This year, I’ve found myself on stage more than a few times. During the Q&A, one recurring question always comes up; what do I think the future of fraud prevention looks like? That is always a tricky question to answer because, as we know, it’s a moving target, and things like ChatGPT can change everything. People want to know what to look out for so they can “be ready” and act accordingly. Fair.
After we leave, I always picture attendees going back to their offices and pouring over queues and running reports looking for trends. Too often those trends still get noticed from the chargeback reports. They will then be communicated down the chain and rules will be written, occasionally tested, and deployed to production after a week or so process (longer if you’re a fintech). Everyone high fives, says well done, and they begin the cycle over again of essentially moving the target after the shot has been fired. For the last 15 years, that seems to be the standard issue pattern for almost every merchant in the space. Well, I have some bad news for you; it’s obsolete.
Let me make it crystal clear for everyone: if you are still spending your day in a fraud tool writing condition rules based on chargeback reports, you’re getting smoked. Fraud moves faster than ever, and it moves way faster than you or your company can handle - you just may not realize it yet. Gone are the days when you could write multi-tier condition rules to “stop the bad guy”, clock out, and go home. They now adapt instantly to any changes you make and the only way you’re going to be effective in any meaningful manner is by using some true machine learning anomaly detection that can auto-create policy for you based on its analysis in real-time. The bad guys are too smart, fast, and coordinated for you to be “old school”. You need a machine to detect the pattern WHILE it is happening and answer on the very next attempt whether an analyst saw the transaction or not.
With the holidays fast approaching it’s important to have a system that can truly “scale” with sudden increases in demands and these are the only modern systems that can do it. You should be tired of spending a small fortune hiring 20+ manual reviewers each year for two months and understand that it really is worth it to run a POC to see how much better it can be for you, your shipping department, and your customers when you embrace the technology that the rest of us are already enjoying! I guess, if you really have to build some rules you can still make some “business logic” rules for things like negative/positive lists, geolocation blocks, or quantity limits (you’d better have some multi-account monitoring though), but those rule sets should be tiny, I’m talking less than 10 in the whole list, tiny.
Good luck this season my friends!