2016: Privilege the Good Customer and Fraud Reveals Itself

Ryan WilkBy Ryan Wilk, vice president of customer success, NuData Security

My top prediction for 2016 is that adoption of passive behavioral biometrics for user authentication will increase. Why? Two reasons.

First, we continue to see the weakening of PII-based risk prevention techniques as data breaches flood the market with readily packaged private information. Fraudsters basically have the test answers ahead of the PII-exam.

Second, more users move to mobile platforms every day and they demand a fast, frictionless transaction experience. The only way to protect customer data and accounts and also offer a painless user experience is with passive behavioral biometrics. In fact, the mobile space is a perfect pairing to biometric and behavioral analytics technologies because of the increased number of biometric measurement tools built in to every tablet and every smart phone.

The Cost of Real Fraud, The Bigger Cost of False Positives

Fraud costs retailers to the tune of $9 billion every year, but the cost of false positives, legitimate consumer purchases canceled due to overzealous traditional fraud prevention methods, is upwards of $118 billion in lost revenue according to “Future-Proofing Card Authorization” from Javelin Strategy & Research. And as criminals become more adept at successfully jumping Knowledge Based Authentication (KBA) hurdles, legitimate customers push up against ever greater levels of friction. Risk management leaders need to find a better way to identify their valued customers and identify those who present elevated risk.

The key to accurately identifying and verifying customers is behavioral analytics, letting business become better predictors of risk while minimizing the friction legitimate users face. Biometric and behavioral analytics greatly increases industry efforts to devalue stolen data, eventually reducing the number, scale and impact of data breaches worldwide.  This greatly benefits users, allowing them a frictionless and safe online experience, while continuing to protect their accounts even if their logins and passwords have been compromised. Allowing good customers to continue to interact safely online will be the most important issue in 2016.

Risk Objectives to Focus On

Eliminating false positives and removing friction across the mobile ecosystem will be the key focus going forward, especially as users are looking for that fast, no-hassle experience we’ve come to expect on our tablets and smart phones. By harnessing the power of behavioral and biometric analysis, organizations can predict fraud with a very high degree of accuracy by identifying the real user behind the device. Focusing on the good users and decreasing customer abandonment and attrition can put billions back into merchants’ pockets. The ability to move beyond the machine and truly know your customer will be the differentiator that allows companies to bypass the knowledge-based authentication arms race with fraudsters and leap ahead in terms of customer satisfaction and retention.

Chief Security Officers (CSOs) around the world should focus on three key objectives in the new year to achieve this goal of frictionless user authentication:

  1. Move beyond the device. Know the user on the other side of the machine through passive biometric and behavioral analytics.
  2. Become a facilitator of the business, not a blocker. Security through valid user identification will strengthen brand loyalty and increase conversion while protecting brand assets at the same time.
  3. Layer your defenses. Ensure that you are using an intelligent, multi-layer risk prevention platform that measures behavior over time for accurate, real time scoring to let you know exactly who your user is.

Let’s look at that third objective more closely. A layered approached – using device and connection, analyzing biometrics, measuring and comparing behavior across networks and over time – goes beyond standard fraud detection checks to truly understand the user behind the device. By deploying a continuous evaluation of the user, this empowers organizations to:

  • Identify high-risk and anomalous activity earlier than ever before
  • Redirect suspicious users into a different Web experience
  • Allow real customers to self-resolve risk triggers in session, and complete their online experience without additional delay
  • Decide how to respond in real time with all the necessary context and data to make a better decision.

Online fraud is a multi-billion dollar problem and cyber criminals keep getting better at gaming the system. But there are so many more good users to every real fraud case. Go beyond just finding fraud to rewarding and protecting good users. With a multi-layered method that builds in biometric and behavioral analytics, merchants can truly understand every user, both the good and the bad. Invisible, anonymous, and with unparalleled accuracy, biometric and behavioral analytics offers a frictionless customer experience while it protects transactions, raises conversion and shields brand reputation. It is the must-have security toolkit of 2016.