Fraud Prevention: Gaining insight fraud throughout the customer lifecycle & future trends Earlier this week, I had the pleasure of chairing the annual Grad School session during CNP Expo 2015. The group was energized by the participation of the attendees and we hope that all gained insight into issues regarding fraud throughout the customer lifecycle as well as future trends in payments, identity and cross border growth. For those who were unable to join us in Orlando, the CNP Expo Grad School focused on the importance of creating a comprehensive fraud strategy to protect your organization throughout the customer lifecycle. To help articulate the varied fraud challenges posed at each stage, we brought an esteemed group of fraud experts, who collectively have served in the industry for over 100 years. We kicked off Grad School with Lawrence Baldwin, CIO of myNetWatchman. He described how fraudsters can transform low value credentials, which can be purchased on the black market for fractions of a cent, into high-value validated credentials that facilitate burgeoning Account Takeover attacks. Jeramie Driessen, a Sr. Risk Analyst in Experian’s Fraud and ID group, then delved into the challenges merchants need to address when evaluating new account opening for merchants and card issuers. Yours truly covered the various stages of Account Takeover and described the evolving fraud vectors that are targeting existing accounts. During part two of the three-hour Grad School, Angela Montoya, Product Management Analyst for Experian Fraud and ID, and David Stewart, Manager of Corporate Security at Virgin America, shared their insights about transaction fraud and dived deep into the nuances of sniffing out crime rings and setting up new fraud teams. We ended with Dan Elvester, Sr. Director of Business Development at Experian, sharing facts and market trends around ecommerce growth, cross-border expansion and emerging fraud tools just before Cherian Abraham, Sr. Consultant with Experian’s Global Consulting Practice, covered advanced topics regarding Apple Pay, Tokenization and the future of Identity Verification. Overall, the CNP Expo 2015 Grad School reinforced our central theme of creating a multi-layered fraud strategy that places controls not just on the monetary transactions executed on your website but also on the account management, origination and even acquisition phases of your customers’ lifecycle. Thanks again to our speakers and attendees for your engagement and interest in Experian’s ongoing efforts to stop fraud. To follow along the topics that were covered a copy of our grad school presentation can be viewed here:

Credit card declines Surag Patel, vice president of global product management for 41st Parameter, led a panel discussion on Digital Consumer Trust with experts from the merchant community and financial services industry at this week’s CNP Expo. During the hour-long session, the expert panel – which included Patel, Jeff Muschick of MasterCard and TJ Horan from FICO – discussed primary research explaining the $40 billion in revenue lost each year to unwarranted CNP credit card declines and what businesses can do to avoid it. Patel began the Thursday morning session by asking the audience how many have bought something online—of course, everyone raised their hands. He then asked how many had been declined—about half the hands stayed up. “Of those with your hands still up,” he said, “how many of you are fraudsters?” The audience chuckled, but the reality of false positives and unnecessary declines is no laughing matter. Unnecessary declines cause lost revenue and damage the customer relationship with merchants, banks and card issuers. The panel cited a 41st Parameter survey of 1,000 consumers and described their responses to the question, what do you do after you get declined? While many would call the card issuer or try a different payment method, one in six would actually skip the purchase altogether, one in ten would purchase from a different online merchant, and one in twelve would go buy the item at a brick-and-mortar store. So regardless of who the customer blames, ultimately, when a good purchase is declined, everybody loses. Jeff Muschick, who works in fraud solutions for MasterCard, spoke about the need for a solid rules engine, and recommended embracing new tools as they emerge to enhance their fraud prevention strategy. He acknowledged that for smaller merchants, keeping up with fraudsters can be incredibly taxing, and often even at larger organizations, fraud departments are understaffed. For that reason, he highlighted a tool that many fraud prevention strategies are leaving on the table, and that’s cooperation: “We talk about collaboration, but it’s not as gregarious as we’d like it to be.” TJ Horan, who is responsible for fraud solutions at FICO, encouraged merchants, banks, and card issuers to mitigate the damage of good declines through customer education. He observed that “if there was a positive thing to come out of the Target breach (and that’s a big ‘if’), it is an increase in general consumer awareness of credit-card fraud and data protection.” This helps inform customers’ attitudes when they are declined, because they realize it is probably a measure being taken for their own protection, and they are likely to be more forgiving. Click here for more information about TrustInsight and how online merchants can increase sales by approving more trusted transactions.

Recently, I sat down to answer three questions for “The Year of Payments - 2015: One Quarter in” for PYMNTS.com on the topic of mobile payments in regards to: How Q1 2015 is different than Q1 2014 What’s the most significant development so far this year? If “Payments 2015” were a brand and had a tagline, what would it be and why? A significant factor in shaping the next frontier in fraud management is the continued rapid growth in online and mobile payments as the preferred methods of doing business for many consumers. With more than a third of customers interacting with a single business in five or more channels and more than 85 percent of consumers using online or mobile to conduct business, the need for omnichannel fraud prevention becomes a requirement. These trends make mobile-device intelligence as important to the authentication process as traditional personally identifiable information. As a result, the need to integrate device intelligence into the authentication process to associate a consumer to a known device is critical. Companies already are beginning to incorporate device intelligence into their authentication strategies. The ability to verify a customer through his or her device is a huge benefit to the overall customer experience and not only makes it easier for the customer to do business with you, but also adds an additional layer of validation. The challenge with any new emerging business or new technology is maintaining a frictionless customer experience foremost because fraudsters are always the early adopters. Make sure to read our perspective paper to see why emerging channels call for advanced fraud identification techniques and what myself and other industry leaders had to say on the topic of mobile payments:

Mortgage originations kicked off Q1 2015 with a 25% year over year increase to $315 billion.

At the start of the Vision 2015 Conference, Experian® announced a new dedicated enterprise Fraud and ID business in North America. This newly established business unit allows Experian, the leading global information services company, to more aggressively address the growing variety of fraud risk and identity management challenges businesses, financial institutions and government agencies face. “The rapid progression of wide-scale fraud and data breaches have led to a significant increase in identity theft related risk, and potential fraud losses on a larger scale than ever anticipated,” said Charles Chung, president of Decision Analytics, Experian North America. “For nearly two decades, we have been helping clients solve the difficult and ever-changing problems of fraud detection and identity management. Our core expertise was further enhanced by the recent acquisition of 41st Parameter which added device identification as another important layer of sophistication to our suite of fraud detection tools. Now the creation of a new fraud business unit brings all components of our Fraud and ID services together to better serve all markets through our innovative authentication techniques, advanced analytics and Big Data insights.” Having one comprehensive operation allows Experian to deliver greater value across its various addressable markets through customized approaches that balance privacy, security and compliance requirements with client reputation, customer experience, convenience and efficiency. The integration brings together a wide set of enterprise services ranging from identity and device risk assessment and anti–money laundering to consumer identity monitoring and alerts, letting Experian continue to proactively meet client needs surrounding the complex risks they face. Dr. Jon Jones has been appointed to lead the new business unit as senior vice president and general manager of Fraud and ID for Experian North America. “Data security and fraud management affect many industries as identity data has become so compromised that authenticating consumers through traditional means is not enough to safeguard against fraud. Modern fraud risks now absolutely require Big Data assets and the proven ability to derive predictive analytical capabilities to meet these challenges,” said Jones. “Today, online and mobile commerce, and customer demands for convenience and speed are intersecting with the increasing sophistication of criminal fraud networks. Experian’s new integrated fraud business delivers next-generation holistic fraud management services, leveraging our vast data landscape to identify customers’ risk for fraud even when no threat has been detected to stay ahead of the growing market demands.” Accounting for the real risk of identity compromise over time continues with the launch of Experian’s Identity Element NetworkSM which identifies real-time fraud volume and velocity linkages across multiple industries to predict when consumers are showing risk of identity compromise. Experian monitors and predicts when seemingly random identity element linkages become meaningful risk clusters, including: When an identity likely has been compromised When an identity is victim of a data breach When a transaction is part of an identity theft scheme, particularly an account takeover When consumers’ identities are exhibiting identity theft, visible by monitoring a broad portfolio of breached or compromised consumers "Cybercriminals continue to rapidly escalate their assault on sensitive data across a variety of industries, with no end in sight," said Julie Conroy, research director at Aite Group.  "This requires fraud prevention capabilities to undergo a similar rapid evolution, with a new, more advanced approach to identity management sitting squarely in the middle of risk mitigation. Simple personally identifiable information is no longer enough to verify identity; the next wave of fraud and cybersecurity services needs to employ robust data and advanced analytical capabilities in order to make faster and more informed identity decisions." Experian’s Identity Element Network service can be utilized through its flagship fraud enterprise platform, Precise ID®, using its data assets and analytics alongside 41st Parameter’s FraudNet to deliver a comprehensive view of the Customer Life Cycle of traditional identity, device confidence and risk assessment. Learn more about Experian’s Big Data fraud service for breach identity compromise detection for your business.

According to a recent Experian Marketing Services study, informational or "thanks for joining" messages drive significantly higher open and transaction rates than promotional emails, as well as higher revenue per email.

In today's data driven world, decisioning strategies can no longer be one-dimensional and only risk-focused. By employing a multidimensional decisioning approach, companies can deliver the products and services customers need and want.

Identity fraud and the utility industry In the utility industry today, gaining enterprise-wide systemic control over credit risk assessment, identity verification and compliance oversight are causing many leading organizations major headaches.   The ability for IT departments to modify their core legacy systems to effectively implement and support these critical functions is ever-challenging.  And for the business, the inability to gain real-time access and control to these functions means slower speed to market with automated risk controls, costing the organization (and therefore rate-paying customers) tens of millions in losses annually and lost productivity in manual reviews and call center costs.   In addition to the obvious financial impact, customer experience invariably suffers, negatively impacting those good paying, low-risk customers and leading to downstream issues with complaints to regulators. The ideal solution provides organizations the ability to quickly identify customers and compliance requirements, while maintaining a strong and transparent security posture for user authentication and strategic control over the complete customer life-cycle.   To minimize barriers to implementation, such a solution requires a flexible, user-friendly hosted platform incorporating all the various credit and alternate data sources with reporting and industry best practice strategies available “out of the box”. While there are several types of fraud perpetrated on utilities, one common form involves the opening of an account in a legitimate consumer’s or business’s name by a fraudulent party with the service address belonging to the fraudulent party (aka the “name game”). Utility fraud may take a long time to discover, as the fraudster may have a history of making some payment, but often times leaves the organization with a significant, unpaid balance.  Even after an account goes to collections for nonpayment, it can take a very long time before the fraud is confirmed.  Even if consumers and businesses periodically check their credit reports, they may not be aware that accounts had been opened in their name because the accounts usually aren’t reported until they reach collections. This means utility fraud through identity theft can lead to eroding customer relationships and losses. Best Practices for Customer Identity Verification An overall compliance or identity checking program will prevent fraud losses and increase customer satisfaction.  The same basic principles that apply to customer centric decisions apply here. gain knowledge of the customer through data, gain insight through specifically developed models and analytics, and make identity decisions using expert strategies. A best practice identity service will employ a customer acquisition platform like PowerCurve OnDemand to automatically acquire critical consumer and business identity authentication data, scores and analytics.  Models such as Precise ID and BizID allow clients to make decisions that are tailored to these specifications.  These results can be incorporated into automated accept or referral decisioning. Clients can customize these decision strategies for results based on the presence and absence of both positive and high-risk conditions. Specifically, the service helps clients to: Positively identify legitimate consumers Preserve positive consumer experiences by limiting or eliminating the need for more manual and arduous authentication processes that require more customer engagement and time Direct more intensive authentication procedures, such as knowledge-based authentication questions, only to the riskiest applicants or transactions Preserve positive customer experiences by preventing fraudulent accounts being opened in their name Detect potential fraud and reduce charge-offs FACTA and Red Flag Compliance Another advantage of using an acquisition platform like PowerCurve OnDemand is if the utility is obtaining consumer credit reports for other purposes, such as to determine a deposit amount, the platform can also perform many of the FACT Act and Red Flag checks that are required under the Fair Credit Reporting Act to limit identity theft as well.  So, at the same time, the platform can help meet compliance due-diligence requirements during application and account management processes. Matching Finally, the software platform may be able to perform a “matching process” on the applicant against existing or former customers.  If there is a match, this may also bring insight into whether or not an identity theft may be occurring. In Conclusion Consider a comprehensive platform that assists in identity verification process for both consumer and business accounts.  Ensure it can bring in world class data, models and analytics to gain insight on the identity of the consumer or business.  If applicable, leverage the platform for compliance related checks as well.  The rewards in lower write offs and increased customer satisfaction should yield great results.

With more than one-third of customers interacting with a single business in five or more channels and more than 85 percent of consumers using online or mobile to conduct business, omnichannel fraud prevention has become a necessity. Implementing a layered approach to authentication and integrating device intelligence into the process to associate a consumer with a known device are critical components of a fraud mitigation strategy. In addition to providing another layer of validation, verifying a customer through his or her device makes it easier for the customer to interact with the business and is a huge benefit to the overall customer experience. Perspective paper: Protecting the customer experience - The impact of fraud on the customer relationship

By: Mike Horrocks The other day in the American Banker, there was an article titled “Is Loan Growth a Bad Idea Right Now?”, which brings up some great questions on how banks should be looking at their C&I portfolios (or frankly any section of the overall portfolio). I have to admit I was a little down on the industry, for thinking the only way we can grow is by cutting rates or maybe making bad loans.  This downer moment required that I hit my playlist shuffle and like an oracle from the past, The Clash and their hit song “Should I stay or should I go”, gave me Sage-like insights that need to be shared. First, who are you listening to for advice?  While I would not recommend having all the members of The Clash on your board of directors, could you have maybe one.  Ask yourself  are your boards, executive management teams, loan committees, etc., all composed of the same people, with maybe the only difference being iPhone versus Android??  Get some alternative thinking in the mix.  There is tons of research to show this works. Second, set you standards and stick to them.  In the song, there is a part where we have a bit of a discussion that goes like this.  “This indecision's buggin' me,  If you don't want me, set me free.  Exactly whom I'm supposed to be, Don't you know which clothes even fit me?”  Set your standards and just go after them.  There should be no doubt if you are going to do a certain kind of loan or not based on the pricing.  Know your pricing, know your limits, and dominate that market. Lastly, remember business cycles.  I am hopeful and optimistic that we will have some good growth here for a while, but there is always a down turn…always.  Again from the lyrics – “If I go there will be trouble, An' if I stay it will be double”  In the American Banker article, M&T Bank CFO Rene Jones called out that an unnamed competitor made a 10-year fixed $30 million dollar loan at a rate that they (M&T) just could not match.  So congrats to M&T for recognizing the pricing limits and maybe congrats to the unnamed bank for maybe having some competitive advantage that allowed them to make the loan.  However if there is not something like that supporting the other bank…the short term pain of explaining slower growth today may seem like nothing compared to the questioning they will get if that portfolio goes south. So in the end, I say grow – soundly.  Shake things up so you open new markets or create advantages in your current market and rock the Casbah!

Data quality continues to be a challenge for many organizations.

While the average bankcard utilization rate hovered around 20% during the last quarter of 2014, utilization rates can vary greatly when analyzed by VantageScore® credit score tier.

A behind-the-wheel look at alternative-power vehicles:

Gift cards are the most requested gift item and have been for the last eight years. Merchants love gift cards because they take up very little space and the recipient often ends up spending more than the value of the gift card.

Tax return fraud: Using 3rd party data and analytics to stay one step ahead of fraudsters By Neli Coleman According to a May 2014 Governing Institute research study of 129 state and local government officials, 43 percent of respondents cited identity theft as the biggest challenge their agency is facing regarding tax return fraud. Nationwide, stealing identities and filing for tax refunds has become one of the fastest-growing nonviolent criminal activities in the country. These activities are not only burdening government agencies, but also robbing taxpayers by preventing returns from reaching the right people. Anyone who has access to a computer can fill out an income-tax form online and hit submit. Most tax returns are processed and refunds released within a few days or weeks. This quick turnaround doesn’t allow the government time to fully authenticate all the elements submitted on returns, and fraudsters know how to exploit this vulnerability. Once released, these monies are virtually untraceable. Unfortunately, simply relying on business rules based on past behaviors and conducting internal database checks is no longer sufficient to stem the tide of increasing tax fraud.  The use of a risk-based identity-authentication process coupled with business-rules-based analysis and knowledge-based authentication tools is critical to identifying fraudulent tax returns. The ability to perform non-traditional checks that go beyond the authentication of the individual to consider the methods and devices used to perpetrate the tax-refund fraud further strengthens the tax-refund fraud-detection process. The inclusion of multiple non-traditional checks within a risk-based authentication process closes additional loopholes exploited by the tax fraudster, while simultaneously decreasing the number of false positives. Experian’s Tax Return Analysis PlatformSM provides both the verification of identity and the risk-based authentication analytics that score the potential fraud risk of a tax return along with providing specific flags that identify the return as fraudulent. Our data and analytics are a product of years of expertise in consumer behavior and fraud detection along with unique services that detect fraud in the devices being used to submit the returns and identity credentials that have been used to perpetrate fraud in financial transactions outside of tax. Together, the combination of rules-based and risk-based income-tax-refund fraud-detection protocols can curb one of the fastest-growing nonviolent criminal activities in the country. With identity theft reaching unprecedented levels, government agencies need new technologies and processes in place to stay one step ahead of fraudsters. In a world where most transactions are conducted in virtual anonymity, it is difficult, but not impossible, to keep pace with technological advances and the accompanying pitfalls. A combination of existing business rules based on authentication processes and risk-based authentication techniques provided through third-party data and analytics services create a multifaceted approach to income-tax-refund fraud detection, which enables revenue agencies to further increase the number of fraudulent returns detected. Every fraudulent return that is identified and unpaid, improves the government’s ability to continue to meet the demand for services by its constituents while at the same time strengthening the public’s trust in the tax system.