Best Practices for Risk-based Fraud Management

Feb 16, 2012 7:56 AM  By

Listed below are the top-three best practices to consider in the implementation and ongoing assessment of a com­prehensive risk-based approach to fraud management.

Since an authentication score is likely a primary decisioning element in any risk-based authentication strategy, it is critical that a best-in-class scoring model is chosen and validated to establish performance expectations. This initial analysis will allow for decisioning thresholds to be established, accept and referral volumes to be planned for operationally, and benchmarks to be established against which follow-up performance monitoring results can be compared. Just remem­ber, best-in-class doesn’t have to mean most expensive.

Applying unique and tailored decisioning strategies—incorporating scores and other high-risk or positive authentication results—to various access channels and related levels of assurance simply makes sense. Each access channel comes with unique risks and available data, and various opportunities to apply an authentication strat­egy that balances risk management, operational effectiveness, efficiency, cost and customer experience. Champion/Challenger strategies also may be a superb way to test newly devised strate­gies within a single channel or subsegment population without risk to an entire addressable population.

It is critical that key metrics are established early in the risk-based authentication implemen­tation process and are monitored often. If you don’t know where you want to go, you won’t know when you get there, especially if you never look at the GPS! Key metrics may include, but should not be limited to, actual vs. expected score distribution; actual vs. expected pass rates; accept vs. referral score distribution; trends in decision and result code distributions.

Monica Pearson is senior product manager, fraud and identity solutions, at Experian Decision Analytics.