According to Javelin’s 2017 fraud report, 75% of merchants use usernames and passwords for their primary authentication. Following behind is device identification (27%). It’s a good start, but not enough.
Today we’ll see why device fingerprinting can only get you that far, and why solutions looking at emails are must-haves for online businesses who want to reduce fraud rates.
Device Fingerprinting: Efficient, But Increasingly Easy to Bypass
Device fingerprinting gathers data about hardware and software used by your website visitors. It is a fantastic tool to get an idea of how visitors access your pages. We’ve written in the past about all its positives, which include the tremendous amount of data it can gather. This helps paint a full picture of devices used and their users.
The only downside? Device fingerprinting has been around a long time. In fact, the technology used to track browser configuration today has been around for at least a decade. To its credit, it is still a basic, yet efficient fraud-reduction measure.
Unfortunately, the world of online fraud is fast-paced, innovative, and resourceful. This means fraudsters had plenty of time to prepare, test and implement ways to bypass device fingerprinting on their own terms.
For instance, one technique we’re seeing more and more these days involves full profile packages. Sellers on questionable marketplaces offer platform login details combined with portable browser cache and cookies.
In other words: fraudsters are getting smarter. Businesses are left straddling behind in this constant game of cat and mouse. Our suggestion? Building a portfolio of fraud prevention tools that create a stronger line of defense against attacks.
And one of the most powerful and innovative tools we’ve developed in recent years is email analysis.
Email Analysis Tool – Enriching Single Datapoints for Maximum Power
“email addresses provide data that is a lot more specific and unique than that from a widely-available browser or mass-produced smartphone”
Gathering customer analytics based on their email address is a fresh trend that is proving to be highly effective. Opening an account online is virtually impossible without an email address. Email addresses provide data that is a lot more specific and unique than browsers or mass-produced smartphone.
Moreover, innovations in data enrichment can extract more than a name and domain. Using the right tools, an email address will tell more about a user than an IP or device can. Specifically, we can see:
- Validity. through SMTP checks, we can ping the server and see if it exists or not based on the feedback.
- Usage. We check if the domain comes from temporary email services. If it is, the risk score increases.
- Domain quality. Is it free? When was it created? Does it require SMS or other verification to open it? How about recent updates? Just a number of data points that can give great insights into an email address validity. For instance, gmail is free, but does require verification.
- Address quality. Using string analysis, we compare it to the user name and get a good guess on whether the name makes sense or if its content is gibberish.
- Stolen addresses. A simple cross check against known email data breaches can reveal a lot.
- Blacklisted. It’s easy to see if the email address belongs to someone who has been barred from another platform.
Last but not least: we can tell if the email address is used with social media accounts. According to our own SEON Intelligence analytics for the lending industry, 76% of defaulting customers had no social media presence.
This is an extremely high correlation, which fraud managers in every industry can now leverage to calculate their risk scores – and the precision increases with every other datapoint available.
Companies are still very much focused on limited methods for identifying their users. Fraudsters are therefore at an advantage, because they’re constantly on the lookout for loopholes and new innovative ways to defraud these merchants.
In short, fraud prevention must also evolve. And at the minute, an email address, which is synonymous with a global unique identifier on the internet is one of the strongest data points you can check to boost your fraud prevention results.
SEON Intelligence is specifically designed to offer a combination of features that analyze data and reduce fraud, including a powerful email analysis tool. It’s also a modular solution, which means you can add it to your existing fraud prevention method to get the final boost it needs.
Click here for more information on SEON Intelligence and the Email analysis module.
Learn more about our products
Tamas is the founder and CEO of SEON and an expert in all the technological aspects of fraud prevention.