Fraud Q&A series: Protecting your organization from Card-Not-Present (CNP) Fraud with IDology

The latest guest in our fraud Q&A series exploring fraud trends in the financial services space is Christina Luttrell. Christina, CEO at GBG Americas, is a leader in multi-layered identity verification and fraud prevention. In over 12 years with the company, Luttrell has significantly advanced the company’s technology, forged close relationships with IDology customers, and driven the development of technological innovations that help organizations stay ahead of constantly shifting fraud tactics without impacting the customer experience.

What fraud trend should we be paying more attention to and why?

IDology’s Eighth Annual Fraud Report found that among financial institutions, 67% said card-related fraud was the most prevalent fraud type in the industry. Furthermore, mobile fraud, card-based fraud, and phishing are expected to be the most potent fraud threats over the next 2-3 years. Card-Not-Present (CNP) fraud is also concerning due to the associated costs – merchants are often on the hook for fraud and can incur hefty fees and charges for chargebacks relating to fraudulent CNP transactions.

How does Card-Not-Present fraud work? What are the symptoms of this type of fraud attack?

CNP fraud involves the unauthorized use of credit, debit, and/or Personal Identifiable Information (PII) to purchase products or services in an environment where the customer is not physically present. This type of fraud starts similarly to other kinds of fraud, with bad actors obtaining PII through data breaches or phishing campaigns. From there, fraudsters may commit various acts of identity theft like running up a line of credit on CNP transactions.

Why is Card-Not-Present fraud on the rise?

Much of CNP-related fraud growth is fueled by consumer comfort with online transactions. The COVID-19 pandemic accelerated the shift to digital transactions, with 83 million Americans reporting signing up for online services that were once done in person. This trend shows no sign of stopping, with 94% of respondents planning to continue to utilize these online services. Needless to say, this increase in online banking and retail accounts creates more opportunities for fraud. This problem is further compounded by the development of new payment technology like mobile wallets (such as Apple and Google Pay) and their popularity amongst younger audiences, which makes it easier to not physically be present at the time of a transaction.

How do you detect/identify Card-Not-Present?

Using a two-pronged approach of machine learning and consortium fraud network intelligence can be key to tackling CNP fraud. Because machine learning by itself is not as good at seeing patterns as humans, pairing a machine learning tool with human intelligence is critical for making sense of trends to detect repeat transaction attempts across the network or flag specific attributes associated with known fraud.

It’s common for fraudsters to jump from industry to industry as they carry out their plans, which is why effectively fighting fraud is a group effort. Visibility into fraud data across industries and channels can help institutions spot repeated activity across the network. This is where a consortium fraud network can help by amplifying real-time fraud intelligence between companies and across industries. This intel gives organizations the authority to leverage the fraud mitigation efforts across other companies and industries, which includes the ability to tweak and tune identity verification settings in real-time, without the help of engineering resources.

By applying machine learning to the identity verification process, paired with a consortium fraud network and human intelligence, institutions have the power to analyze massive amounts of digital transactional data at scale, create efficiencies and recognize novel fraud patterns that can improve decision making. Through automated workflows with minimal IT requirements, institutions can tap into unique networked intelligence to verify without friction and use insights to fine-tune onboarding models with greater precision.

What preventative measures can financial institutions take to mitigate this fraud risk?

A comprehensive and collaborative identity document verification and fraud prevention program is critical in establishing the validity of customers during CNP transactions. This ensures that you can prove the customer is who they say they are and not a fraudster using stolen data. One best practice organizations can implement as part of their fraud prevention efforts is to take a multi-layered approach to data – the more data sources you can rely on, the more confident you can be in your decision-making.

How can financial institutions battle fraud without sacrificing the client experience?

Financial institutions face a competitive market to drive revenue by smoothly onboarding legitimate customers with a secure, frictionless journey. Identity risk scoring enables organizations to take further control of the customer authentication experience. Organizations can dynamically evaluate risk and escalate identities to higher levels of verification only when needed. This allows an organization to pass good identities with little to no friction while filtering out CNP fraud.