Meeting the challenge of online fraud
In 2020, the world changed dramatically. Many businesses were forced to shutter their brick-and-mortar locations. Those that could, moved some or all of their sales online. And while the pivot to e-commerce may have enabled them to survive, it came with a new and daunting challenge—a surge in online fraud.
Cybercriminals and sophisticated fraud rings sought to capitalize on the chaos and digital transformation while businesses tried to protect themselves while still providing a great customer experience. With identity at the core of online commerce, organizations struggled to discern between legitimate customers, fraudsters using stolen or synthetic IDs, and bots, without introducing unnecessary friction to the customer experience.
The impact of data privacy laws
Expect regulations to play an increasingly prominent role in how customers interact online and what personal information can be collected and used, making identity verification and authentication even more tricky.
Recently passed privacy laws, such as GDPR in Europe, CCPA in California, and LGPD in Brazil give consumers more control over their personal data. Data residency laws define what data can leave a country’s borders. And PSD2, the second payment services directive in Europe, creates strong authentication requirements for most payments, significantly impacting the consumer experience online.
Organizations will need to evolve to self-sovereign digital ID initiatives, providing users with ownership and control of their digital identity information. Fraud prevention solutions must be able to determine trust and risk with knowing some or none of the end user’s actual identity. Identities will still need to be verified through trusted data aggregators to ensure synthetic and fraudulent identities are not used in legitimate businesses. Once an identity has been verified, self- sovereign control can be used in conjunction with anonymized identifiers for digital identities through data linkages across global networks and new events, which confirm or contradict historic connections.
Behavioral and physical biometrics technology holds great promise
Biometrics authentication will be a crucial part of fraud prevention in the future. It uses the unique biological characteristics of people—retina scans, fingerprint scanning, facial recognition and maybe one day the interaction with an electronic device—to confirm they are who they say they are. And since people often command their devices rather than interact with them physically, voice biometrics, which uses voice pattern recognition, may be increasingly important.
Behavioral and physical biometrics offers a combination of risk signal and physical anchors to create an additional layer of defense without negatively impacting the consumer experience. And by pairing it with digital identity intelligence, businesses can gain additional risk signals across a spectrum of risk events such as opening accounts, logging in and making payments.
Prioritizing artificial intelligence
New technology is enabling fraudsters to become more advanced. They’re joining together to form networks and using bots to perform the heavy lifting in finding vulnerable businesses online.
As quantum computers evolve, they too may pose a serious threat. Their speed of calculation gives them the potential to crack encryption, which has serious implications on digital privacy and security. Every IoT (Internet of Things) device communicates via a secure connection involving cryptography. That communication could be intercepted and decrypted, along with every piece of encrypted data that’s stored in databases today.
The sophistication of fraudsters and the risk quantum computers pose make the development of artificial intelligence a priority. Already used in some fraud prevention methods, expect AI to become more advanced and leverage both supervised and unsupervised machine learning, using anomaly analysis to pinpoint more unpredictable fraud patterns.
As fraud evolves so must fraud prevention
Some identity verification and authentication solutions that worked in the past may no longer be as effective as they once were. Businesses must find new and (in some cases) regulation-compliant ways to reduce their risk of fraud while providing a great customer experience. As online fraud evolves, so too must fraud detection and prevention solutions.
By marrying an approach for owners of verified identities to have self-sovereign control of digital identity and biometric authentication with artificial intelligence, businesses can stay ahead in protecting against fraud without compromising the consumer experience.