A good fraud management tool needs more than good risk scoring. Here’s what to look for.
Fighting fraud is on everyone’s agenda these days, which explains why the fraud prevention market shows no sign of slowing down.
But while every fraud tech company claims they can help you reduce chargebacks, account takeover, multi-accounting and transaction fraud, amongst others, there’s often one aspect that tends to be opaque: how to manage the tool itself.
So in this post, we’ll look at what’s going on behind the scenes with a fraud management tool, and what kinds of features it should offer to give you complete control over how you fight fraudsters.
To do so, let’s start by asking the right questions:
Can It Work for a Whole Fraud Prevention Team?
This is a point that many risk tech companies keep quiet about, as they want to sell you more licenses based on how big your team is.
At SEON, however, we take the view that you should only really pay for the fraud management tool when it’s used, which is why you only pay for each API request.
And in terms of team management, we didn’t want to make it restricted in any way. This is demonstrated with our ability to:
- Easily add and remove team logins
- Unlimited accounts for team members
- Easily edit and manage permission levels
Above all, these team management features need to be intuitive and easy to use, which is why we worked hard on creating our GUI.
Thanks to its flexibility (ability to add, remove and customize widgets as needed) we wanted to give your team a centralized place where anything dealing with risk can be managed.
How Easy is It to Integrate? And Do you Have Multiple Options?
Your fraud management tool should adapt to how you do business, not the other way around. So the first thing to consider exactly what you want it to achieve, not just in terms of reducing risk.
- Do you need it to be completely end-to-end? That is to say, a full integration into your online services that looks at all possible fraud cases and flags them automatically.
- Do you need to get a better picture of your users? You’ll want to look at data enrichment features, which help gather insights from external databases and helps spot hidden customer connections.
- Do you want to help your business scale its fraud flagging efforts? You could already have a fraud management system in place, and just need an additional boost to meet growing numbers of onboarding users or transactions.
- Do you need to patch one hole in your line of defense? Then you probably only need one extra module such as device fingerprinting, IP analysis or reverse email lookup.
- Do you need an extra hand with manual reviews? Once again, the right module could help speed up the process, allowing you to quickly decide if the user action should be approved or declined.
Just for reference, here is a list of all the integration options SEON offers with our fraud management tool.
- REST APIs for developers
- One-click data enrichment via Google Chrome plugin: this is our unique solution designed to add an extra real-time layer of protection that doesn’t require any integration.
And even a full, custom system integration can be a lot faster than you think, as you can see with our integration workflow.
Can It Enrich Data, and Do it Legally for Data Protection Regulations?
Data enrichment is all the range in fraud detection these days, and your fraud management should let you get a full picture of customers based on as few data points as possible.
Here are examples of what it could do:
- Take a username and email address > see if the address appears in a data breach, if the domain provider is free, if there were no security checks for creating an address
- Take a phone number > find out if the user has registered it with Whatsapp, Viber or Twitter, extract a user picture, see their last login date.
- Take an IP address > see if the connection happens through open ports, if it’s a residential connection or via a data center, if the IP address appears on blacklists, etc…
Above all, the information you collect from external sources shouldn’t make you foul of data protection regulators. At SEON, for instance, all our data enrichment is fully GDPR compliant, so you can build better user profiles with complete peace of mind.
Can It Give You A Score on How Risky an Action Is?
It doesn’t matter if the user action is a signup, a login or an attempt at purchasing a good or service. You want to be able to review every single one of them, calculate how risky they are, and approve or decline them accordingly.
This is all done with predictive risk scoring, which happens thanks to your fraud management tool’s rules.
- You should be able to use preset rules: these will come tailored for your industry when they have a proven track record of slowing risky actions for a specific vertical.
- Custom rules are equally important: of course, fraud managers will want complete control over the rules they think work and which don’t. This is where custom fields and parameters come into play, so you can experiment with rules that meet your true business uses.
- You must be able to test them: A good fraud management tool should let you test the rules in the right environment to see what is truly efficient, and what gives out too many false positives.
- Machine Learning suggested rules: fraud is adaptive, as fraudsters tend to emulate legitimate user behaviour and learn from what doesn’t work. There are also fraud attacks that are so rare, that it’s hard to fit them into a larger pattern. This kind of behaviour can be very difficult to flag manually, which is why sometimes AI is the best tool for the job.
But when it comes to machine learning, you also need to make sure its results are understandable by the fraud team…
Does the Machine Learning Engine Give Human-Readable Results?
There are two kinds of machine learning engines: whitebox and blackbox. Put simply, one is trying to be as transparent as possible, while the other is overseen by specialist data scientists at the fraud prevention company.
At SEON, we believe every fraud manager should be able to understand what’s going on under the hood, which is why we use a whitebox system. It delivers results through a visualization tool called a decision tree, which makes it easy and intuitive to see how the rules work.
Note that part of our support also includes contact with our own data scientists, so you can not only oversee AI with human intelligence, but also empower your team to make more informed tweaks in the future.
How Fast Are The Results? And Can They Trigger Other Actions?
Regardless of the kind of fraud features you need, the results have to come back fast. You don’t want to keep your legitimate users waiting, as it increases churn and friction, and eventually send them towards your competitors.
Worse, if you can’t act in time, fraudsters will enter your system and wreak all kinds of havoc, at which point it’s already too late. You and your users will pay the price, not to mention the potential anti-fraud fines.
In short: faster results mean better prevention. This is why SEON delivers results as close to real-time as possible (under 2 ms),
But what if the results point towards a high-risk user? You’ll want to ensure you can use dynamic friction.
This is a process which acts as a kind of pre-manual review, by triggering additional KYC questions. Ultimately, it means you can ensure you have light KYC, and only trigger the heavier authentication as needed.
So on top of your bare-minimum data fields, you can then ask for:
- Selfie ID
- Document upload
It’s worth noting at this stage that none of the heavy KYC methods are bullet-proof by themselves. But you do want the option to question high-risk users, as it will deter the least sophisticated fraudsters.
And for maximum transparency, do let users know what’s happening, as it will let them understand why they have to go through a more rigorous authentication process.
Can Your Fraud Management Tool Do it All?
SEON does, and much more. Which is why we’re one of the only fraud prevention companies that offers a completely free trial of our platform – either offline, to batch compare your data, or running silently in parallel with your existing system.
This will let you see exactly how all the features mentioned above work, and witness first hand how easy and affordable it can be to reduce fraud in your business.