Fraud is an increasingly prevalent issue, affecting individuals and organizations alike. In Merchant Fraud Journal’s recent podcast, To Catch a Fraudster, Celebrus CEO Bill Bruno shared his insights and experiences with fraud, focusing on a recent incident involving a banking customer who fell victim to a home-buying scam. Let’s explore the tactics employed by fraudsters, the importance of context in fraud detection, and the future of fraud prevention technology.
A close call with a happy ending
A customer of HSBC, a prominent global bank, was targeted in a home-buying scam. The customer was in the process of buying a home, and fraudsters got ahold of that information to target them. The customer fell victim to an automated push payment scam, which convinced them to wire transfer money for the home purchase - unknowingly initiating the transaction to a fraudster instead of the intended institution. Fortunately, HSBC leverages Celebrus - the sophisticated fraud defense solution powered by data and collaboration – empowering them to identify and intercept the fraudulent transaction, ultimately returning the money to the rightful account holder before any damage was done.
This isn’t a unique story. Fraudsters are adept at exploiting various channels, such as text messages and emails, to deceive unsuspecting victims. They often pose as trusted entities like realtors, auto companies, or banks, leveraging the urgency and complexity of financial transactions to manipulate individuals into sharing sensitive information or initiating fraudulent transfers. Bill shared a personal example where his wife was targeted WHILE sitting in the dealership in the process of buying a car. There were three phone calls, initiated within minutes, trying to lure her into providing personal information. Exponential growth of scams worldwide and rapidly evolving fraud techniques highlight the need for robust fraud prevention measures. Fraud happens fast, your fraud defense systems have to work even faster.
Contextualizing behavioral biometrics
The importance of context in detecting fraudulent activities can’t be underestimated. By analyzing user behavior, including mouse movements, clicks, and browsing patterns, organizations can gain valuable insight. The key is extracting meaningful context from vast amounts of data.
Every individual has unique behaviors - the way you move the mouse across the page or where you click, how you hover, etc. It’s a lot of data, but when you boil that down contextually, apply machine learning, and identify common paths (instead of worrying about every single point where the mouse has moved), you get something actionable. This innovative approach to contextualizing data facilitates more effective fraud detection while minimizing false positives that frustrate customers. Technology can take something that’s 40-50 data points and condense it to one. But that one contextualized data point represents something much larger, enabling organizations to take better action on it and build better evidence when it comes to digital data and fraud prevention.
Enhanced data solutions apply even greater context by expanding identity to understand the full customer journey. By leveraging machine learning models to analyze all interactions, organizations can generate signals to score the activities a consumer is undertaking against a list of potential behaviors to confirm relevance, build evidence, and flag variations and deviations from the norm. For example, a consumer who’s been researching home purchase options, then uses a mortgage calculator, is showing consistent and logical behavior. On the other hand, a consumer who’s never done an online bank transfer of a certain size, and is now trying to do one with no other indicators of intent or interest might be a signal to raise a red flag and either investigate or intervene.
Behavioral analytics serves as a valuable tool in fraud prevention, enabling organizations to better understand consumer actions and identify anomalies. By capturing a wide range of data, including content interactions and life events such as home purchases, machine learning models can contextualize huge amounts of data to generate signals that represent specific behaviors. These signals contribute to building an evidence profile for each individual, facilitating the identification of deviations from their normal patterns.
Balancing Privacy and Protection:
As organizations navigate their digital transformation, it’s essential to maintain the delicate balance between fraud prevention and consumer privacy. Compliance with privacy regulations ensures consumer data is handled responsibly and only used for legitimate risk and fraud prevention purposes. In terms of protecting consumers, there’s legitimate interest that allows you to capture all this information, and if you’re only using the data for fraud and risk purposes most customers are ok with it, even appreciate it. But if you cross the line and start using that data for marketing purposes, without their explicit consent, it’s going to backfire. When it comes to marketing, you must stay within the lines and only capture what a consumer has elected for you to capture. And that data must be kept separate from anything you’re doing for fraud and risk prevention. By separating marketing activities from fraud prevention efforts, organizations can respect individual privacy rights while harnessing the power of data to protect against evolving threats.
Companies must also consider the idea of protecting this data. It's not just about corporate malfeasance or ethics, it's also about how you’re storing the data. Not a day goes by when you don't hear about a massive data breach. Right now they’re getting Social Security numbers, but in the future, it could be DNA profiles or viral loads – consumers likely aren’t going to want that in a database where it can be shared or stolen.
That's where first-party data and first-party ownership become so critical. If a company is going to capture data at this level, they shouldn't be sending it out to third-party applications that exist outside their infrastructure. That data is sensitive and should be treated as such, and it should be locked down - even within an organization. You must consider who has access to what and have that conversation daily.
The Future of Fraud Prevention:
There will constantly be innovation in digital, and consequently evolution in fraud, forcing organizations to find new ways to combat fraud effectively. The challenge lies in staying ahead of fraudsters and avoiding rigid, rule-based systems that quickly become obsolete. Many fraud solutions only focus on one specific fraud use case or only capture very specific data to do something very specific for fraud, but that approach is outdated because fraud moves so quickly.
The minute something has been written about or an approach has been documented, fraudsters have moved on. They're doing something else, or they've made an adjustment to avoid detection. Systems that are very rigid and focused on looking in one direction are going to miss a lot of relevant insight. To stay ahead of evolving fraud threats, organizations need a single source of truth for digital, and for fraud prevention and detection, that can feed the various systems, teams, and use cases they have – or may have in future.
The other transformation fraud teams must embrace is collaboration. There’s traditionally been a very siloed approach to different types of fraud by different teams in the same organization and uniting these by giving teams the data and tools they need to proactively prevent fraud instead of constantly looking back will separate top institutions from the pack. It comes down to operational excellence - the idea of pushing fraud off to the side is no longer acceptable.
Innovation will revolve around connecting the dots between different types of fraud, breaking down silos within organizations, and empowering teams with comprehensive, contextualized, and actionable data. The goal must be to proactively detect and prevent fraud, rather than merely reacting to losses after they happen.
The fight against fraud requires constant vigilance and innovation. Although fraud prevention technologies have made significant strides, there’s still room for revolution. The future lies in leveraging existing technologies more intelligently, fostering collaboration, and embracing a holistic approach to fraud prevention. By staying one step ahead of fraudsters, organizations can safeguard both their customers' hard-earned money and their own integrity in the digital landscape.
