The Growing Importance of invisible security

What is your perspective on the highlights uncovered in Experian’s Decisioning Vision 2020 report that revealed that online fraud is the biggest threat for 4 in 5 organisations?
The report clearly shows that online fraud is increasingly a major concern for businesses around the globe and a clear threat to profitability.

Personal data has never been more at risk and easy to obtain for criminals, which will facilitate an increase in identity fraud, leading to increased levels of application fraud and account hijacking.

One of the key areas highlighted is the need to protect against fraud without negatively impacting the customer experience. How can organisations achieve this? And is it possible to even improve the customer experience?

The rise of digital business has provided a rich landscape for businesses to interact with their customers in new and exciting ways. Unfortunately, while the digital channel is a fantastic way to engage a customer, it also provides a much simpler way for criminals to attack businesses with minimal risk involved. Fraud can now be perpetrated on an industrial scale from anywhere in the world, making the job of prevention and investigation much more complex than ever before.

The latest fraud fighting technologies are keenly focused on identifying fraud attacks, without disrupting the experience of genuine customers. By using cutting edge technology and behavioural data, organisations are able to provide the positive digital experience customers require, at the same time as identifying criminal attacks quickly and without disruption to the vast majority of good customers.

We are starting to hear the term ‘invisible security’ used a lot, what is your interpretation of this, and why is it important?

Intrusive security, such as multi factor authentication, has its place in an organisation’s defence strategy. However, the vast majority of online transactions are very low risk, so scaling security measures in a way that is appropriate to the risk is the best way to preserve a great customer experience.

By combining  technologies such as device intelligence and behavioural analytics, businesses can enable customers to interact without the need for ‘visible’ security, unless the transaction type demands extra levels of security which protect the business and also provide assurance to the customer that their interests are being protected.

Experian are enabling the latest security techniques for several organisations around the world, delivering significantly lower levels of fraud at the same time as reducing intrusive security for a large proportion of transactions. This equates to both lower fraud losses and operational costs, at the same time as a vastly improved customer experience.

What kind of conversations are you having with clients who are experiencing increased levels of fraud in the digital era?

Many client organisations have found themselves in a catch 22 situation. The sales and marketing teams have delivered new and innovative ways to transform their business into a digital organisation, but then find that the increase in fraud exposure leads to increased levels of security that can seriously impact the customer experience. As consumers we expect great service and the use of intrusive security measures can tarnish our experience and stop us from beginning a relationship with a business, dropping out during the sales process, or even switching to another provider that can offer the digital experience we are looking for.

Our clients are looking to Experian to help them both reduce the risk of fraud loss to their organisation, at the same time as increasing the volumes of applications that can be accepted and  protecting the customer experience to ensure retention. Experian have a unique blend of knowledge and technology to enable our clients to achieve these goals.

What new innovations are starting to emerge to help protect against fraud?

There are many new innovations in technology to combat fraud. Biometrics are a very interesting area at present, with voice recognition, facial recognition and may other techniques being looked at by organisations as a new way to secure the online channel. Used in combination with other techniques, these technologies can provide a great way to add security, but above all, they must also provide a positive customer experience or adoption will be minimal.

Understanding the digital customer, their behaviour and the risk of the transaction enables the most effective balance between fraud prevention and customer experience.

Are you seeing any other trends that are impacting our clients’ ability to tackle fraud?

The explosion of large scale data breaches, coupled with the industrialisation of malware being used to steal data and hijack our devices, continues to drive the explosion in fraud attacks.

Fraud has rapidly become a highly sophisticated and organised threat which our clients cannot defend against using more traditional fraud defences that were designed for an offline world or for enterprise security. There has also been a trend in many countries around the world, to create legislation to protect the online customer’s privacy, that unfortunately also gives the criminals protection as businesses are unable to deploy the latest fraud fighting technologies. Understanding the balance between privacy and security is critical for regulators to ensure that criminals cannot take advantage of legislation designed to protect good customers.

What innovative techniques can organisations apply to overcome these challenges?

The risk, operations and sales functions of a business need to closely collaborate to ensure their business is investing in forward thinking fraud controls that help them provide a world class digital experience to their customers, at the same time as protecting both the business and the customer.

Businesses need to ensure that they invest in fraud solutions that achieve the best balance possible but are also being improved continually and have the vendor’s commitment to innovation and relevant investment needed to achieve this.

Customers also engage your business via multiple channels, so you should ensure that there is no disconnect between the online and offline channels. The latest fraud threats are using social engineering techniques to circumvent existing security techniques and having a disconnect between channels just creates the gaps in your defence that a criminal can exploit.

Lastly, engage the regulators to ensure legislation designed to protect good customers does not protect the bad ones as well. Finally, data – either at a digital or customer level – is one of the most powerful weapons in the fight against fraud, so restricting its use must be done in a way that does not enable the criminals to attack businesses and ultimately steal from the same consumers that legislation is designed to protect.