June 13, 2017
By Artem Tymoshenko, CEO, Maxpay
One of the biggest mistakes new online companies make is addressing their fraud exposure only after launching their service. There is no shortage of crooks ready to pounce on and steal from anyone, and who will continue to do so until they are stopped.
A typical online business needs to allow customers to easily pay for goods and services with their credit cards, debit cards or bank accounts in multiple countries. This requires a diverse antifraud strategy. At some point you need to ask yourself whether you should build your antifraud solution in-house, or whether you should purchase a commercial antifraud package.
Fortunately, the rising tide of fraud attacks that has beset Internet surfers and businesses alike has brought along with it a sea of fraud solution providers and techniques to keep ne’er-do-wells at bay.
The fraud prevention market has grown to hundreds of vendors in recent years. With all these options, you need to wonder if it can still be cost-effective to build your own antifraud solution. Choosing an effective antifraud solution is one of the most important decisions an online business will make, and the reality is that there are still instances where it can be beneficial to build a custom solution for cost or performance reasons.
Any analysis needs to focus on answering two questions:
- Can you build an in-house solution for less than implementing a third-party solution provider?
- Will it provide the level of protection needed?
Building an In-House Solution
In this context, an in-house solution is more than just a collection of rules that are hard-coded into a checkout system. A fraud prevention solution needs to allow rules to be managed and changed dynamically, maintain lists of trusted and blacklisted individuals, calculate scorecards, perform manual reviews, manage and back up data, perform reconciliation and integrate with third-party data sources.
Building a robust fraud solution is not to be taken lightly. It can take years to build, and because the bad guys out there are always changing and adapting, it will have to adapt as well. Before considering an in-house solution, your organization must be ready to commit to the process, establish a sound business advantage for building it and bring in the right people for the job.
Most organizations underestimate the full cost of building a solution internally. Upfront costs for outlining the strategy, designing the product and actually implementing it need to be taken into account. Implementation costs should include any software and hardware technologies that need to be purchased and the infrastructure to support them. Once the system is built, there will be high recurring costs for the maintenance staff, resources, recurring license fees and upgrades.
While this path can take much longer to implement, building a fraud solution in-house may help establish a clear competitive advantage in your marketplace. But don’t forget the serious commitment of time and resources.
One company that used their in-house solution to gain a competitive advantage was ATMCASH.COM. But it wasn’t all smooth sailing.
“It took a few years of serious and focused efforts just in the development and deployment stages,” says Jonathon Cooper, CEO of ATMCASH.COM. “It was a very focused effort by very talented people over the course of a few years.” He explained that to complete the project, ATMCASH.COM “had to integrate with various vendors, work with various world-class consultants and hire world-class software experts.”
By committing to build a solution, your organization must not only take on the financial burden for development, they also must take full responsibility for the implementation and maintenance. Fraud prevention systems require daily—even hourly—updates to make sure that they provide the desired level of service.
Buying a Third-Party Solution
Most third-party fraud solutions compete on pricing, accuracy and industry-specific add-ons. The upfront costs are generally dramatically lower than a custom solution. They will usually include the licensing cost that is paid to the vendor as well as costs to integrate the solution into your current processes. Recurring costs are generally higher and will include licensing fees, the costs for your in-house fraud program manager and for staff to perform manual reviews when needed.
Depending on the initial costs and the size of the business, it could take years to recoup the high upfront costs of an in-house solution. Smaller businesses tend to reap the rewards of buying a commercially available software solution as the high per-transaction cost is curbed by the comparatively low volume of transactions.
Like any good surf, the fraud landscape is always changing. By purchasing a solution, you do not have to focus on the daily shifts in cyber-crime trends, although, every company must ultimately monitor any solution to ensure that it is doing what it should be doing—approving customers and denying fraudsters.
Customers are difficult to find, and the goal is always to verify them and improve their experience on your site. Fraudsters will continue to find new ways to scam businesses, forcing you to innovate and stay up-to-date with fraud-fighting technology. The surest way to land yourself in hot water is to think that your system is finished and completely fraud-proof.
In the end, if you are a small to medium-sized business, your best strategy is to take advantage of the commercial third-party programs that are available. Find one that allows custom components that can be added to address your niche needs or specific risk factors that are not included in the basic packages.
By building or purchasing the right fraud prevention solution for your site, you can maintain your focus on improving the customer experience by approving legitimate purchases and saving money by lowering fraud losses.
Artem Tymoshenko is CEO of online payments provider Maxpay. He has experience in financial sectors including international acquiring, payment systems, processing systems, e-money, risk management, network and system security, digital Self-Service and e-billing.