Going Mobile? So is Fraud
The following is taken from a recent interview of Kount conducted by Retail Info News Magazine concerning the rise of mobile commerce and how merchants can protect themselves and still take advantage of the growth opportunities.
What are today’s biggest challenges for retailers in terms of securing their digital transactions?
Over the past couple of decades, fraudsters have evolved into a sophisticated network of criminals that have increased the speed of fraud and the size of their impact. Merchants that work in card-not-present (CNP) environments can no longer just throw tools at the problem, they need a dynamic, comprehensive, platform-type solution that responds in real-time, sub one second, to stop fraudulent transactions and not interrupt the consumers buying experience. The solution must be multi-layered and work with credit cards, mobile and other alternate payment types.
What additional security/fraud prevention challenges do mobile transactions present?
Unlike other forms of payment, mobile introduces many new elements that complicate the user verification process. For instance, mobile phones can be rented or pay-by-the-minute phones purchased, SIM cards can be modified and in many cases mobile devices do not require a standard payment credential or verification that the right user is making the purchase. Stolen mobile devices are as vulnerable as stolen credit cards or other forms of identification. Consumers are buying more digitally delivered goods such as apps, content and virtual goods, which are downloaded instantly and they expect immediate approvals. Fraud checks must be as fast or faster than the payment approval and more accurate than ever.
Which best practices used in online fraud prevention can most profitably be applied to the mobile space?
The issue really is that it doesn’t make sense, either fiscally or operationally, to have different solutions for online and mobile fraud. The best overall strategy and most cost-effective practices in use today detect and prevent fraud through operational or platform solutions that look at fraud in a complete and comprehensive way and management it as single system. A good fraud prevention strategy looks at all channels and payment types and manages a rules, or decision engine, to the business conditions. Otherwise, merchants are always patching holes as new methods of fraud evolve.
Can retailers take a similar approach to fraud prevention for their own mobile devices and for transactions with consumers’ mobile devices? Are there advantages to taking a common approach?
We look at fraud as fraud, no matter where it is being committed, on any device by anyone. On a platform like ours, it would be very simple to create rules based on in-store devices or purchases that have a slightly different set of criteria than for consumers’ transactions off premises on other devices. Again, one fraud strategy, multiple ways to engage it based on the business.
Which technologies/processes have proven themselves in the area of digital fraud prevention?
There are lots of good technology tools on the market today. None of them are an answer by themselves and few are integrated into a platform, the best way to layer fraud protection. In the digital goods space speed and accuracy are critical factors combined with a complete set of tools such as, device identification, geolocation, IP detection and IP proxy piercing, multi-merchant order linking, velocity checks, affiliate management and a comprehensive risk score that analyzes the hundreds of variables reviewed by these tools. A robust rules or decision engine can really make a huge difference in maintaining a solid fraud prevention strategy.