Fraud detection
Fraud detection is the practice of detecting and mitigating fraud across your organization. Fraud occurs when a bad actor—or fraudster—uses stolen information to complete a transaction. While most fraud detection software will flag fraud, advanced attackers can bypass these systems. If successful, you could be left responsible for those impacted.
What is fraud?
We live in a highly-digital world, where the majority of consumers use and store sensitive financial information online. With this, comes the risk of payment fraud. Securing your tech stack to detect, eliminate, and respond to fraud should be a strategic priority for your organization.
Detection software can actively identify fraud, but skilled actors often work to trick the anti-fraud tools you may have in place. These tricks are achieved using personal information, like an address, to mimic a cardholder’s location. To avoid being flagged, fraudsters will often copy a consumer’s spending behavior, or use programs to prevent tracing.
Different types of fraud
Whatever method a fraudster uses can take varying forms. Some common types of fraud in the online payments world include:
Account takeover (ATO)
When a bad actor gains access to an online account—from which they can use the stored information to initiate a fraudulent transaction, funds transfer, or to commit fraud on others
Card-not-present (CNP) fraud
Common in the online payments world, CNP fraud is when a fraudster uses digital card data—obtained via a breach or scam—to commit fraud without having the physical card in possession.
Chargeback fraud
Sometimes referred to as friendly or refund fraud, chargeback fraud occurs when a customer requests a chargeback, falsely claiming they never received a purchased item. If their bank approves, they’ll keep the item and the seller will be responsible for the cost.
Collusion fraud
Collusion fraud involves two or more parties that scheme together to defraud another party. Collusion fraud is growing more prominent due to the rising popularity of digital-first platforms.
Identity theft
Identity theft occurs when a fraudster uses personal information to steal a person’s identity—with which they can open new accounts or lines of credit. Personal information is often available through the dark web.
Merchant fraud
When a fraudster poses as a legitimate merchant or vendor in order to trick customers into purchasing non-existent goods, or in order to steal funds via an account takeover.
Money laundering
Money laundering is the process of converting illegal funds into legitimate, usable cash. It’s typically associated with organized crime or terrorism.
Physical card testing
Card testing fraud is when fraudulent transactions are attempted without a physical, stolen credit card in hand. A fraudster may use many cards and repeat the process until a successful transaction happens.
Promo fraud
When a fraudster (or consumer) takes advantage of a company’s promotion or offer by creating duplicate accounts in order to claim the same discount—or to claim free products multiple times
Transaction fraud
Also known as payment fraud, this occurs when a person’s payment information is used to make an unauthorized purchase. Card-not-present (CNP) is a more specific type of transaction fraud.
What is fraud detection?
Fraud detection is the process your company follows to pinpoint and stop any fraud attempts. It’s just one part of your organization’s risk management strategy. More than ever, fraud detection is crucial to your business as card-not-present methods, like Apple Pay, and buy-now-pay-later schemes, like Afterpay, become more popular.
How to detect fraud
The fraud detection tools currently available rely on the power of analytics, machine learning (ML), and automation to detect and prevent fraud. These powerful methods can continuously monitor your online ecosystem to detect fraudulent transactions and better understand hackers’ methods for committing fraud. This means that every transaction you process can be evaluated for fraud and assigned a level of risk.
Suppose a pattern of behavior or a particular transaction is assigned a high level of risk. In that case, your systems can flag this within seconds—prompting a user to complete additional verification before proceeding, like receiving a pin code via text. Conversely, these automated flows can verify a user and authenticate a transaction without other security layers. Striking the right balance between security and a seamless customer experience is essential for customer satisfaction and effective fraud prevention.
Machine learning (ML) for fraud detection
By harnessing the power of machine learning (ML), you can implement algorithms that work together with historical data to build risk rules in real-time. These rules can automatically prevent or allow certain behaviors by those using your platform. If an action occurs that these embedded rules deem suspicious, a user is blocked from proceeding any further.
Different methods of machine learning (ML)
Supervised learning
Supervised learning is a method that requires guidance—or supervision. It’s a predictive form of analysis that is trained based on labeled data. These labels could be simple binary values like yes/no, good/bad, or even a score. Supervised learning will only be as effective as the data it’s built from, so fraud may still occur if the training data set is missing specific values.
Unsupervised learning
Unsupervised learning detects anomalies in unclassified data. This method continually analyzes the data to identify patterns without requiring input or labels.
Semi-supervised learning
Semi-supervised learning is a combination of the above, supervised and unsupervised. With this method, you can still train a model to detect fraud without needing to feed the model a heavy amount of labeled data.
Reinforcement learning
Reinforcement learning is the ultimate type of decision-making. This machine learning method learns from experience to execute the best possible decision when there is no labeled data to work with. Over time, the model will understand which decisions are best for minimizing risk and maximizing reward.
How does ML-driven fraud detection work?
Machine learning (ML) allows for technology to continually learn from data—without needing to be reprogrammed each time. Patterns are one of the most effective ways to detect if fraud is present, and a pattern that could take a person months to establish is done by ML-powered algorithms in a rapid amount of time. You’re training your machines to detect fraud based on patterns and user behavior.
Here’s a step-by-step on building a machine learning (ML) model:
Data analysis
Data input is the first step in creating a machine learning (ML) model for fraud detection. The more data you can provide for your model to analyze, the more accurate and effective your unique model will be. The most effective ML models can analyze both first-party and third-party data.
Example datasets you can start with are lists of genuine customers who haven’t been linked to fraud, or a list of bad customers who have initiated a chargeback in the past or are known fraudsters.
Feature extraction
Feature extraction breaks the data down and extracts relevant features that are then used to train your model’s decision-making. These features could include personal information (IP address, age of account), transaction-related information (number of past orders, number of failed transactions), location information (customer’s address matches IP address), and payment information (issuing country of the card used, the bank’s legitimacy).
Training the model
Now you can train your model to detect fraudulent activities. The model will follow a set of rules to verify the legitimacy of any transaction based on the above data points.
Note: It’s important to feed the model past instances of fraud so there are examples the model can learn from.
Leverage and maintain ML model
Once training is complete, you will receive a unique machine learning (ML) model that can detect and fight fraud in seconds. Remember, fraudsters are innovative, so it’s crucial to maintain this model with new data, so fraud tricks don’t slip through the cracks.
The benefits of using machine learning models and automation in fraud detection are clear: Reduce time spent by people in your organization detecting fraud and quickly dissect vast amounts of data.
Risk management for fraud risk
Any type of fraud payment arises out of a purchase that a cardholder has not authorized. Whether a physical card has been stolen, or card details were skimmed, every transaction you process poses the risk of fraud. To detect and combat this type of fraud risk, your company can implement fraud detection software.
Conversely, fraudulent sellers can collect funds for goods that they have no intention of ever providing. It’s your responsibility to ensure you’re minimizing fraud risk from illegitimate merchants.
Identify Risk
When you onboard new sellers or users, you should be validating as much information as you can to verify the legitimacy of the account.
- Always verify as much as possible when onboarding. Review business licenses, research the seller’s online presence to flag any discrepancies, and confirm details like physical addresses exist
- Fraudulent sellers will often open another account if they’ve been caught before. Always cross check personal information to combat duplicate accounts
- Similar to credit risk, you could hold funds as a guarantee for those sellers who fit into the high-risk profiles you’ve established
Monitor Risk
The digital landscape is always evolving, and with this, fraudsters evolve too. To ensure you’re picking up on any red flags from a seller, set up automatic alerts that flag major changes in a seller’s activity.
- Analyze seller behavior and set benchmarks for review. Cross compare monthly activity with previous months to understand how a potential fraudulent seller is changing their tactics to fly under the radar
- Rely on past occurrences of fraud to establish a checklist for auditing seller behavior (i.e. what to check for, what’s normal, what’s extreme)
- Don’t ignore suspicious activity—contact a seller to validate that a sale is legitimate if your system flags potential fraud
Mitigate Risk
After a certain period of time, you should have good visibility into the different levels of risk that you’re dealing with. Here you can finetune your approach to proactively mitigate risk.
- Hold funds from sellers until an exchange is complete. That is, once the recipient receives the goods. This can limit chargebacks or stolen funds
- Categorize sellers per your risk categories. For those with a good record, you may consider releasing funds straight away
- Avoid card testing attacks by adding new layers of verification during the checkout stage to verify that a purchase is legitimate
Risk management for credit risk
Onboarding new users to your platform is usually the most crucial time for pinpointing any risk. Understanding past actions or how a new user/merchant operates can prevent any future credit-related risk events. Usually as a third-party facilitator, you assume a level of responsibility for handling online payments. It’s standard to expect a new seller to have enough cash to cover refunds and to keep business moving, though there is always a risk a faulty seller could leave you facing large amounts of loss when they can’t cover refunds or returns.
IDENTIFY RISK
It’s okay to be weary of new sellers as you have no prior experience in working together. But by following a risk management process, you can gain a better view into any risk-prone users before you onboard them fully.
- Don’t assume, and always conduct a thorough review of new vendors that want to use your software
- Be thorough— double check refund policies, financial statements, and credit checks
- Create financial limits or purchase caps at the start to get a better understanding of how the vendor will operate
- Hold a percentage of funds as a safety net from any sellers that pose risk, or create a standard timeline for review so that you can vet all new vendors
MONITOR RISK
- Build a first line of defense by creating automatic notifications or alerts when a potential risk-related event occurs
- Conduct regular audits to better understand how sellers are using your platform and to reveal any negative patterns of behavior
- Pay attention to customer feedback. Are there patterns of complaint from a particular vendor?
MITIGATE RISK
After you’ve identified and monitored risk, you should have a better grasp on the risk profiles your business deals with. Categorizing users under certain risk profiles can create a system of checks and balances to ensure you’re flagging potential liabilities and new risks
- Don’t pay vendors/sellers until a recipient receives what they were intended to
- Create rules for payout based on unique risk profiles to cover your credit risk—the riskier the vendor, the longer payout period
- Pay attention to sellers with a negative balance, and understand what power you have to recover funds, otherwise, you’ll need to cover the transactions they can’t
- Understand where risk is coming from. Are there more risk-prone sellers from a particular area or industry? Implement onboarding caps in line with these discoveries
Risk management for fraud risk
Any type of fraud payment arises out of a purchase that a cardholder has not authorized. Whether a physical card has been stolen, or card details were skimmed, every transaction you process poses the risk of fraud. To detect and combat this type of fraud risk, your company can implement fraud detection software.
Conversely, fraudulent sellers can collect funds for goods that they have no intention of ever providing. It’s your responsibility to ensure you’re minimizing fraud risk from illegitimate merchants.
IDENTIFY RISK
When you onboard new sellers or users, you should be validating as much information as you can to verify the legitimacy of the account.
- Always verify as much as possible when onboarding. Review business licenses, research the seller’s online presence to flag any discrepancies, and confirm details like physical addresses exist
- Fraudulent sellers will often open another account if they’ve been caught before. Always cross check personal information to combat duplicate accounts
- Similar to credit risk, you could hold funds as a guarantee for those sellers who fit into the high-risk profiles you’ve established
MONITOR RISK
The digital landscape is always evolving, and with this, fraudsters evolve too. To ensure you’re picking up on any red flags from a seller, set up automatic alerts that flag major changes in a seller’s activity.
- Analyze seller behavior and set benchmarks for review. Cross compare monthly activity with previous months to understand how a potential fraudulent seller is changing their tactics to fly under the radar
- Rely on past occurrences of fraud to establish a checklist for auditing seller behavior (i.e. what to check for, what’s normal, what’s extreme)
- Don’t ignore suspicious activity—contact a seller to validate that a sale is legitimate if your system flags potential fraud
MITIGATE RISK
After a certain period of time, you should have good visibility into the different levels of risk that you’re dealing with. Here you can finetune your approach to proactively mitigate risk.
- Hold funds from sellers until an exchange is complete. That is, once the recipient receives the goods. This can limit chargebacks or stolen funds
- Categorize sellers per your risk categories. For those with a good record, you may consider releasing funds straight away
- Avoid card testing attacks by adding new layers of verification during the checkout stage to verify that a purchase is legitimate
Risk management for account takeovers
Even with a strict, multi-layered verification approach, fraud may still occur within your software via account takeovers. An account takeover only requires a cybersecurity criminal to obtain credentials, then they use already verified, existing accounts to commit automated fraud attacks.
IDENTIFY RISK
Identify verification can help to ensure only authorized sellers access their accounts.
- Adhere to ID verification processes for every seller, add a two-factor login stage to block automated progression
- Set lockout periods for multiple failed attempts and alert account owners when a potential breach has been attempted
MONITOR RISK
Establishing when an account takeover is occurring is important to stopping fraud in its tracks.
- Monitor any activity that could be suspicious by flagging when a login is from an unusual location
- Create alerts for when account activity is out of the ordinary, i.e. abnormal order size, frequency of orders, and review accordingly
MITIGATE RISK
Reducing automated account takeovers involves understanding how these breaches are successful, and applying any learnings to your risk management plan.
- Alert customers when you block an attempted account takeover, use the opportunity to demonstrate security but also to inform the seller on how to avoid future attacks
- Send notifications when personal details associated with a users’ account have been modified in case of a successful breach
Risk management for account takeovers
Even with a strict, multi-layered verification approach, fraud may still occur within your software via account takeovers. An account takeover only requires a cybersecurity criminal to obtain credentials, then they use already verified, existing accounts to commit automated fraud attacks.
Identify Risk
Identify verification can help to ensure only authorized sellers access their accounts.
- Adhere to ID verification processes for every seller, add a two-factor login stage to block automated progression
- Set lockout periods for multiple failed attempts and alert account owners when a potential breach has been attempted
Monitor Risk
Establishing when an account takeover is occurring is important to stopping fraud in its tracks.
- Monitor any activity that could be suspicious by flagging when a login is from an unusual location
- Create alerts for when account activity is out of the ordinary, i.e. abnormal order size, frequency of orders, and review accordingly
Mitigate Risk
Reducing automated account takeovers involves understanding how these breaches are successful, and applying any learnings to your risk management plan.
- Alert customers when you block an attempted account takeover, use the opportunity to demonstrate security but also to inform the seller on how to avoid future attacks
- Send notifications when personal details associated with a users’ account have been modified in case of a successful breach
Your risk management
options with Pi
Face risk head on with Pi – an ML-driven decisioning engine that serves as a fraud prevention layer for your business. Pi provides continuous risk scoring throughout the customer lifecycle, allowing you to evaluate your risk landscape, and modify your approach in real-time. The Pi platform creates dynamic risk scores and tiered experiences for each user on your platform, based on their behavior and profile.
Pi helps you flag unusual activity with automatic detection based on a set of established rules and policies. Whether it’s restricting settlement windows, setting money movement limits, or adding extra verification layers for certain users—Pi can strengthen your approach to mitigating risk.
Pi also continuously monitors users throughout each touchpoint, readjusting personal scores and recommending the right course of action as a user’s behavior changes. Risk is out of your control, but what is in your control, is your response. Take a proactive approach to risk and grow with confidence by creating the right experiences for the right users.
Risk is out of your control, but what is in your control, is your response. Take a proactive approach to risk and grow with confidence by creating the right experiences for the right users.
FAQs
What is meant by risk management?
Risk management is the practice of identifying, assessing, and mitigating risk across your organization. Risk management can be done at the micro level (department wide), or at the macro level (organization wide). Organization-wide risk management is also referred to as enterprise risk management, or ERM. This is when risk is approached strategically in line with business goals and objectives.
What are some examples of risk?
In the world of online payments, the three most common types of risk are credit risk, fraud risk, and the risk of account takeovers. Though risk can extend beyond these to other types of risk, like operational risks, the risk of a natural disaster, or compliance-related risks, etc.
What are risk management examples?
An example of risk management is holding funds from sellers that fall into a risk profile of concern. If there are signs that a seller on your platform is engaging in fraudulent activity, holding funds until you can verify their legitimacy is an example of managing fraud risk.
What are the 5 ways to minimize risk?
The 5 ways to effectively manage risk are: Identify risk, assess risk, prioritize risk, treat risk and monitor/review risk.
What is the risk management process?
The risk management process refers to the way your company identifies, assesses, and mitigates risk. Depending on the type of risk, the severity of its potential outcome and your organization’s risk appetite, you may follow a personalized risk management process. However, a standard framework approach can be a good place to start.
What is the difference between risk management and risk assessment?
Risk assessment is a facet of the risk management process. While risk management is the ongoing process where your organization identifies, analyzes, and works to mitigate risk, risk assessment is a once-off and helps to surface any immediate risks facing your company right now.