Recent research from Mastercard company Vocalink has confirmed that businesses that underinvest in fraud prevention and detection are losing money at the till. The advent of real-time transactions means that today’s firms must deploy intelligently applied machine learning–driven analytics to prevent fraud and not just detect it afterward.
David Braue filed this report in CSO Online:
Fully 74 percent of APAC banks in one recent FICO survey said they expect fraud in their country will increase this year, with more than half saying they block cards as soon as their protective mechanisms trigger a fraud alert.
This approach may rankle consumers that have to deal with blocked credit cards – but with fraud losses named as a leading performance indicator by 80 percent of regional banks, it’s a risk that many banks are willing to take. Just 6 percent leave cards open while trying to confirm a transaction’s authenticity with the consumer, for example by sending an SMS message to a registered mobile.
Banks’ increasing ability to flag and act on suspicious transactions in real time reflects their ongoing investment in anti-fraud analytics technologies –– and that investment is paying off by improving detection of a range of fraud and cybercrime activity, says Greg Henderson, government practice principal in the Fraud and Financial Crimes Global Practice of analytics giant SAS.
“A lot of organisations feel like [fraud] is an analytics problem,” Henderson told CSO Australia, “but I am often consulting with them that building the analytics model is only step 1 of a multi-step process.” The real challenge for businesses, he said, is not just building the biggest analytics platform possible – but embedding those analytics into operational processes, helping prevent fraud and cybercrime rather than detecting it after the fact.
Just 36 percent of businesses have tightened their processes to deal with payments fraud – leaving them open to fraud such as BEC attacks, in which cybercriminals manipulate privileged individuals into conducting fraudulent payments for them.
Yet businesses also needed to be careful not to overinvest in infrastructure that far exceeds their requirements – for example, by buying up masses of servers or cloud-computing capacity to provide real-time analytics on transactions that are being processed in batches overnight.