Are High-Security Checks Worth It?

by Tamas Kadar
In today’s digital landscape, no business is safe from fraud, really.
Cybercriminals will target everyone and everything, from giant global corporations to the smallest mom-and-pop shops.
Here’s how to fight back.
Education is the best prevention. This is particularly true in the world of online fraud, where new attack techniques pop up on a regular basis.
For instance, do you know how criminals use triangulation fraud to target online stores, increasing merchants’ chargeback rates and eating into profits? Or how cookie stuffing could make a dent in your affiliate marketing profits?
No two online businesses are the same, which means fraudsters could attack you in very different ways. For instance, BNPL fraud is nothing like iGaming fraud.
The key is to anticipate the kind of risk you may face, whether you’re established or launching a new business venture, and have proactive measures in place to catch outliers, too.
Improve your risk management with SEON’s real-time data enrichment tools, behavioral checks, and deep device fingerprinting analysis.
Book a Demo
Fraud and cybersecurity sometimes overlap when it comes to IT security. You want to protect your user accounts but also ensure that your internal data isn’t compromised.
This isn’t something a lot of business owners want to hear, but risk management shouldn’t be an afterthought. In fact, when done right, it can be a competitive advantage. You are essentially future-proofing your company from bad consequences such as:
It’s been shown that a single data leak, for instance, can cause stock prices to plummet by as much as 7.5%. This can be a result of an account takeover, or hacking, for example, but the results are equally detrimental.
We briefly touched upon the problem of account takeovers above. In layman’s terms, you may hear the phrase “account hacking”, while some insiders use “ATO” for short. Regardless of what you call it, this tends to happen when users are careless about their login details.
While IT security can go a long way in patching flaws that could lead to ATOs, one of the best practices for prevention is to educate users about the value of their accounts.
You should regularly ensure that they do not reuse passwords, don’t share login details with anyone, and double-check that the communications they receive from you are genuine to avoid phishing attempts.
Moving on to the problem of payments, you may already know how challenging it can be to win chargeback disputes.
It doesn’t have to be that way. If you manage to gather as much information as possible about your customers – even those without an account on your site, you are putting the odds in your favor. Here are examples of suspicious data you should be able to gather:
The data is handy if you can look at it in real-time, but also if it’s logged in your system in case you need to dispute a chargeback request.
Trusting people online is hard. This is true whether you’re dealing with customers, affiliates, or business partners.
The problem is that verifying IDs can add a tremendous of unwanted friction. Sure, you can deploy identity verification software to do it for you, but it still makes people pause to take a video selfie or find an ID document, which many consumers don’t appreciate.
The answer could be sourcing alternative data for customer due diligence. Put simply, it’s all about looking at the right signals to ensure you’re dealing with the right person, without directly asking the customer. Instead, you are examining their hardware and software setup, their email address, their IP address, phone number, bank card… For instance:
Some of these signals show surprisingly accurate results when it comes to identifying good users versus fraudsters. Social media lookups, for instance, return fantastic real-time results that will flag email accounts hastily created for the purpose of defrauding your company.
Free BIN lookup!
Enter the first 6 or 8 digits of a card number (BIN/IIN)
Text here
So, you’ve gone this far down the list and asked yourself: But how do I do that?
The answer is fraud prevention software. Sure, you could manually perform all the verification steps mentioned above, but if you want to work at scale, it makes much more sense to automate.
Fraud detection software, however, comes in many shapes and sizes. Some specialize in compliance while others are tailored for chargeback disputes, and more. The key is to ensure you have the right tools at your disposal for your needs – and that they give you enough flexibility to evolve with your business as it grows.
Compliance and regulations are often seen as hoops companies have to jump through. But whenever authorities and regulators create these obstacles, you know that it’s because fraudsters and criminals aren’t far behind.
So how do you ensure you don’t face litigation, fines, and negative press due to compliance issues? You simply have to stay ahead of the curve by noticing regulatory changes in other verticals.
Neobanks, iGaming, and other high-risk industries, for instance, simply cannot afford to stay behind when it comes to understanding and meeting new regulations.
Dynamic friction may sound complicated, but it couldn’t be simpler. It’s a process that allows you to ask extra security questions when and only when you’re dealing with users you are not certain about. Meanwhile, good users can perform their actions without extra verification, and high-risk users are immediately blocked.
The advantage of this strategy is that you don’t slow things down for the vast majority of legitimate customers. It’s only if you have reasonable doubt that you will ask for an extra piece of ID, OTP verification or a CAPTCHA, for instance.
So, how do you calculate risk in order to implement this traffic-lights system? With risk scores. Put simply, it’s about feeding data through software that lets you decide if something is risky or not.
Last but not least, it’s time to bring out the big guns: artificial intelligence. Specifically, you want a machine learning system that is able to:
Here’s an example from an online store selling footwear. The company fed its fraudulent transaction data to the algorithm, and received back an interesting finding: Purchases of size eight shoes tended to have a higher likelihood of resulting in chargebacks. The reason turned out to be that it’s one of the easiest shoe sizes to resell – which makes it attractive to fraudsters. But what this allows you to do is set up this shoe size for a little more scrutiny, if you prefer.
Perhaps an eagle-eyed fraud analyst would have spotted the pattern, but what’s interesting is that an AI system was able to identify and draw your attention to this pattern: size eight shoe purchases = elevated risk.
You could leverage the same power to draw connections and identify underlying patterns in your own online business.
As a full end-to-end fraud prevention solution, SEON lets you gather user data, enrich it, score user actions, and leverage machine learning to deploy custom risk rules.
It’s designed by fraud managers for fraud managers, giving you complete control over scoring, data enrichment, and even which machine-learning model to use, and when.
However, SEON is also available as a series of modular APIs to be integrated as and where you see fit, providing the same powerful way to look into your customers – as well as a Shopify extension or Chrome extension.
Ready to learn more? Get in touch below.
Partner with SEON to reduce fraud rates in your business with real-time data enrichment, whitebox machine learning, and advanced APIs.
Book a Demo
Sources
Showing all with `` tag
Click here
Tamás Kádár is the Chief Executive Officer and co-founder of SEON. His mission to create a fraud-free world began after he founded the CEE’s first crypto exchange in 2017 and found it under constant attack. The solution he built now reduces fraud for 5,000+ companies worldwide, including global leaders such as KLM, Avis, and Patreon. In his spare time, he’s devouring data visualizations and injuring himself while doing basic DIY around his London pad.
The top stories of the month delivered straight to your inbox