The Authentication Reference

Your go-to place for authentication information

Successful Authentication with Incognia

The Authentication Reference

How do professionals detect fraud?

Put simply, fraud is when someone deceives someone else for the purpose of personal or financial gain. For every $1 that a fraudster scams away from consumers, U.S. retailers lose $3.75 to the associated costs such as chargebacks and payment processing fees. In addition to being expensive, fraud also costs businesses dearly in terms of lost trust, a shrinking user base, and a diminished user experience. 

If a company discovers fraud after the fact, they can block the fraudster’s account, alert authorities, and be on the lookout for similar fraud in the future. However, the best kind of fraud will always be the fraud that was prevented before it could happen. 

Fraud detection and prevention professionals are responsible for helping identify fraud threats before the consumer or the company can become victims. The definition of fraud prevention and detection is using a variety of tools and techniques to identify fraud threats and employ fraud risk mitigation strategies for customers and companies. 

What do different types of fraud look like?

There are as many different types of fraud schemes as there are fraudsters to perpetrate them. However, here are a few examples of common types of fraud that represent a significant financial threat to online retailers, marketplaces, and financial institutions. 

Fraud risk management strategies and enhanced fraud protection are intended to protect these industries and their customers from the threat of fraud and scams. 

Payment fraud

Payment fraud is any type of fraud that centers around the payment portion of a transaction. For example, one type of payment fraud is called card-not-present or CNP fraud, wherein a fraudster uses someone else’s stolen credit card number to complete a transaction. Because a physical card doesn’t have to be present in online transactions, a fraudster can use phishing, social engineering, or data breaches to get ahold of card information. 

In another type of payment fraud known as friendly fraud or chargeback abuse, a customer buys a good or service using their own credit card and then disputes the charge with their financial institution. If the merchant can’t prove that the transaction wasn’t fraudulent, then they must pay back both the purchase amount and an additional processing fee. 

Payment fraud is costly for merchants in terms of both the revenue they lose and additional fees paid to payment processing companies. 

Account opening (AO) fraud

Banks and other financial institutions are held to a rigorous regulatory standard known as KYC–know your customer. That’s why, unlike online marketplace websites where onboarding is as simple as possible, opening a new online bank account requires a host of IDs and verification. Banks have a responsibility to know who their customers are and where their money is coming from–or at least that there’s no reasonable suspicion of that money being criminal proceeds, which would make the bank complicit in money laundering. 

When someone uses a stolen or fabricated ID to open a new bank account, that can cost the financial institution dearly. A study from Javelin Strategy & Research estimated that account opening or AO fraud costs these institutions around $10B a year, and that the synthetic identity fraud used to perpetuate AO fraud cost them $20B in 2020

While online marketplaces and eCommerce websites have less rigorous onboarding procedures, that doesn’t mean they don’t have to keep an eye on new sign-ups. Many of these websites require only an email address or phone number to sign up. While that’s a frictionless solution for good users, it can also make life easier for fraudsters. 

Without tools to detect ban evaders and fraud farms, fraudsters can act at scale, opening dozens or even hundreds of accounts to enact fraud on the platform. This practice can multiply the company’s fraud losses exponentially. 

Account takeover (ATO) fraud

For a fraudster, successfully overtaking a legitimate user’s account is like getting the key to the castle. With access to someone else’s account, fraudsters can make purchases, send themselves money transfers, and social engineer other people in that user’s network, furthering their reach. Account takeover can be a damaging event for the affected consumer and company alike. 

When someone loses access to their account, it affects their relationship with the platform, even if they previously had complete trust in their security measures. A user who suffers from ATO fraud may cease to use the platform altogether–the more users this happens with, the worse the company’s reputation will be. That’s why advanced fraud solutions should be a vital part of any institution’s customer success strategy. 

Key TakeAways

  • Fraud can have lasting impacts on a business, including loss of revenue, poor reputation, diminished digital trust, and lowered customer retention 
  • Common fraud types affecting financial institutions and online businesses include account takeover fraud, new account fraud, and payment fraud 
  • Fraud detection professionals use a variety of techniques to prevent fraud, including location & intelligence, machine learning, behavioral analytics, and manual reviews

What methods do fraud detection professionals use? 

These are just a few of the ways that anti-fraud teams undergo the detection and prevention of fraud. 

Location & device intelligence 

Devices and the trusted locations people use them in tend to be very personal things–that is, most people don’t share phones between themselves, and most people won’t go to a completely new place to do something sensitive like transfer a large amount of money or log into their bank accounts. Using these features, fraud detection professionals can notice anomalies and provide a fraud risk assessment.

For example, say that someone who lives in the United States suddenly attempts to log into their online banking account from a new device in Russia. It’s highly unlikely that an average person would fly across the world and immediately ditch their old phone, so this login attempt has a higher likelihood of being fraud. 

Device intelligence can also be used to detect rooting, jailbreaking, and emulators, all signs that someone may be attempting to spoof their location for malicious purposes. With a combination of location and device intelligence, fraud detection professionals can prevent account takeover, fraudulent transfers, and other offenses. 

Machine learning 

Machine learning can use algorithms and pattern recognition to identify common fraud trends and categorize transactions accordingly. For example, if a machine learning algorithm determines that certain financial transaction behaviors correlate with a higher instance of fraud, that transaction may be categorized as high risk. 

Manual checks 

Manual checks occur when a transaction is too risky for an automatic acceptance but not risky enough for an automatic rejection. In a manual review, a human will look over the details of a transaction, perform some additional verification such as calling a customer phone number or sending an email, and decide whether or not to allow that transaction to proceed. Though manual checks can rescue legitimate transactions that would have otherwise been denied, it’s also expensive and difficult to scale. 

The importance of fraud mitigation 

Fraud interrupts the intended flow of a business’s relationship with its customers by taking advantage of merchants, buyers, or both. For consumers who suffer ATO or other types of fraud, they may feel that their trust has been violated and that they can no longer use a service they previously enjoyed. 

For businesses, there’s a significant loss in revenue that extends even beyond the initial fraud losses–once a business has a reputation for high fraud instances, it’s very difficult to repair the damage done to their brand trust. 

Anti-fraud measures exist to protect both everyday consumers and the businesses they transact with from bad actors.