Fraud is floating around consumer contact points and the fraudsters’ schemes keep evolving.
Organizations need to adapt and embrace the digital age, however, this is no easy feat. Identity, fraud detection, and fraud orchestration are critical security measures that not only help secure payments but also build customer trust.
Cybernews had a chat with Juan Salvador Ubeira Ruiz – Sales Director of fraud.com, to understand the challenges and approach needed to reduce fraud and improve customer trust.
Tell us about your journey throughout the years. How did fraud.com originate?
Fraud.com was formed in mid-2019 to deliver an End-to-End fraud prevention platform that protects the customer's entire digital journey, from the time the customer signs up for an account to signing in and then using the account. Our identity verification, biometric authentication, AI fraud detection, and fraud orchestration solutions work together or equally on their own to form a fraud paradigm that reduces fraud loss, customer fiction and operational fraud overheads.
Can you tell us more about your platform? What issues does it help solve?
Fraud detection and prevention consist of many separate components, resulting in higher customer friction, fraud loss, operational overheads, and integration costs.
Fraud.com delivers a unified fraud defence consisting of three interconnected layers across the customer journey.
Layer 1 focuses on identity verification and biometric authentication delivered by Udentify.
Firstly, Udentify proves the identity of a person when registering/onboarding for a service, such as a bank account, in under fifteen seconds by answering:
- Is this a valid ID?
- Does the ID belong to the customer?
- Is this a live person?
- And the right person?
- How old are they?
Secondly, after the customer has registered/onboarded, they can re-use their proven Identity towards biometric authentication in less than one second.
The next layer is Transaction Monitoring via aiReflex, which protects against all risks associated with user transactions and events such as – payments, fund transfers, ATMs, and credit applications.
AiReflex has a multi-layered AI to investigate suspicious transactions and make sure the transaction belongs to an existing customer, and matches their past transaction behaviours & patterns.
The final layer is fcase – a fraud orchestration, automation and response solution delivering a centralised fraud mission control.
It unites alerts and events from fraud, cyber and customer care solutions within an organisation to deliver a unified dataset. It can also provide centralised automation to manage the customer's risk and trust journey and fraud operations. Fcase supports centralised fraud investigations by incorporating the entire customer's journey via fraud storyboards delivering extreme investigation capabilities
All in all, orchestration brings vast fraud insight to enable collective decisions for fraud, customer care, and compliance.
What tools do you use to detect fraud without compromising the user experience?
Today, we all unlock our phones with a quick glance at our phones. This is natural, accepted, and something that fraud.com has put into fraud prevention. Customers can sign up for a service (such as a bank account) and then sign in using advanced AI facial recognition coupled with liveness detection. It takes mere seconds to verify the true identity and prevent fake identities, the fastest and largest fraud type today.
When customers make transactions, our AI, transactional fraud prevention system, correlated with fraud orchestration, delivers complete transactional protection and accurate response to any threat, thus reducing false positives.
Did you notice any new cybersecurity threats arise as a result of the pandemic?
Since the pandemic, account takeover has been rising as we rapidly moved towards e-commerce/online shopping. Furthermore, card-not-present payments via (mobile/wearable payments methods) at all levels facilitate identity theft; actually, the Identity and credentials trade is even more profitable to a fraudster than the credit card data itself.
Most of the e-commerce "rookies" or simply the little-informed Internet users, now have been forced to embrace e-commerce as their primary shopping channel, opening accounts, linking their payment methods, and creating weak authentication methods. All this ends in not having sufficient control and protection over customer accounts, passwords, communications, etc. – the perfect storm for financial crime professionals and organisations to fish.
Synthetic identity fraud is also a big concern. Fraudsters create an identity by using parts of many identities to form one fabricated identity. For example, combining valid social security numbers from one person and then adding an address from another. The fraudster uses that fabricated identity to apply for services/loans such as buy now pay later schemes for a TV or take out money from financial institutions with weak defences. The fraudster then quickly sells the item and disappears with the money.
What fraud methods do you think are the most prominent nowadays?
Social engineering is already one of the most dangerous weapons in the fraudster's arsenal. Most commonly occurs when fraudsters manipulate or steal personal information to aid their attack. Social engineering consists of many attack methods, of which phishing, smishing, fishing, and malware are the most common.
Which type of organisations or individuals are attractive targets for fraudsters and should implement proper security measures as soon as possible?
Fraudsters are very creative and constantly adapting. They seek weak and easy targets, such as the elderly, because they often have savings: investments, property, and pensions, however, anyone with inadequate security can be a target.
Furthermore, fraudsters seek organizations that are equipped with weak measures against fraud. These organizations still allow weak usernames & passwords and no additional security checks when paying, transferring, or enabling loans. It is known as the castle wall mentality – if you are good enough to enter, you are good to do whatever.
Talking about individual users, what security measures do you think are essential to staying safe online?
Being online makes life easier in many ways. Yet, it does come with the risk of fraud, so it's essential to be able to protect yourself by using a Virtual Private Network, making sure your internet browser is always up to date, and learning how to spot fake emails and websites.
But when it comes to passwords, we all share, duplicate, and re-use them to make our lives easier, and any efforts to make them more secure only make our lives more complicated. The truth is, the password is dying. Biometric authentication coupled with liveness detection increases our security and improves our user experience since only a glance of our face or a few spoken words are needed for access. In the end, using these new innovations also reduces IT costs.
What do you think the future of identity verification is going to be like?
Customers want convenience and safety, organizations desire certainty and access, and governments wish for compliance. By 2025, there will be a shift from a centralized identity verification model to a decentralized model. The customer controls their identity via an identity app/wallet, certified by issuers, such as the government.
And finally, what's next for Fraud.com?
Fighting fraud needs unity, like any defence. Fraud.com builds the Swiss army knife for fraud prevention. Over the coming years, we will add new features that will always be united and effective in fighting fraud while delivering a frictionless and cost-effective service.