P CM YOUR GATEWAY TO THE WORLD OF PAYMENTS
Vol 2. Issue 6 June 2016
The Balancing act Reduce Friction & Eliminate Fraud
Welcome to Vol.2 - issue 6 We are enthusiastic to release the 6th Issue of the Payments & Cards Network eMagazine for 2016. Following our last issue, this month we focus on the way realtime data can be utilized to reduce friction and eliminate fraud in the Payments industry and further. In light of this, we present an Q&A session with Armen Najarian, CMO at ThreatMetrix, who talks about the digital transformation in the financial services industry. In the Startup Spotlight we introduce you to Risk Ident, a software provider offering anti-fraud solutions within the e-commerce, telecommunication and financial sector. Roberto Giorgio Valerio, CEO at Risk Ident, sheds light on his company’s innovative approach to tackle fraud, which goes beyond having advanced machine learning components. To provide a complete picture of the digital transformation in the financial service industry, Luke Reynolds, Director of Fraud at FeatureSpace, clarifies what machine learning is and how it can exactly be used to tackle online fraud. Carrying on we feature the Michel Splichal, MRC US Program Manager, who gives advice on how risk management departments can foster an excellent customer experience. And on top of this Jose Gonzales-Alonso, Head of European professional services for Payments solutions at NCR, explains the advantages of using Bayesian analytics to fight fraud more effectively. Finally, an overview of the hottest job openings we have at the moment. Feel like you need a change or looking for a job opportunity? Get in touch directly by clicking on the jobs. For the ones who like to network or simply want to stay up-to-date with their peers - check out our premium event partners and make use of the discounts we have on offer before they run out!
For any questions, suggestions, or concerns, please address them to the editors: Amir Abdin - Duc Dang - Joanna Bak -
amir@paymentsandcardsnetwork.com duc@paymentsandcardsnetwork.com joanna@paymentsandcardsnetwork.com
The Payments & Cards Network team wishes you good reading! 002
Contents thoughtleaders
spotlight
7 16
10
13
STORIES 4
Fractals - The future of fraud detection
7
How is Machine Learning helping to tackle online fraud
Jose Gonzales-Alonso dives deep into new approaches and techniques of fraud detection.
16
Spotlight: Risk Ident
19
Hot Jobs
20
Events
Luke Reynolds explains what the popular term of machine learning and how it can be utilized to fight fraud.
10
Ways for Risk Management team to provide a winnnig customer experience
13
Understanding the total costs of friction
Michel Splichal shares a number of strategies a risk department can implement to sustain a excellent customer experience.
We speak to Risk Ident, a very innovative startup taking fraud prevention to the next level.
Hottest jobs in the industry! Get in touch directly to get more insight.
Here we showcase the most exciting upcoming events related to FinTech, Payments and Cards throughout the world!
Armen Najarian highlights the importance of preserving the overall customer experience while improving to detect & fight fraud.
003
Thought Leaders Corner by Jose Gonzalez-Alonso
Fractals - The Future of Fraud Detection Fraud exists in many forms across the financial industry and its losses are not getting any smaller. Figures from the Nilson Report revealed that in 2014 the global loss of payment card fraud reached over $16 billion which is an increase of 19% in comparison to the previous year, 2013 . Criminals operate in highly organised gangs, targeting the weakest links in the payments “chain”. It may be a data breach, skimming devices, phone scams, fake websites, intercepting mail, phishing online bank accounts or hacking. There are many, ever-changing, ways to get past the security. At the same time as criminals have changed their methods and techniques, the fraud detection technology also has evolved. Nowadays, financial institutions have more tools and techniques available to fight fraud. For instance big data analytics, which enables analysing huge data sets and identify anything out of the ordinary. Despite this fact, fraud is not going away. The customer at the heart of fraud detection It is vital for financial institutions to accurately identif y and proactively stop fraudulent transactions in order to protect their customers and keep the losses to a minimum. After all, financial institutions are the main defender of the customers and most clients expect their banks to track and stop fraud. But things aren’t as simple as that. Today’s customers also expect their banks to always get it right, meaning that
004
the customers have a low tolerance for a “false positive” situation in which the financial institution blocks a genuine transaction in the mistaken belief that it is fraudulent. This means that banks have to find the perfect balance between a system that is so “strict” that it blocks genuine transactions, having a negative impact on customer experience, and taking an approach that is more passive and that might overlook genuine fraud. The answer lies in a combination of in-depth knowledge of the customer and a fraud detection system that is intelligent enough to learn and adapt as fraud changes. It is also crucial to know the customer well enough to immediately see if any of their activity is outside of their normal behaviour. This means that the financial institutions need to look at the full enterprise view of each individual to understand their historic activity across all channels (both financial and non-financial), taking into account the geographic and demographic profile as well as other influencers such as time of year. Fraud teams also need to consider factors such as channel. Figures from LexisNexis suggest that in 2014 m-commerce accounted more than one fifth of fraudulent transactions in the US, despite only making up 14% of transaction volumes. However, a transaction between a customer with an IP address that you know and a regularly used online merchant is presumably genuine.
Thought Leaders Corner Fighting fraud with Bayesian analytics Effective fraud detection has many forms, from traditional rules-based approaches to sophisticated analytical models and machine learning. Within the industry, the most widely used analytical approach is to build Neural Network models using historic consortium data to build up a set of patterns to later use in detection of live card fraud. This approach has been used for many years with varying success. However, recently new approaches have become increasingly popular and have begun to overtake the results being achieved with traditional modelling techniques. NCR has pioneered a modern approach of fraud analytics, choosing to base its models on a more flexible Bayesian analy tical technique. This methodology enables fraud teams to build models faster than it is traditionally possible, while achieving extremely good detection rates at low false positives.
About NCR
out from the crowd in its machine learning capabilities – the system can learn rapidly as frauds are tagged, constantly learning and selfcalibrating as fraud trends change. This means that fraud teams know that they are in the best possible position to identify and stop fraud when it happens. Unlike a Neural Network, which is nothing more than a “black box” that produces a score, Bayesian models produce scores that come with a clear set of reasons and probabilities. This “white box” approach gives the end user much more granular information to work with when assessing a transaction or speaking with a customer and, as we know, more information means better customer service - the key to successful fraud operations.
NCR Corporation (NYSE: NCR) is the global leader in consumer transaction technologies, turning everyday interactions with businesses into exceptional experiences. With its software, hardware, and portfolio of services, NCR enables more than 550 million transactions daily across retail, financial, travel, hospitality, telecom and technology, and small business. NCR solutions run the everyday transactions that make your life easier.
The models form parts of the Fractals Adaptive Classification Engine, which provides automated, intelligent fraud detection using a combination of Bayesian statistical analysis and proprietary inference techniques. By applying mathematical models to each incoming transaction, the system identifies suspicious activity, calculates a probability-based fraud score that indicates the likelihood of fraud and then triggers an action. The model is initially set and tuned using financial institution’s recent historical data and fraud tags so that it can identify the unique fraud patterns facing each unique organisation. The result is a bespoke and highly accurate fraud detection model that can be set up in just a few short weeks. Each model in the Adaptive Classification Engine is based on a series of mathematical algorithms that are targeted to identify specific fraud patterns or irregularities in the account’s holder behaviour. However, the system really stands
Based on the risk score, pre-defined actions are triggered and the transactions are approved, rejected or referred. Custom rules can then be set for referred transactions. If an unusually large transaction is detected for a customer profile, the bank can inform the customer via SMS or e-mail about the suspicious transaction and get confirmation that the payment is authorized.
Comparative tests have shown that the Bayesian models outperform indus tr y s tandard solutions in detection rates and cause significantly fewer false positives. Enhanced with self-learning functions such models that can automatically adjust to new fraud scenarios. Fractals scores transactions in real time and can decline a transaction during the authorization request. The future of fraud The truth is that fraud isn’t going to disappear any time soon – criminals have got too much to lose. There will always be new breaches or techniques to get past even the strongest security and fraud systems. And, unfortunately, there is no solution which is the answer to every problem. However, a fraud system that can assess a transaction in real time, based on a comprehensive understanding of customers’ historic behaviour and intelligent analysis compared to the latest fraud trends, will arm your fraud team to stop the highest possible levels of fraud.
005
ALWAYS ONE STEP AHEAD OF FRAUDSTERS ...
Risk Ident is a software development company that offers anti-fraud solutions to European companies within the e-commerce, telecommunication and financial sector. We are experts in data analytics and machine learning. Let us show you how to improve your fraud prevention step by step!
www.riskident.com
Thought Leaders Corner
How is machine learning helping to tackle online fraud? It’s widely known in the financial services sector that criminals look for the weakest link in transactional systems for attempting fraud attacks. I was at the centre of UK banking when we rolled out Chip-and-PIN in the mid-2000s and saw the impact of this change on online fraud. With EMV rolling-out to the US last year, we’re already seeing online fraud spike – by 11% according to PYMNTS.com – as criminals perceive this channel as offering the biggest fraud ‘rewards’.To try and beat the criminals, financial services institutions need to understand all the data they’re collecting about their individual customers – and use this data for informed business decision-making. One term that we’re hearing used a lot to tackle analysing big data is ‘machine learning’. So what exactly is machine learning, and how is it being used to tackle online fraud?
sophisticated in these techniques as those of us who are trying to fight them off. It’s really tough to stay ahead, and we know that criminals look for the easiest targets when committing fraud. We need to beat them at their own game.
What is machine learning?
Fraud detection – detecting anomalies with machine learning
In many industries – banking and payments included – machine learning has become a popular term. We’re particularly hearing it a lot in business areas that are already using advanced analytics methods to understand customer and business data. The promise of machine learning is that it can automate analysis processes – making it easier for financial services institutions to make decisions about their customers faster, and with more accuracy, than relying on human analysis alone. The kicker with machine learning is that the criminals are as
Advanced computer science Machine learning is an area of computer science that studies how to make computers learn and improve with experience, with minimal human intervention. For example, being able to identify trends or patterns in large, complex quantities of data, with speed and accuracy – and then automatically adapt statistical models to incorporate these patterns and trends. This process enables computers to find insights from the data without being told where to look – this is what makes machine learning a branch of artificial intelligence.
So what does this mean for fraud detection and customer management? Well, the flip side of spotting and understanding data trends at high speed is that machine learning systems can also accurately and efficiently detect anomalies in these trends. This is crucial for fraud prevention. Human analysts are capable of looking at data to spot trends and anomalies, but do so very slowly. It takes us a long time to see the important changes in the data, and manually make adjustments to the
007
Thought Leaders Corner Merchants also feel the impact of these inefficient fraud protection methods. They get hit hard by the resulting chargeback costs and fraud losses – not to mention to loss of revenue from declined transactions (false positives). Blocking genuine customers can’t be a cost of stopping fraud When good customers are blocked in an attempt to catch fraud it’s a problem for both customers and merchants. Recent research from MasterCard revealed that it’s often the most affluent customers that get blocked. For example, those who are travelling more frequently or making purchases with a larger transaction value. If these customers get blocked by outdated, inefficient fraud systems, there is a significant loss of both revenue and reputation for the financial services provider, and their merchants.
Luke Reynolds,
Reducing customer friction: advanced fraud management needed
Luke is responsible for Featurespace’s fraud clients in Financial Services and Insurance. Prior to Featurespace, Luke worked in the Financial Services sector for 20 years, including as Callcredit’s Commercial Director of Fraud and ID, a variety of roles in Lloyds Banking Group, the UK Card Association and NatWest.
So, it’s clear that financial institutions are under pressure to be providing a seamless, secure experience. Modern customers want fast, efficient methods of payment and don’t want to be blocked when making a genuine transaction. This brings us back to the promise of machine learning. Organisations need fraud systems that can interpret vast volumes and complex aspects of customer behaviour – quickly and efficiently – while reducing customer friction with a seamless experience. What I’ve learnt from over 20 years battling fraud is that financial institutions need fraud systems which keep one step ahead by understanding every individual customer’s behaviour in real-time – protecting them from fraud, while providing a frictionless experience. This is where machine learning steps in.
Director of Fraud at Featurespace
systems that rely on this data. Machine learning systems can do this much faster – looking at complex data sets and offering accurate predictions on behaviour, and a deep understanding of, for example, customer behaviour when making transactions online. Changing payments push-up online fraud Understanding individual behaviour patterns – and detecting anomalies – is especially important in the payments world, where processes are changing fast and protecting merchants and customers involves analysing vast amounts of data. As soon as financial institutions and their merchants get up to speed with a payments change – such as Chip technology or contactless cards – another change seems to be coming.
Don’t let fraud prevention drop in priority Having worked for over twenty years’ in risk and security in the banking sector, it’s been my experience that as financial institutions and their merchants get to grips with new payment processes, fraud prevention drops down the priority list. This means that changes to payments ultimately negatively impact the customer. What should be a positive move for convenience, in reality causes a knock-on impact on increasing the risk of fraud attack. To try and counter this risk, organisations often increase the dial on their fraud protection limits – meaning more genuine customers feel the friction of having transactions incorrectly blocked in an attempt to catch fraud.
008
How are sophisticated machine learning systems better than humans? Preventing fraud with advanced deep machine learning systems is enabling organisations to balance robust fraud
Thought Leaders Corner checks with a frictionless customer experience. Machine learning systems automate the process of viewing events in context, building a deep understanding of every single customer. By monitoring every event and transaction taking place in real-time and from multiple channels, fraud attacks stand out and genuine customers are easy to recognise – all from an automated fraud prevention system. It’s an approach being adopted by TSYS, the largest payment processor in the United States. TSYS wanted to strengthen its position in faster payments using machine learning to provide clients with actionable insights in real-time. They’re implementing an advanced machine learning engine to protect their clients from fraud while providing a seamless customer experience.
capability to predict behaviour one step before the criminals think of new ways to behave. It’s up to organisations to embrace new fraud systems to gain a vital competitive edge in protecting their customers and their reputations.
Staying one step ahead Advanced machine learning systems are the way forward for financial institutions to stay ahead of the criminals. It’s important to take action now to reduce fraud while providing frictionless customer experience and protecting revenue. Fraud attacks globally are going to increase online and via mobile channels – you don’t need a computer science degree or a PhD in machine learning or statistics to predict that. My advice to companies tackling fraud is to make sure that your fraud prevention software is built by guys who have the
Featurespace www.featurespace.co.uk Featurespace™ is the world-leader in Adaptive Behavioural Analytics and creator of the ARIC™ engine, a machine learning software platform developed out of Cambridge University, which understands individual behaviours in real-time for enhanced fraud detection decision-making capabilities. Customers include TSYS, Callcredit, Betfair, KPMG, Vocalink/Zapp, Camelot, and William Hill.
009
Thought Leaders Corner
Ways for Risk Management Departments to Provide a Winning Customer Experience by Mike Splichal, MRC US Program Manager It is generally calculated that businesses must spend between four and ten times more to acquire a new customer than to keep an existing one [1]. With that in mind, we would like to share several strategies risk departments can employ to help deliver a strong customer experience, an important component of customer loyalty. Remove direct links from the body of your department's emails -- If customers need to take a particular action, such as resetting their password, or should visit a specific resource, such as a help page, give customers the steps or the path instead of providing a direct link. Much has been done to try to educate consumers on the peril of clicking URLs in emails; including links can become both a customer trust issue and drive additional contacts to your department -- or to Customer Service -- questioning the validity of the email. Involve your social media points of contact -- More and more customers are choosing to interact with companies using social media. Whether Customer Service, Marketing or another team
010
monitors your company’s social media accounts, ensure the relevant POCs know who to engage for any fraud, risk or security issues received via Facebook, Twitter or other channels. If your company does not already have an internally accessible contact matrix, creating one and reviewing it at least quarterly is a good place to start. Strengthen your CS relationship -- Meet periodically with appropriate personnel in Customer Ser vice leadership to discuss any important fraud/risk trends, projects or events
which may lead to CS contacts. Also, coordinate with CS on regular updates to their account security training so CS associates keep current on topics related to fraud and risk, such as social engineering. Keep communication concise and personalized -- Unless the customer's scenario involves a legal issue, risk investigators should refrain from using generic templates that come across as "blurbs" or contain extraneous information irrelevant to the situation at
Thought Leaders Corner Work towards a continuous feedback loop on rules/models -- In partnership with the analysts, data scientists or solution provider(s) who maintain your rule sets and/or machine learning models, continually assess false positives and dive deep at the first sign of an anomaly. Transactions inappropriately queued for manual review can delay orders unnecessarily; transactions cancelled erroneously are especially problematic and may result in an escalated customer service case. Operational input can play an important role in fine-tuning rules and models, leaving good transactions out of manual review queues and letting investigators focus on those transactions which truly are risky.
Mike Splichal,
MRC US Program Manager
Mike coordinates content for committees, presentation archives and community forums. He also develops member training and certification programs. and NatWest.
hand. Your customers' time is valuable, so limit emails to two or three paragraphs if possible, and consider using help pages to display more detailed information, if needed, about policies and procedures. Shorter emails also display more easily on mobile devices, perfect for customers on the go.
I mp l e m e n t c u s to m e r- f r i e n dl y technology -- Two-factor authentication, where a one-time use code is sent to the consumer’s cell phone via SMS or a special app, is an effective way to help protect customer accounts and confirm legitimacy. Enhancing mobile apps to permit customers to log in using fingerprints or facial recognition is another way to provide a simple, secure means of authenticating users.
Network with other risk professionals -- By joining a professional organization like the Merchant Risk Council, key fraud and payments personnel can gain valuable insights, discuss emergent threats and trends, and share best practices with other industry professionals. The MRC offers numerous opportunities to connect and learn: in person, via four annual conferences and multiple smaller networking events; and virtually, through MRC Communities, a portal which enables quick communication and timely feedback between fraud and payments professionals around the globe. Conclusion While preventing illegitimate transactions from being completed is a critical part of a risk department’s mission, it is equally important that legitimate customers have a safe shopping experience with as little friction as possible. We believe increased focus on good customers is a winning strategy for any eCommerce business, and will pay handsome dividends through increased loyalty and sales in the years ahead.
Sources: 1 = Kingwill, Ian (2015). What is the Cost of Customer Acquisition vs Customer Retention? Retrieved from: https://www.linkedin.com/pulse/ what-cost-customer-acquisition-vs-retention-ian-kingwillwhat-cost-customer-acquisition-vs-retention-ian-kingwill
About MRC: The MRC is an unbiased global trade association providing a platform for eCommerce fraud and payments professionals to come together and share information. As a not-for-profit entity, the MRC’s vision is to make commerce safe and profitable everywhere by offering proprietary education, training and networking as well as a forum for timely and relevant discussions. Find more information and visit: http://www.merchantriskcouncil.org
011
Your window to enter the Realm of Data Science Gurus
CONNECTING YOU WITH THE PEOPLE TO POWER YOUR BUSINESS EFFICIENCY
CONTACT US NOW
Having data dilemmas? Please contact: simon@digitalsource.com or visit www.digitalsource.io Digital Source | Herengracht 576 | 1017 CJ | Amsterdam | The Neterlands | +31 (0) 202 373 639
expert interview
Understanding the Total Cost of Friction Armen leads worldwide marketing strategy and execution for ThreatMetrix. Previously, he directed the go-to-market strategy for IBM’s $1B portfolio of 100+ SaaS solutions. Armen joined IBM through the $440M acquisition of DemandTec, where as VP of Corporate Marketing he built a modern demand generation engine and repositioned the business supporting a 3x increase in revenue over a 5 year span.
Armen Najarian CMO, ThreatMetrix
T
ech -s av v y millenials are becoming the predominant demographic as customers as well as employees. We talk to Armen Najarian from ThreatMetrix, about the right balance of remaining the competitive with new tech innovation whilst not compromising the customer experience. PCN: When you talk about ‘Digital Transformation’ in the Financial Services industry, what does that mean to you? AN: Digital Transformation as it relates to fraud and security breaches is no longer just an IT issue, it’s a business issue. Banks don’t typically measure the cost of friction but the tangible losses are in the billions. Banking and Commerce transactions are increasingly done online or via mobile devices and we’re putting our personal information out there at an accelerated rate. This creates greater opportunity for fraud and security breaches.
When fraud occurs two things happen: 1. the industry responds by implementing stricter authentication measures passwords, captchas, verif ication codes - that end up hampering the user experience, and 2. customers lose trust. Adding more hoops for users to jump through degrades their experience enough that they can be willing to walk away - creating financial loss. On the same hand, loss of customer trust means that they won’t be recommending services to friends and family, and that also results in financial loss. Digital transformation effectively addresses business concerns and IT concerns, minimizing customer friction while tackling fraud. PCN: In March, 2016, First Annapolis conducted a study* on behalf of ThreatMetrix on controlling friction while tackling cybercrime. What surprised you most about the data? AN: There were a couple of things. The sheer volume of individuals using digital means for important transactions, and the high cost of loss due to fraud and friction. In our study, 38% of people reported experience with banking and payments fraud within a 3-year period.
66% had their payment card information compromised, while 45% said their information was used to make online or mobile purchases. Because of fraud, 90% took actions to secure their account and 34% changed their behavior, but 10% actually left their bank. Of the demographics, millennials were more inclined to take action as a result of real or perceived problems. Let’s talk about that 10%. Assume that of 215.1MM banked consumers, 9% experienced fraud in the last 12 months. That’s 19.4MM fraud victims, of which, the 10% that left/will leave amounts to around 1.9MM relationships lost. No matter what the dollar value of those relationships, that’s a staggering loss. PCN: As a consumer, wouldn’t you rather go through challenges than risk compromising your identity and data? AN: The Catch-22 for the industry is that the cost of fraud and fraud prevention is significant, but so is the cost of friction created by customer-facing step-up challenges. The study shows that fraud and the customer response to it don’t vary much by geography or demographics. The majority of
013
Expert Interview individuals don’t perceive mobile transactions to be as safe as in-person or even online transactions regardless of increasing security barriers. That’s important information for the banking and ecommerce. The traditional method of adding increasing measures of security, i.e., stepup challenges, puts the burden back on consumers and introduces a potential point of failure in the relationship. 83% of our study respondents said that they had experienced step-up challenges in the past year, with nearly 50% saying it happens frequently. PCN: Of those 83%, what was their perception of the customer experience? AN: Consumers left their banks because the experience was too irritating. Forgetting usernames or passwords, getting locked out of their accounts...this is frustrating to consumers, especially on a mobile device where there is an expectation of immediacy and convenience. Increased authentication methods can lead to increased customer
complaints, customer servicing costs, decreased account revenue if they leave, and lost customer relationships that cost the financial services industry billions of dollars.** It’s not enough to push the problem back on the consumers and there are consequences to that.
experience are not mutually exclusive. It’s important to take a holistic approach to digital security. The net is that the financial industry has to do better to tackle ongoing threats while preserving the customer experience. *First Annapolis conducted a multi-market consumer survey
PCN: Fraud and security challenges will likely escalate, how can the financial services industry keep up with the costs to themselves as well as their consumers?
based on a sample of 3,090 consumers from the U.S., U.K., and Australia
**Of the 83% experiencing step-up challenges, 3% will likely leave their bank as a result of friction. This equates to 3.9MM Relationships lost
AN: The financial services industry needs to invest in both preventing fraud and preventing the friction that comes with the consumer-facing prevention techniques. In countries such as Europe, where EMV has long been in place, there are still significant rates of fraud and loss of consumer confidence. This finding underscores the fact that EMV isn’t the answer to all security and fraud challenges and step-up challenges are creating greater friction.
at an approximation of $2,533 Est. revenue remaining per relationship, or $10.0 Bn Lost Relationship Value
This is what digital transformation is all about. Security and a positive digital
ThreatMetrix®, The Digital Identity Company, is the market-leading cloud solution for authenticating digital personas and transactions on the Internet. Verifying billions of annual transactions supporting tens of thousands of websites and thousands of customers globally through the ThreatMetrix® Digital Identity Network, ThreatMetrix secures businesses and end users against account takeover, payment fraud and fraudulent account registrations resulting from malware and data breaches. Key benefits include an improved customer experience, reduced friction, revenue gain, and lower fraud and operational costs. The ThreatMetrix solution is deployed across a variety of industries, including financial services, e-commerce, payments and lending, media, government, and insurance. For more information about the study or related topics, please contact: Jaci Robbins, Director of Marketing, (jrobbins@threatmetrix.com)
014
Spotlight You think you have what it takes to start a business in a super-hot market? PCM takes a close look at some of the most innovative and promising startup companies in the payment industry.
'WE MAKE NEW TECHNOLOGY APPROACHABLE...'
Roberto Giorgio Valerio, CEO at Risk Ident GmbH, studied Business Administration but his programming history reaches far back. He started programming at the very young age and therefore he is very technically skilled for a business focused professional. Before Roberto started Risk Ident he was already involved in 3 other startups as a founder.
to create a device fingerprinting solution in 6 months. The good news is that our team kept that promise and delivered on time. After being approved by the Otto Group, the initial project turned into a company in March 2013 and by now has become a leading provider of fraud prevention software within the online space.
Where did the idea for Risk Ident originate and what’s the organization’s vision?
What sets you apart from other anti-fraud solution provider?
Risk Ident started out as a project within Liquid Labs, an incubator of the Otto Group based in Hamburg, Germany. The Otto Group is second largest European online retailer. This company has an estimated 12 billion Euro annual turnover, roughly 7 billion of that is online retail. Within Liquid Labs the project team looked into different aspects where they could leverage the knowledge and data of the Otto Group. Actually Risk Ident was founded as Device Ident, which was a focused on device fingerprinting. The Otto Group’s goal at that point was to use device fingerprinting for its online shops. That’s the point where I came into play because I promised
016
Risk Ident was able to use the knowledge of the Otto Group and its great amount of historic data to built its first fraud prevention product. With tens of millions transaction every year having the Otto Group as a domain expert (including its years of experience of how fraud looks like) is a great advantage and benefit for Risk Ident. Even though the Risk Ident team consists out of mostly data science professionals and senior software engineers who did not have in-depth experience with fraud prevention or payments before, we were able to create some of the most technically advanced products for anti-fraud solutions on the market. The reason for that is that we might be seen as the
startup spotlight latest to the game but we do use the latest technology that others weren’t using a couple of years ago. As the technical landscape is undergoing continuous change and innovation, we always try to be at the vanguard of that front. So, with more than half of the Risk Ident team being either data scientists or software engineers we focus mainly on a continuously evolving product that strongly benefits from the latest technology. Where does Risk Ident stand now and what’s on the horizon for the company? We currently have 50 clients which are mostly big enterprises. Our client group includes some of the biggest mobile network operators, big ecommerce stores (with at least 100-200 Million Euro annual turnover) Fintech companies as well as banks. I think we have a strong position in the German speaking markets and therefore have become one of the leaders on our home domain. We just started to venture into additional European market and at the beginning of next year we’ll also be operating in the US. Putting it into a startup environment perspective you commonly need three essential components to become successful. These include having a great team, building excellent products and eventually selling it to real clients. We have accomplished and gathered these vital startup elements and now it’s all about how to scale up our business. Moreover, we do target only larger companies who can use our tools to enhance their fraud protection. More importantly we realized that it doesn’t matter if we sell to a big German e-commerce player, a UK based telecommunication company or an US travel portal because many fraud cases are very similar in the way fraudsters operate. One of our advantage is that the tools we built are very agnostic to the market and will also work for other markets. The only thing we have to do is to train the tools with different data. For that reasons I’d say that we have good chances to expand to new markets on a global scale. In your experience of fraudulent transactions, what is the most common source of fraud? When talking about online retail there are two main aspects about fraud. On the one hand, there is the single fraud cases in which commonly people with bad credit score try to obtain goods. You can usually identify them by behavioral actions like changing their name or address and they try to get one product or service. In contrast to that there is the very harmful organized fraud. These people are very professional and oftentimes even do that illegal activities for a living. What is more, they don’t stop at e-commerce fraud alone, they would try to get to other people’s online loans or similar personal account information. Another fact why organized fraud is considered a lot more harmful than single fraud cases is that with the increasing number of fraud cases, the risk to have full complete loss scales up. Unfortunately, the trend of organized fraud is becoming stronger right now. In conclusion organized
fraudulent activities represent the bigger problem and risk for the merchants. Will upcoming regulations in Europe influence Risk Ident’s business, and how? Our main advantage in this regard is that our fraud prevention software can be installed on premise. That’s very handy when we talk with banks for instance, as they are working with very sensitive customer information which banks won’t share with third parties. And even the large e-commerce customers with the big data breaches that happened throughout the last years they were very reluctant to hand out their end costumer data to a third party. When working with our software the clients can install and integrate it on premise and they can train it with its data without sending out a single customer information. That is an immense value we can offer in comparison to other anti-fraud solution provider. In that light regulations are not a major challenge for us to overcome. How do you teach a machine to get smarter at identifying fraud? In the light of machine learning there is one major misconception. Many people say that their machine learning component of their product is like a secret ingredient. I think that the machine learning algorithm you use is not the main advantage. There are many rather simple algorithms that can be very good, such as Random Forest, Naive Bayes or Logistic Regression. However, there are two things which are more important than the machine learning component. First of all, it’s about the type of data you feed in – when feeding in lowquality data then you can only expect poor results. The other vital aspect is how to scale a machine learning system on a production level in terms of amount of data and response times. That’s why Risk Ident is very transparent about our machine learning components and sometimes we even tell our customers which specific set of algorithms we use on their data because we know how hard it is to provide it on a stable productive software solution and you need to know what you put in. The machine algorithm typically will only understand numbers, so you have to get your data pre-processed also
017
startup Spotlight
For more information please visit https://riskident.com/en/ known as feature extraction. Examples: An address could be converted into a geolocation, an email could be evaluated by name, domain or general structure of the email. After that you need to know how to feed it to the machine learning box and only then you can obtain good results you can work with. To give an example for that, you can feed in an email address and the machine learning component can find other transactions with a similar email structure. Based on that I believe that the competitive advantage in our work space rather lies in how strong you are on the technology level, which contributes to your ability to build good software and ultimately making sure that the software is scalable. What are some best practices for business owners when it comes to protecting their customer’s information? Personally I think, that one of the best practices is educating
your customers. By instructing them to not use the same password for all their different online shops and online services and reminding them to change the passwords occasionally and write them down. Simply because today it is much harder to get access to a paper note with written passwords than hacking into your laptop. To that end, it is paramount for all types of businesses to educate the end-customer about being prepared and careful about that sensitive information. Besides, not handing out any end-customer information is of vital importance. Fraud prevention can be done in-house by using on-premise software. Every time you let a third party or service access your end-customer data you risk customer data loss. Furthermore, try to store vital customer data encrypted: Businesses should use individual hashing for passwords and to be more specific they should be using individual salts to ensure the passwords cannot easily be decrypted even after customer data was stolen.
The Risk Ident team always strives to enhance their products
018
jobs
Hot Jobs TECHNOLOGY PRODUCT
HEAD OF INTERNATIONAL
PRODUCT & BUSINESS
MARKETING MANAGER
BUSINESS
DEVELOPMENT MANAGER
Amsterdam | The Netherlands
Munich | Germany
Munich | Germany
COUNTRY MANAGER
COUNTRY MANAGER
COUNTRY MANAGER
FRANCE
U.K.
ITALY
Home based in France
Home based in the UK
Home based in Italy
PAYMENTS (OPERATIONS)
COUNTRY MANAGER
INTERNATIONAL PAYMENTS
PROGRAM MANAGER
SPAIN
MANAGER
London | UK
Home based in Spain
Amsterdam | The Netherlands
SALES ENGINEER
RISK MANAGER
EMEA SALES MANAGER
New York | United States
Hong Kong | HK
London & Dublin | UK / Ireland
019
events
Events Accra - Ghana This year’s theme is “Connecting people to Banking & Financial Service through Financial Inclusion”. This conference aims to make financial inclusion a reality for the masses. Through this event, all the key decision makers in the Banking and Finance sectors will be brought together as a way of facilitating the exchange of ideas, experiences and strategies that they have come across in their careers.
1–2
London, United Kingdom
7–8
After last year’s huge success, Digital Travel returns for its second year with an action packed 2-day agenda of interactive case studies, roundtables and workshops. The sole aim at the event is to provide a “how to” guide to transform your digital strategy to drive online revenue growth.
London, United Kingdom
Discount Code: PCN20
PayExpo Europe is the ultimate event for anyone looking to make their payments process faster, easier and more secure. As the UK’s largest event, PayExpo attracts 2000+ attendees from over 50 countries and 700 different organisations who meet to network, learn about the ever changing payments landscape and make essential business contacts for the year ahead.
London, United Kingdom
7–8
020
The Center for Financial Professionals invite you to attend Vendor & Third Party Risk Europe, a two-day conference featuring an FCA KEYNOTE ADDRESS from Robin Jones, Head of Prudential Specialist Supervision, Financial Conduct Authority (UK). Plus don’t miss the opportunity to hear interactive discussions and presentations from over 20 senior risk experts.
7–8
events
Amsterdam, The Netherlands Discount Code: partner This large scale international conference hosts various cities, system operators, energy companies, industrial organizations and technological parties. They come together to share knowledge on how to achieve a Smart City. Projects where climate ambition and energy transition are the main focus point. Amsterdam Smart City is official host of the Smart City Event.
7–10
New York City, United States
14 -15
The Center for Financial Professionals invite you to attend Vendor & Third Party Risk USA, a two-day conference set to feature interactive discussions and presentations from over 20+ senior risk experts who will address; Regulatory Landscape, Defining Vendors, Due Diligence, Categorizing Vendors, Operational Risk, Documentation, CyberSecurity and much more!
Victoria Island Lagos, Nigeria Intermarc Consulting hereby brings to you the annual CBN Cashless CardExpo Africa. The objective of this conference is to focus on the future of retail payment as well as promote and deepen the adoption and usage of electronic payment in Africa with the theme “Retail Payment & Ecommerce”.
14 -16
London, United Kingdom
20 -21
Retail Banking Analytics, is a two day event bringing together 150 retail banking professionals to discuss solutions for data management and cultural challenges and enable banks to define an agile, automated and actionable analytics strategy to improve profitability and enforce customer centricity in an increasingly digital and competitive landscape.
021
events
London, United Kingdom
Discount Code: WMPCN10
This landmark one-day summit at The British Museum assembles the most exciting, forward-thinking innovators and captivating thought leaders in money, banking and finance. The international lineup of speakers covers a fascinating range of topics including the evolving role of digital currencies, issues of security and trust, crowdfunding, friction-free transactions and the democratisation of investment and lending.
Discount Code: BBF_PCN
27-29
23
New York - United States
Engage in an open dialogue with professionals at the forefront of biometrics. Come address the emerging challenges banks and financial institutions are facing regarding the adoption of biometrics and the integration of these technologies into mobile devices, online service applications, and ATM machines in order to ensure customer satisfaction and enhance security.
London - United Kingdom Mondato Summit Europe is the mobile financial services and related commerce space, more succinctly termed Mobile Finance and Commerce (MFC), has witnessed the emergence of several inter- and intra-industry constellation service propositions, such as Apple Pay and CurrentC, which are shaking up the status quo.
022
5–6
Payments & Cards Network Driving Innovation through knowledge TALK TO US
We value your feedback and ideas! If you’d like to discuss a specific topic, don’t hesitate to contact us. Get in touch today and maybe you will be featured in the next edition: Amsterdam Office Herengracht 576 1017 CJ Amsterdam The Netherlands Email: info@ paymentsandcardsnetwork.com Tel: +31 20 3030 257 Fax: +31 20 8208 295
Follow us now and stay up-to-date with the latest happenings in the payment world!