4 modern ways to secure digital payments—and catch fraudsters

unnamed-5.png

As consumers and businesses flock to digital channels, the payments industry is constantly grappling with an ever important question – How to create a frictionless purchase experience, while protecting the assets of customers, merchants, and financial institutions. According to pymnts.com, over 10% of customers reported a digital debit or credit card fraud incident in 2021. Social media also proved to be a hotbed for fraud with 8.8% of surveyees reporting fraud attacks. While these figures may seem relatively tame, the Federal Trade Commission reported a 45% increase in total fraud attacks between 2019 and 2020. A J.P. Morgan study estimated that the cost of fraud and theft for consumers to be $1.6 Billion in 2020 alone.

In response to these trends, the need for modernized fraud technology is top of mind for the industry. One study reports that the global online payment fraud detection market is expected to grow at a CAGR of 15% by 2028. This will come from a variety of vendors that help support verification, investigation, and decisioning of fraud. Here are 4 modern ways that the industry is advancing the use of technology to fight fraudsters.

Biometric Liveness Detection

Biometrics are nothing new to the payments industry. Ever since the widespread adoption of mobile devices, methods like fingerprint, retina & facial recognition have become the de facto way of authenticating users across applications. Improvements in static recognition of particular features such as eye or hair color, has improved the confidence of such technology. Still, bad actors have found ways of spoofing these services through the use of photos, videos, or recordings of the user.

Thus the newest developments in liveness detection technology has created a more secure way of stopping bad actors from accessing financial and payment details. Liveness detection uses a variety of triggers to ensure that a ‘live’ user is in front of the screen. This may consist of ‘active liveness’ where the user needs to perform an action (e.g. blink), or ‘passive liveness’ which doesn’t require any movement, but instead relies on algorithms. While ‘active liveness provides greater security, there is a tradeoff as it takes longer, and increases the probability of abandonment. Still, whichever liveness method is used, it still presents a far greater layer of security versus traditional usernames & password.

Improvements in 3D Secure Protocols

3D Secure (or 3DS) has been around for over 20 years, and is an important protocol in preventing fraud and accelerating commerce. The security layer creates an authentication data connection between merchants, payment networks and financial institutions, enabling the ability to share more intelligence about transactions. However the original 3DS had several drawbacks. The authentication system was slow and required the customer to respond and click on several notifications. “Merchants knew it was an effective tool in preventing fraud, but they had to make the decision of whether to protect themselves against fraud or create friction that could lead to abandonment of transactions,” says JJ Kieley at American Express “It really wasn’t a great experience.”

The new 2.0 version builds on this, by expanding the number of transaction attributes that an issuer can leverage to authenticate a customer. It also uses token based and biometric authentication, eliminating the need for static passwords. The protocol supports modern payment vehicles like wearables & digital wallets and helps improve risk assessment. This means a faster, more secure checkout experience for customers.

enter image description here

Source: Visa

Protecting PII on the Backend

The rise in fraud cases is no secret - consumers are still suspicious of digital channels, and are worried about fraud and identity theft. According to a recent study, fifty-five percent of consumers do not store their payment credentials due to wariness of security protocols, and 57% are likely to abandon an online platform if they feel their information is not adequately protected. This is not without warrant, as the average online business experienced 344 fraud attempts in 2020, up 24% from the prior year.

As a result, security professionals are looking at new ways to protect their services, applications, and networks from bad actors. Leveraging a variety of tools such as artificial intelligence and machine learning to stop threats quickly. Additionally, many businesses are considering the advantages of migrating from multiple security tools to a single platform that offers full visibility across their environment, with fast cyber remediation. Elastic Security provides many of the tools, best practices, and technology as recognized by Gartner.

Expanding Datasets via Search Powered Solutions

In a whitepaper by Deloitte, the transition to a digital & remote world, has created a widespread challenge for fraud analysts, as cases and investigations scale. The remedy for this is cited as ‘more and better data’. Capturing more intelligence can help segment subpopulations, and paint a fuller picture of behavioral patterns. Incorporating communication data (e.g. email ,video, or SMS messages) associated with transactions that can help detect fraud before any financial loss. For instance, recognizing unusual timestamps of instant messages or logs may help improve the investigation process.

However, for many fraud teams, the availability and ingestion speed of critical data is limited. This can mean multiple blind spots, the inability to scale operations, or a slower time to detect incidents. Additionally, customer habits are constantly changing, making it more challenging to recognize anomalies and react quickly. Elastic helps fraud teams overcome these challenges by unifying, searching, and analyzing all data across formats, including time, space, geography, or other attributes in seconds. Unsupervised & supervised machine learning, enables fraud teams to surface the unknowns, and more precisely monitor, triage, and investigate incidents. The result is a better customer, merchant, and analyst experience.

Learn how financial institutions turn data into a strategic asset with Elastic.