December 19, 2017
By Roger Lester, Payments Expert, Featurespace
With the holiday season reaching its peak, the final months of the year are typically the busiest time for consumers and merchants alike. Sales promotions and increased shopper demand cause a considerable spike in sales volume, both online and in stores. According to the National Retail Federation, 2016 holiday retail sales in the U.S. showed a 4 percent increase year-on-year.
Initial figures for this year’s sales period indicate that 2017 will be no different. E-commerce sales on Thanksgiving Day were up 18 percent from last year (to $2.87 billion), while Black Friday and Cyber Monday sales increased by 17 percent (up to $5.03 billion and $6.59 billion, respectively).
More sales, more fraud
Unfortunately, the holiday buzz goes hand-in-hand with increased fraudulent activity, typically peaking on Christmas Eve (Security Magazine, 2017). With fraud attempts up by a staggering 31 percent between Thanksgiving and New Year in 2016, fraudsters clearly exploit the seasonal demands on merchants and their fraud prevention systems, knowing that fraudulent activity is more likely to slip through during busy periods.
What challenges do merchants face during the holiday season?
- Pressure on fraud team resources and training: Many organizations aim to anticipate the rise in sales by hiring temporary fraud management staff, who may be inexperienced. The need for additional in-house training can put pressure on the existing team, who may feel overwhelmed and work less efficiently.
- Tight consumer shipping deadlines: Orders placed in November and December are often time-sensitive, increasing the pressure on organizations and their staff to ship orders quickly. Customers react badly to delayed orders—even more so when the items are gifts—so the stakes are high. To retain repeat customers and avoid reputational damage, keeping customers happy is even more important than usual.
How do organizations handle the added pressure?
I’ve seen different strategies used over the years to tackle the holiday season fraud spikes, including:
- Hiring temporary staff or adjusting the acceptable risk level to avoid being swamped by alerts (e.g. only checking transactions over $1,000 instead of $500): However, this increases the risk of increased low-level fraud going undetected. Fraudsters are aware of this approach and react accordingly—the average value for transactions where fraud was detected decreased from $243 in 2015 to $228 in 2016 (Security Magazine, 2017) as fraudsters aimed to ‘fly under the radar’ of detection systems.
- Over-reliance on insufficient rules-based fraud systems: I’ve repeatedly witnessed organizations struggle to adapt quickly to a rise in transactions and fraud when relying solely on rules-based systems. Fraudsters are known for keeping one step ahead by rapidly changing their methods to identify an organization’s weakness.
With a purely rules-based approach to fraud prevention, heavy manual intervention is required to keep systems up to speed with new fraud attacks, using team resource and time that could be better invested in other areas of the business.
Additionally, over-reliance on manual intervention typically results in an increase in false positives—fraud alerts for genuine customer activity. A high false positive ratio—the number of ‘false alerts’ to genuine fraud cases—causes customer friction when genuine orders are declined and increases the workload of fraud and customer service agents.
Is there a better way to improve fraud defenses—without causing customer friction?
A fraud system that completely relies on rules often proves to be insufficient, especially at times when genuine customer activity and fraud attacks peak.
A more successful way to improve fraud protection is to strike a balance between managing the higher fraud risk and keeping team sizes relatively stable.
A layered fraud prevention platform which incorporates real-time machine learning and adaptive behavioral analytics technology can capture the same, or an even higher, amount of fraud.
To achieve this, adaptive behavioral analytics works on the individual customer level, looking at their behavior and identifying behavioral and transactional anomalies in real-time. New fraud types are stopped as they occur, including for Card-Not-Present (CNP) fraud, which is becoming a holiday favorite among fraudsters.
Using this approach, one of the global organizations I have worked with saw a 39 percent reduction in fraud losses while improving their false positive ratio for CNP transactions from 23:1 to 6:1.
Additionally, this machine learning approach enables fraud teams to automate and speed up processes. An adaptive behavioral analytics is capable of ‘self-learning’—automatically adapting to new customer data as it is received. The advantage is that a self-learning a system does not degrade over time, enabling organizations to fight fraud effectively all year round, even during peak shopping periods.
Taking the next step: embracing new fraud systems
To tackle fraud and simultaneously reduce associated costs, organizations that want to get ahead are investing in machine learning systems which use real-time adaptive behavioral analytics.
These fraud systems improve fraud detection and false positive ratios (genuine transactions declined), while reducing associated fraud costs. They work automatically 24/7, 365 days a year, allowing resources to be allocated to where they are most needed—even during this crucial time of year. With these systems in their hands, merchants can stay one step ahead of the criminals to protect their revenues and their customers.
Roger Lester has worked in the card industry for more than 30 years. Having worked both with issuers and acquirers, he brings his financial services industry expertise and insight to his role at Featurespace (www.featurespace.com). As a payments subject matter expert, Roger ensures that Featurespace’s ARIC Fraud Hub development matches the risk management needs and requirements of the financial services sector.