companies to perform their own analytics and to simulate “what if” questions to fine tune strategies.
More and more, we collectively recognize that those who tackle fraud have two main weapons in their quiver. The first is pure data capabilities—statistical modeling and artificial intelligence. The second is real-life intelligence that derives from thinking like bad actors and anticipating what they will do next. A confluence of a scalable data approach combined with industry experience is the winning recipe for successful fraud-fighting. By partnering with a source with a proven track record of transforming risk decision-making into actionable insights, you can optimize your ability to mitigate fraud.
Learn how LexisNexis® Risk Solutions is helping organizations optimize their ability to mitigate fraud.
1. LexisNexis® Risk Solutions 2020 True Cost of Fraud™ Study: eCommerce/Retail Edition: https://risk.lexisnexis.com/insights-resources/research/2020-true-cost-of-fraud-retail
2. ATM Marketplace, Jan12, 2021:https://www.atmmarketplace.com/blogs/the-perfect-theft-the-increase-in-card-not-present-fraud/
3. The LexisNexis® Risk Solutions Cybercrime Report January-June 2020: https://risk.lexisnexis.com/insights-resources/research/cybercrime-report
4. PYMNTS, June 4, 2020
5. PYMNTS, June 2020: https://securecdn.pymnts.com/wp-content/uploads/2020/06/The-Great-Reopening-Doubling-Down-On-Digital-edition.pdf