By Steve Durney, SVP Issuer Relations, Ethoca
Banks employ a myriad of sophisticated tools to protect themselves from “card not present” (CNP) fraud. Most recently, a plethora of AI (artificial intelligence) companies have arrived on the scene with impressive capabilities that will result in real-time fraud-detection improvements. There’s little doubt that AI companies are going to play an increasingly important role in the fight against fraud, but the industry continues to migrate to a multi-layered, defensive solution—and for good reason. No single technology is a silver bullet.
The most definitive thing a bank can do if it suspects fraud is talk to the cardholder. Machine-learning algorithms use huge sums of data to calculate the probability of fraud, but the absolute source of record as to whether a transaction is fraudulent is the cardholder. Effective communication with the cardholder is, therefore, the most powerful weapon in a bank’s arsenal.
At Ethoca, we connect issuers and merchants to share confirmed fraud information in near real-time to ensure intelligence is used effectively. Our partner, FICO (Fair Isaac Corporation), recently reported that European CNP fraud has risen from 50 percent of gross fraud losses in 2008 to 70 percent in 2016. Similar reports can be found in markets across the globe. The Nilson Report estimates that 72 percent of card losses are suffered by issuers, so it’s no surprise that banks collectively drive billions into protecting their customers and their reputations. But with CNP fraud and false declines rising, there is a clear need to search out lower-cost, highly effective techniques that can turn the tide before the problem becomes insurmountable.
Find the channels of communication.
The first and most critical step for banks is to check customers’ contact details at every interaction point: online, over the phone or face-to-face at a branch. Make sure their email addresses are still used; check that you have their personal cell numbers; and find out how to reach them at work. Not having the right contact details leaves a bank blind. If a bank blocks a good transaction (called a “false decline”), it risks frustrating its customers and losing their loyalty. What’s more, the cardholder will often elect to put the card at the back of the wallet, where it tends to stay—either permanently or for months at a time. Our research indicates that 475 million cardholders globally are at risk of relegating a preferred card to the back of the wallet after a decline.
Banks must build triggers that alert representatives to when contact details have been unchanged for a certain amount of time; finding a balance that strikes the point before it becomes invasive is key. There should also be a concerted effort to engage customers on fraud via banking apps. The average American looks at his or her phone 46 times per day, making it a perfect channel for rapid responses to fraud messages. Mobile-first challenger banks have a significant advantage here, with customers effectively forced to opt-in with their mobile contact details. Established banks must match this.
Build customer trust.
It’s not enough to just have effective communication channels, though. Banks should also be open and honest with their customers about why they are collecting data. Customers are much more likely to share contact information if it is exclusively for anti-fraud purposes, so it’s important to offer an option to opt out of marketing messages.
Marketing departments are predisposed to take advantage of the fraud team’s superior email open rates and contact details. But if customers are bombarded with marketing collateral from their banks, they will start to ignore communications, resulting in genuine fraud alerts potentially being missed. Be clear on which contact details will be reserved exclusively for fraud purposes and clearly state up front when communicating about fraud, so important messages are not deleted.
When President Ronald Reagan wanted to put the American people on their guard at the height of the Cold War, he turned to the creativity of Hollywood to help educate the public. Banks need a similar approach for fraud. ID theft is reaching “epidemic levels”, making it incredibly dangerous for customers to maintain their naive approach to online security. A recent survey found that 80 percent of consumers reuse the same password across multiple accounts. This is inexcusable, but banks need to drive this educative process and offer multi-factor authentication as a minimum.
Creative, accessible means of educating customers is required to help them protect themselves. Communicating with simple, jargon-free terminology can help stop fraud before it becomes a problem.
Smooth the authentication process.
Five years ago, no one was ready for biometrics, but Apple and Samsung have now made it mainstream on modern smartphones. Banks should seek to become early adopters of the technologies with which consumers are either comfortable now, or will be used to soon. After all, something you are is far stronger than something you know—voice recognition, fingerprints and face recognition, while not infallible, have all shown their merits.
Currently, we’re seeing something of a Wild West attitude to biometrics, with lots of businesses developing it in different directions without common standards or a recognition of what the public is comfortable using. Yet biometrics will play a significant role in future authentication, and banks need to stop following their peers and start leading alongside pioneering tech companies.
Operate at speed.
Whenever fraud is suspected, it’s critical that banks use channels of engagement that have the highest degree of speed in solving the problem. The faster a customer can talk to the bank, and the faster the bank can engage with the customer, the faster genuine fraud can be stopped, minimising financial losses.
Such speed also has an additional positive impact on the relationship between the bank and the cardholder: disputes resolved quickly reduce friction in the transaction process, minimising customer frustration.
Ultimately, collaboration between the bank, the merchant and the cardholder is key to ensuring a fraudulent transaction is identified and stopped effectively. Banks that can confirm suspected fraud with the cardholder and transmit the data to the merchant in near-real-time will see chargeback volumes slashed and fraud-resolution time cut from weeks to hours.
Using advanced collaboration techniques, banks not only have the potential to provide cardholders with details on the date, time and cost of the purchase, but also information about the retailer and even the specific product/service that was purchased. These rich details cut confusion and help resolve the issue quickly and painlessly.
Time to recruit consumers.
Including the customer is the most meaningful means of stopping fraud and false declines.
Banks must collaborate first with merchants to exchange rich information at speed, before drawing in the customer to make a quick decision based on the bank’s detailed description of the transaction. It all comes down to trust. By recruiting customers and working with merchants, banks can establish a powerful, cost-effective collaboration network that will be essential in the fight against CNP fraud.