I’ve spent the last five years working in different positions focused on fraud prevention. I’ve become what you would probably call a “fraud prevention addict”.
Knowing the different aspects, patterns, measures and risks of online behavior, I’ve felt quite comfortable with my digital life – until recently. I had never fallen victim until 2017 came along. Here’s what happened:
It was one of those days when you log on to the account of your favorite online retailer and look at your order history. All of a sudden, in a moment of surprise, you realize that the transactions that you are looking at should not be there because you never bought the items that are now part of your personal order history, because you never executed those transactions.
From my personal experience I can now say that the trust that the retailer had built with me as its loyal customer over the years vanished almost immediately. Just like that. Within seconds. Confusion took over and questions whirred in my mind.
How can someone get access to my personal account?
How can someone execute transactions from my personal account?
What kind of information does this fraudulent person now have access to? Address data, personal data, even parts of my private banking information….?
And why am I the first one noticing?
Needless to say I quickly called customer service. Thankfully, they were happy to help me out in cancelling all the fraudulent orders and luckily agreed not to charge me for them. But when it came to more transparency on how something like this could occur, figuring out who the bad actor was or where he or she came from, customer service was not helpful at all.
The IP address from the fraudulent order was the only data point that could really be looked at and we all know that a dynamic IP address by itself is not helpful when trying to identify a fraudster.
The time for better protection is now
I’m often surprised by businesses which lack sufficient security measures to protect themselves and their customers from these kinds of fraud risks. After all, the technology and analytics exist, and they can definitely be used for customer protection.
A simple way to protect my account would have been to profile my behavior in previous sessions and compare it to the fraudster’s behavior matching the activity accordingly. Red flags should have been raised. A fraudulent login could have easily been identified. Clearly, there is still work to do in this area.
At Arvato Financial Solutions, market education remains on top of our agenda as we want to help businesses protect themselves and improve customer experience by applying security methods such as passive biometrics and behavioral analysis. This means, it is not only possible to avoid financial losses and brand damage but also to enhance customer trust.
As a new year starts, an endless list of threats and data breaches is taking place TODAY and will continue to occur in the FUTURE. What was good enough yesterday isn’t good enough for today and certainly not for TOMORROW. It is a sobering thought but one worth considering.
On this topic I fully agree with the famous quote from FBI director, Robert S. Mueller, III, “There are only two types of companies: those that have been hacked and those that will be hacked.”
Future-proofing your business today
E-commerce, banking, telecommunication, travel…you name the industry, all are challenged by diverse types of fraud and their after effects. Distinguishing between legitimate customers and fraudsters has become a sort of an art which nowadays can involve the use of different intelligent technologies such as machine learning and advanced analytics.
I don’t think fraud prevention is a lost cause, but I do think we, as a solution provider, and our business partners, have a responsibility to protect consumers. We also need to constantly evolve to keep up with and ahead of the fraudsters that are, often, creative and sophisticated.
Finally, as a customer I think I deserve to be protected and to enjoy a pleasant customer experience. Let’s work on that!
Contact me if you want to know more about our solutions and how to prevent fraud.
Director l Risk Management International