Keeping fraud management tools up to date has always been a complicated endeavour. Maya Ogranovitch Scott from Ping Identity shows us how to better adapt in this everchanging landscape.
As organizations continue to evolve their counter-fraud strategies, the amount that is estimated to be spent on fraud detection and prevention solutions by 2023 is over USD 63 billion. This number continues growing because fraudster tactics and tools are so sophisticated and rapidly evolving, requiring constant adaptation from fraud teams. Most companies find themselves adopting new counter-fraud technologies to enhance – not replace – previous ones. This additive approach can solve for new attack types and vectors, but it creates its own set of problems, making fraud prevention more difficult to manage.
We recently polled fraud professionals across ecommerce and financial services businesses and discovered that the majority of the polled organizations are using between 4-8 fraud detection solutions. A minority even mentioned using ten or more sources of fraud and risk signals in their drive to improve fraud prevention. It is likely that due to the additive nature of fraud prevention, these numbers will continue to go up.
These detection solutions come into play at various points throughout a user’s session, looking at everything from network attributes to user behavior in hopes of spotting and stopping fraudsters early. Better detection leads to improved prevention, or so the thinking goes. However, collecting these signals is only the first step in stopping fraud. To go from detection to prevention, fraud teams need to implement real-time fraud mitigation, which requires some form of automated decision making.
Fraud decisioning hubs are used to simplify and automate the decisioning process. These are often authorization tools with some orchestration capabilities. The goal of these tools is to simplify fraud management by centralizing fraud logic and decisioning. The greatest benefit of decisioning hubs is their promise to greatly reduce the need for manual review. These tools can aggregate the signals from various fraud detection tools and consolidate them down to a decision based on the perceived risk of the session and/or activity. These decisions are based on fraud thresholds and logic defined by internal fraud teams and enforced by authorization tools.
Historically, many fraud teams have left authorization logic embedded in multiple disparate tools, which makes updating fraud policies and flows cumbersome and slow. Other organizations have developed and built decisioning tools internally based on their specific requirements, but these homegrown tools are often difficult to keep up to date as new fraud detection methods come on board. The decisioning phase becomes more complex as organizations must scan for fraud throughout the user journey and may choose to initiate mitigation at different points throughout the session – for example, not only at the point of transaction but also when viewing saved personal information, changing profile information, and changing user settings.
A centralized decisioning tool can help fraud teams to set up automated, effective fraud mitigation. Within this tool, fraud teams can define the logic that determines the risk levels that will trigger mitigation, and the types of mitigation measures that are appropriate for different types of situations. Implementing these policies no longer requires development resources from the owners of various applications and allows fraud teams to easily control their technology stack. Adding or removing signals becomes simpler as well, which is extremely helpful given the additive nature of fraud prevention discussed above.
While fraud teams often operated separately from identity teams in the past, this is beginning to change. With the advent of new technologies in fraud detection, identity proofing, and access management, these groups can now work together to the benefit of the broader organization. Identity orchestration is becoming a hot topic in identity and access management circles, with new tools entering the market that promise to make designing, deploying, testing, and modifying user journeys easier.
As the focus of fraud prevention shifts from protecting the transaction to protecting the end-to-end user journey, integrating identity and fraud tools from different vendors into seamless and secure user flows can help both fraud and identity teams meet their metrics.
Ping Identity’s fraud solution addresses fraud detection, decisioning, mitigation, and orchestration in one integrated platform. Our fraud decisioning tool allows organizations to easily aggregate fraud signals from a variety of sources, including Ping’s own detection tools as well as external ones, and build out policies that allow for flexible mitigation at any point throughout the user journey. Ping offers a variety of tools that can help address mitigation use cases, such as multi-factor authentication and identity verification, but can also integrate with third party tools and vendors. Ping’s orchestration capability offers a low-code approach to designing, implementing, testing, and modifying user journeys to ensure organizations can deliver exceptional customer experiences without sacrificing security. We aim to offer our customers a comprehensive fraud prevention solution that can be the cornerstone of a dynamic counter-fraud strategy.
If you're interested in learning more about Ping Identity's approach to fraud decisioning, we invite you to view our webinar, 'Harnessing the Power of Fraud Decisioning and Orchestration.'
Maya Ogranovitch Scott is a product marketing manager for Ping's fraud detection and mitigation solutions. She is passionate about leveraging the power of identity to help enterprises deliver exceptional customer experiences that are simultaneously secure and seamless.
Ping Identity delivers intelligent identity solutions for the enterprise. We enable companies to achieve Zero Trust identity-defined security and more personalised, streamlined user experiences. The PingOne Cloud Platform provides customers, workforce, and partners with access to cloud, mobile, SaaS, and on-premises applications across the hybrid enterprise. Over half of the Fortune 100 choose us for our identity expertise, open standards, and partnerships with companies including Microsoft and Amazon. We provide flexible identity solutions that accelerate digital business initiatives, delight customers, and secure the enterprise through multi-factor authentication, single sign-on, access management, intelligent API security, directory, and data governance capabilities.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now