Looking Back at ENGAGE 2020: Fraud and Authentication Management Track
November 23rd, 2020
This blog series acts as a companion to the sessions at ENGAGE LIVE. Catch up on the other entries here:
- Immediate Action Required: Detecting Authorised Fraud
- Stay Ahead of First-Party Fraud & Mule Activity
- Catch Me if You Can: Fraud Digital Identity Challenges
- Future-Proofing Fraud with Advanced Technologies
- Fraud: AI in Action
- The Journey to Autonomous Fraud Management
ENGAGE 2020 was our largest event yet, and with over 30 sessions, it was impossible to attend them all.
In our fraud and authentication track, we heard from a wide array of leading fraud practitioners, including industry experts, global government organizations, analysts and client speakers. Attendees learned how to address and overcome the latest challenges we face as fraud fighters to protect their customers and businesses. Cutting edge Enterprise Fraud Management By taking a holistic approach with enterprise fraud management, teams can use advanced technology tools like machine learning, AI and automation to strengthen their fraud strategy, improve operational efficiency, and provide a frictionless customer experience.
We’re sharing the top five questions asked across the Fraud and Authentication Management sessions.
1. How can we combat account origination and new account fraud?
The main types of new account fraud are Identity Theft, Synthetic Identity and various forms of Misrepresentation. A holistic multi-layered strategy is required as part of Customer Lifecycle Risk Management (CLRM) solution to monitor risk and ensure account creation integrity.
Conversion or roadmap development to move to Enterprise Fraud Management allows for a flexible integration of a broad list of identity document verification and KYC vendors, allowing you to switch to a new vendor without changing the application process.
The optimal platform can easily ingest data from multiple sources to help independently verify the information provided, whilst being able to utilize the data within models to highlight high risk applications for review is key.
Data sources should be covering areas such as:
- PII & KYC verification
- Mobile network verification
- Email verification
- Mailing address verification
- Document verification
- User mobile / browser behavior verification
- ID – combination verification SSN/credit
- Funding account verification
- KYC checks
In addition, tools such as device profiling and behavioral biometrics can help prevent known fraudsters and devices continuing to attack you and can be used to block at the earliest stage to avoid high volumes of alerts.
Add to this configurable workflows for different account types, such as DDA, savings, or mortgage that can be flexed depending on the initial risk assessment. These can then drive higher or lower levels of friction, such as adding more verification for higher risk cases than lower risk ones.
Taking this approach also means that many of your applications can receive a low friction digital onboarding process, while higher risk accounts have the additional friction required.
Getting new account fraud right doesn’t need to increase friction so you lose customers. Instead it can reduced overall costs by onboarding profitable relationships only and lowering fraud losses.
2. How does the cloud enable stronger fraud management?
First, cloud is less expensive to manage than that of a data center, so the ability to reduce costs helps at a time when income is under pressure.
But more importantly the real value add comes from speed and agility. It’s quicker and easier to deploy new systems or upgrades, such as using tools such as Kubernetes. Again, this can reduce costs and allow the deployment of new features to stop frauds earlier.
Then we have the scalability and elasticity that cloud brings. This is great in terms of model development, which requires large amounts of power, but not all the time. Cloud allows us to develop models faster, without the costs of large amounts of hardware.
Lastly, all of the above supports the ability to improve automation throughout the lifecycle with easier sharing of data and intelligence and linking multiple solutions together.
3. Wire and ACH has some level of recourse to recover the payment. What recourse exists within the RTP and FedNow era?
Real-time payments systems are usually irrevocable, and this is the case with both RTP and FedNow, so you need to be completely sure before you send the payment.
RTP mandates within the operation rules that there is real-time fraud profiling in place to help reduce instances of fraud in the system. This covers both monetary and non-monetary messages, including Request for Payment messages.
The rules also mandate that participants send Requests for Return of Funds through RTP messages, including support for indemnities. Beneficiary banks must respond to these messages; however, the beneficiary bank is not obliged to send the funds back.
Speed of confirming a fraud and sending a cancellation is key. Fraud profiling should include the whole life cycle to understand all the monetary and non-monetary messages that lead up to a payment. Further, using entity profiles to understand the risk of the payee as well as how the device is used is also important. In assessing the payee, this should include elements such as first time paid, velocity and referencing lists.
4. How has consortium data been used for RTP as a new payment channel?
NICE Actimize supplies software to many large banks, including those on RTP. This means we can use data from both Same Day ACH and early RTP adopters to build out models for RTP, using key features from the data in our ActimizeWatch system without sharing the underlying data. By using the power of this intelligence, we can run improved models with tools such as Federate Transfer Learning. This means that there are more transactions and more fraud instances to learn from.
With this approach, the power of collective intelligence means that all participating institutions gain a better working model, faster.
5. What’s the most efficient and effective way to break the silo of fraud investigation business, and how do you manage the shared data in terms of ownership and on-going maintenance?
As we heard in the session, for too long we’ve had a narrow definition of fraud that has centered on the loss to the bank, such as with credit cards, along with the cost of the managing this fraud. Losses to customers or within other parts of the bank or wider ecosystem are hidden.
It’s clear that you won’t find what you are not looking for, and you can’t improve what you don’t measure. This is where the Federal Reserve’ Fraud Classifier comes in. This doesn’t need to change the liability of the frauds, but instead improves the data held so better actions can be taken by individual organizations and at a wider industry level.
Armed with this data, we see that not only are the losses hidden, but the costs of managing them are, too. This helps with the business case for building a truly enterprise fraud management system. Improved onboarding fraud prevention and ongoing fraud profiling reduces fraud and costs throughout the customer lifecycle. Measurement must be the start of breaking down these silos.
The world is changing fast, and the way we fight fraud is no exception. If we want to reduce the impact of fraud on our customers, organizations and economies, we need to invest to keep up with the fraudsters.