News, Education and Events Decoding Digital Payments & Fraud

News, Education and Events Decoding Digital Payments & Fraud

6 Steps to Fraud Prevention

6 Steps to Fraud Prevention: How to Evaluate CNP Fraud Solutions

By Karisse Hendrick, Editor-at-Large,

Deciding which fraud solution will best fit the needs of your company can be overwhelming. While options were fairly limited a decade ago, the need for different types of services has driven the creation of literally hundreds of different fraud service providers since then. Whether you are considering a main fraud case management system or service or a complimentary tool to add additional identity verification, device identification or machine learning capabilities, the decision is one that shouldn’t be taken lightly. Chances are this will be a relationship your company will continue to have for a long period of time, and the cost may be substantial. Recently, in one of the most popular panel discussions at this year’s CNP Expo in Orlando, Fla., Laura Park, sales operations specialist for Other World Computing (also known as, shared the method she uses to select the right tools for her business. Here, in more detail, Park explains the six steps she takes to evaluate and choose a fraud provider.

Step 1: Identify the “Why”

It’s important to identify why you need a solution. Maybe you need to reduce manual reviews, account takeover fraud or false positives. Perhaps you need to verify identities automatically or to have a work flow management or case management tool.

“The ‘why’ must be actionable and quantifiable,” Park says. “If management comes in saying you need to be ‘quicker’ or ‘more accurate,’ the next step would be identifying exactly what that means. In my opinion, the entire process hinges on this first step. If you haven’t identified the #1 reason you need something new, you won’t know when you’ve found the right tool.”

In the panel discussion, Park emphasized that not all tools are right for every business model or fraud issue. A company might love their provider, she says, but “that doesn’t mean that it will be right for your business. There is no one cookie-cutter solution.” Park added that the specific fraud issue, the business model, company culture, company resources (especially for implementation) and cost all should be factored into determining the right solution for your business.

Also, consider meeting with management and cross-functional teams including customer service and development to gain their input on this step. This can be helpful identifying technical needs you aren’t aware of (e.g., being compatible with your gateway or internal development platform) or how a prospective solution could impact good customers. Communication with internal partners will help you narrow down the type of solution you may need, and the provider you want to work with.

Step Two: Identify the Best Solutions

To identify all of the solutions available, Park says she used Google. However, she also suggests attending a conference such as the annual CNP Expo to have the opportunity to speak to representatives from most fraud service providers face to face ( compiled a list of the types of solutions available, along with a glossary of terms here ).

In this phase, Park says “don’t be picky about size of the tool or cost or anything else. Just identify what tools have the ‘needs’ and ‘wants’ on your list.” She made herself a “giant excel sheet” and went down the line identifying which companies had which features she wanted, which she needed and anything “‘neat’ or extra that I hadn’t even thought about.” If she wasn’t able to determine if a company offered the key items she needed or wanted from their Website, she would keep the company on the list, with a note to ask about specific functionality during the next phase. Park also added, “once you’ve reviewed many products, you likely won’t remember what you like and don’t like from each, so I always recommend making extensive notes.”

After compiling this list, Park suggests identifying which ones don’t have what is needed or just wouldn’t be a good fit for your business needs. “It’s rough because some do look really interesting or look like a great company to work with but, you have to be brutal,” she says. “If they are missing a need, they’re out.”

Step Three: Get Chatty

At this point, Park suggests reaching out to the providers still on your list to set up calls, allowing you a chance to learn more about them. The first thing she did on a call was confirm the vendor’s solution did, indeed, satisfy her business needs. This enabled Park to narrow the companies on her list to about five or so, making it easier to really “dig in” and learn a lot about each one.

“Ask the hard questions, not only ‘yes’ they offer that functionality but how that specific company does it,” Park suggests. “Is it set up in a way that will work with your work flow or would you need to make significant changes to how orders are processed, etc.” She suggests creating use cases to present to each company that determine how their system will work within your business. If they utilize a gateway for their functionality, for example, is it possible for your company to change from the one your business uses currently? “This is when it’s time to start identifying any flags, or anything that may be problematic,” Park adds. “Extensive notes for how each thing is handled and what, if anything will need to be changed internally are necessary.”

It’s also important, she says, to listen to your gut during these calls.

“If the sales rep knows zero about fraud, it’s a bad sign,” she says. “If the company is not putting the effort into training or at least selecting representatives with knowledge of the field, it could be extrapolated out to say that they likely won’t put the resources into keeping their product up to date.” In Park’s experience, any company that is not doing continual development will likely outlive its usefulness within a couple years if not sooner. Park notes that, at one point, her company had selected a tool for the fraud department that she “had a bad feeling” about based on unimpressive conversations with the sales and support representatives of the provider. The tool itself “was a brilliant idea in theory and looked like it would be highly effective. The problem was the execution was so weak it was near unusable,” she says.

The final part of this step is to cut the list again. “Get it down to top three, if possible, as the testing phase for each solution can take a significant amount of time.”

Step Four: Test the Top Solutions

It’s just not possible to test all fraud solutions. As Park explains, “Most of the companies that have an easily implemented service already have an option to test built into the sales process. The options that require extensive effort for implementation or set up likely won’t offer a ‘test’ option.” If testing directly is not an option, many companies have ways to show how accurate their solution can be for your company by performing an analysis on a bulk set of previous sales data and advising which orders they would have canceled. You can then compare the results with transactions that were canceled and chargebacks that are received from that time period.

For systems that can be implemented for a testing period, the amount of time for implementation and the amount of effort to set up the process provides an opportunity to learn if this will be a positive partnership in the long run, Park advises.

“You can use the testing period as a time to not only observe if the tool is working as they said it would,” she notes, “but also if their IT personnel are readily available to assist with any issues, if their sales representatives and support staff are knowledgeable and accessible, that they stuck to the promised deadlines and also if there were any additional costs charged that were not discussed in the upfront testing agreement (if fees apply).”

Lastly, Park advises, “try to break the tool!” Not literally, but she suggests putting the software/service “through the ringer.” If you’re considering a verification tool to assist manual reviews, test known good and bad identifiers from previous orders to verify that the results show what you expect and need. If you are testing a service or case management tool, Park suggests comparing the results against what you are doing currently to double check their results for accuracy. Another thing she learned in the process is that “machine learning tools or tools that use rules may require a longer ramp up than tools that provide just data.” She says that “with anything that requires tweaking, leave enough time so when you’re looking at the results, you’re looking at the true working product and not just the ramp up phase.”

Step Five: Final Decisions

After testing, it should become clear which product is the best fit for your company. Going back to the original list of needs and wants, rate how each solution met the needs. Additionally, Park suggests compiling all the notes and turning all of the findings into quantified data. How much you will likely save in prevented chargebacks? How much would sales be increased in prevented cancellations (false positives or upset customers)? And, how much you can save the company in budget adjustments, such as reallocating headcount or discontinuing use of a tool that will become obsolete? It’s important to provide metrics to quantify the comparisons to the rest of the business.

“If you are not the final say or the person who can approve the budget for the tool, you will need more than ‘I liked this one the best’ to validate the purchase,” Park advises. Being able to show the expected positive impact to the bottom line will assist in justifying the budget allocation, and will show that you put the right amount of effort in to making this important decision for the business.

Step Six: Monitoring

The final step Park recommends is not so much a step, as it is a continual task. Even after the tool has been selected and fully implemented, you are not done.

“Continual development is required in this industry,” she concludes. “Some tools retain their effectiveness over time, others don’t. You need to identify trends before they become an operations problem for you and your team. If you have the resources, keep watching for new tools and testing new options and, above all else, keep checking the results of your current tool.”

  • Share this Article:

Daniel Leibovitch