With almost a decade working in fraud prevention, I’ve seen plenty of different strategies, buzzwords and solutions come and go, but nothing as dynamic as today’s fraud prevention landscape. Organized fraudsters have gone beyond buying goods with stolen credit card numbers, they are now active in account takeover, fraudulent account creation, online-offline fraud schemes, and exploitation of mobile and even telephone CNP transactions. Based on my experience and the current trends, here are five major issues I see shaping fraud prevention over the next five years.
Domestic orders will carry more risk
As the largest cross-border e-commerce market in the world, the US has always faced fraud coming from beyond its borders in the form of international orders and domestic orders placed with international IP addresses, international credit cards, or freight forwarders that re-ship stolen products overseas for resale. However, up until the 2010’s the US was considered a low-risk country for domestic CNP fraud. Expect that to change.
Over the next five years, the most significant CNP fraud growth in the US will come from domestic orders—US-based fraudsters buying with domestic credit cards, listing US shipping addresses, and exploiting domestic victims. That’s because fraudsters are learning that utilizing data from other countries raises red flags for fraud, but they stand a better chance of slipping through among the higher volume of good domestic orders. They also have plenty of data to exploit, thanks to the ongoing data breach problem and the profusion of consumer credit cards in the US market.
Payments and fraud-prevention will see consolidation
During the late 2010s, the market flooded with new data-driven solution providers in the e-commerce fraud prevention space, attracting headlines and venture capital. Ten of the new fraud-prevention startups have raised more than $200 million dollars combined. I believe the early 2020s will be marked by consolidation as investors seek payoffs for their initial stakes, founders seek rewards for their hard work, and major payments and information players seek the kind of data-driven solutions these startups are developing.
The next wave of consolidation was already in motion in 2017, when MasterCard acquired passive biometrics startup NuData Security to balance fraud detection with customer experience. It continued in January when RELX Group brought digital identity startup ThreatMetrix in order to combine its global Digital Identity Network with RELX’s LexisNexis Risk Solutions. Expect more as existing players seek to build bigger databases to fuel their business decision-making processes.
Machine learning will move beyond the buzzwords
Over the next five years, the market will realize that saying “we have AI algorithms” isn’t enough to set fraud-prevention players apart. In fact, exclusively rules-based systems are already becoming obsolete. The most successful solutions out there already use hybrid approaches that combine the scalability and managerial efficiency of fraud scores with the flexibility and transparency of rules and policies. Moving beyond the AI and algorithm buzzwords, providers will have to prove themselves with back-tests, proofs of concept, and pilots. Fraud solution marketing will require more than slide decks and presentations, as clients come to expect evidence of experience in the market using variables based on relevant data.
Experience will matter (and cost) more than ever
Because of the rise in fraud attempts and the increasing sophistication of both fraudsters’ techniques and of anti-fraud tools, fraud management makes for a challenging career. Just one example of the type of CNP fraud retailers now face: a computer retailer was getting messages from unhappy customers who’d ordered laptops but received gaming consoles instead. It seemed like an order-fulfillment glitch, but it wasn’t. The seller sent out laptops to make the orders right, and in turn these “customers” returned cheap game consoles they had purchased elsewhere, in effect getting two laptops for the price of one.
Finding fraud managers with the necessary skills and experience to spot and stop this type of scheme can be tough now, and over the next five years, it will get a lot more difficult. The position now requires a strong analytics background, the management skills to select and train a hard-to-predict number of manual reviewers, and the security expertise to prevent internal fraud and data breaches. There may be other domains of knowledge that are added to the mix in the years ahead.
There’s no college degree program in CNP fraud prevention, although I think there are plenty of reasons to have one. That lack of formal, specific education opportunities means the best candidates gain their expertise through experience. As the need for experienced fraud managers increases to keep pace with the upswing in CNP fraud, expect recruiting, hiring, and retaining these experts to get more competitive, more expensive, and more tilted in favor of larger companies with big budgets.
The US market will feel more effects of the EMV liability shift
The pre-liability shift predictions of a CNP fraud spike in the US—based on spikes of up to 73% in other post-EMV markets—have come true. The initial 25% post-shift rise in friendly fraud was just the beginning. Over the next 5 years, the US market will continue to face rising fraud attempts and prevention costs. The biggest challenges will be stopping fraudulent orders and account creations without alienating good customers who want their orders processed quickly and without hassles.
The good news is that the sheer volume of good orders and a warm macroeconomy will counterbalance the rise in CNP fraud. Because of that, I don’t expect the US to reach the same risk profile as countries like Russia, Mexico, and Brazil, but I do expect fraud rates here to surpass those in developed European markets.
One more prediction: the most comprehensive fraud-prevention approach will win
As the predictions I’ve discussed play out over the next half decade, the US market will go through a process that’s already happened in other markets: the solution providers that comprehensively solve the problem will become market leaders. When I say comprehensive, I’m not speaking about the sophistication of the technology but about the level of service. In other markets, fraud-prevention leaders deliver a decision for every order their clients receive, regardless of internal risk profile, and operate with a performance-based business model. Exactly how that will play out here remains to be seen.
Rafael Lourenco is Executive Vice President of ClearSale