It’s no secret that keeping con artists at bay is an ongoing challenge. Each time more sophisticated tools are designed to foil fraudsters, criminals up their game even more.
The percentage of online transactions targeted by fraud attacks increased by 137 percent between the second quarter of 2015 and the first quarter of 2016.Global Fraud Attack Index
The problem seems especially pronounced in the online world. According to the most recent edition of the Global Fraud Attack Index, compiled by PYMNTS.com, the online “attack rate” — the percentage of transactions targeted by fraud attacks — increased by 137 percent between the second quarter of 2015 and the first quarter of 2016. Over the same period, the attack rate tripled for digital goods and more than doubled for luxury goods. Fraud attacks spiked by 27 percent between the fourth quarter of 2015 and the first quarter of 2016 — a much larger increase than normal.
Some experts think these unfortunate trends lie in the structure of traditional “legacy” anti-fraud systems, which rely heavily on historical fraud data to train models and write rules. The methods used are applied uniformly to every situation, despite the fact that the various devices and payment platforms all operate under unique circumstances and therefore behave differently.
Referring to exploitation of payment technologies, an article in the March issue of “Digital Transactions” said, “Financial institutions’ inherent structural rigidity often can also be a fraudster’s best friend, as silo structures and delivery channels lead to stove-pipe, myopic anti-fraud strategies that fail to share intelligence across relevant channels.”
Online retailer James Allen, based in New York, is a high-end seller of diamond engagement rings, wedding rings and loose gemstones that was seeking an anti-fraud systems with a revolutionary, rather than an evolutionary, approach to addressing these pressing concerns.
“With the type of company we are and considering the high-ticket items we sell, we are especially attentive to effective, accurate fraud prevention,” says co-founder James Schultz. “With us, it’s an absolute necessity.”
“A big advantage to shopping online is the ability to compare us with our competitors,” Schultz says. Customers “can do their research on a schedule that suits them. On our site we have over 110,000 certified diamonds and 1,000 different ring styles customers can choose from. We also have very customer-friendly policies for shipping and risk-free returns — either for credit or service, such as setting a loose diamond.”
The company had a highly skilled team of analysts to guard against fraudulent activity; the team often turned away good business along with fraud, however, and strict rules meant lower customer approvals rates and lost sales — and a diminished customer experience.
James Allen takes great pride in the buying experience it offers its customers, and friction during checkout didn’t fit with the luxury brand. It was these distinct but equally important needs — providing a quality customer experience while scrupulously protecting its assets — that motivated James Allen to partner with cybersecurity firm Forter.
Forter, based in Tel Aviv with offices in San Francisco and New York, was founded in 2013 by Liron Damri, Michael Reitblat and Alon Shemesh — three cybersecurity experts who met while working in intelligence for the Israel Defense Forces. Operating for several months in “stealth mode,” the company began offering its security products in February 2014.
From the very start, the founders knew they needed to reinvent security for online commerce by creating a proactive model, as opposed to a reactive one. The system they developed operates in real time, is fully automated (and invisible to the customer) and capable of rendering a highly reliable decision so the client can confidently proceed with order fulfillment. Legacy systems, by contrast, perform the analysis but leave the approval decision up to the retailer.
Forter’s system uses behavioral analytics, cyber intelligence and elastic identity tools to meet security goals with nearly 100 percent accuracy.
Forter’s system eschews traditional scores and rules and uses behavioral analytics, cyber intelligence and elastic identity tools to meet these goals with nearly 100 percent accuracy.
Behavioral analytics closely oversees and monitors customer behavior on the client’s website prior to checkout, and looks for signs common to fraudsters. Meanwhile, the proprietary cyber intelligence algorithm evaluates thousands of data points to accurately determine if a customer is who she says she is. Finally, elastic identity software profiles a customer’s transaction history.
This triad is complemented by “machine learning” (the ability for a computer to progressively learn independent of an installed program), which is coupled with human intelligence to continuously improve the system, further enhancing its accuracy. The human component consists of fraud and intelligence experts recruited from the Israeli intelligence services.
It’s this combination “that allows us to continually improve our product, and keeps us a step ahead of those seeking to commit fraud,” says Shemesh, the firm’s chief analyst. “Keeping the fraud prevention invisible also greatly elevates the total customer experience and makes repeat visits more likely.”
Forter is so certain of the reliability of its system that it offers clients a 100 percent chargeback guarantee; clients can opt to self-insure for a lower fee in the highly unlikely event of a loss, which currently occurs at a rate of less than 0.09 percent. Forter also claims that its clients experience sales increases of 8 to 15 percent.
Shemesh points out the synergy between the two companies. “Forter has been able to contribute to James Allen’s success by providing imperceptible security as an element of a luxury buying experience. Offering real-time approval avoids making the customer uncomfortable by being questioned at checkout — not something one expects when spending $10,000 on a diamond ring.”
Forter’s proprietary system is compatible with any Internet-capable apparatus — PC, tablet or mobile device. It also works with any credit card tendered as payment, and plans to expand its capability to accommodate both Google Pay and Apple Pay.
The unique dynamics of online commerce means that Forter’s system is designed only to work in that sphere — the concept is not transferable to a point-of-sale checkout in a bricks-and-mortar selling environment.
This actually makes Forter’s job more challenging. “When EMV smartcards were introduced [in the United States] for use in the bricks-and-mortar world, their success had the effect of pushing fraudsters into the online marketplace,” Shemesh says. “We’ve seen an uptick in the number of online fraud attempts we’ve caught since EMV cards first appeared.”
In mid-2015 Forter began to offer protection from telephone fraud, anticipating an increase following EMV introduction. The move expanded Forter’s total service offerings to include complete protection across all forms of card-not-present customer interactions.