Unfiltered Opinions: A place for those in the industry trenches to share their experiential knowledge on key topics prevalent in our industry today.
Fraud in Online Gaming The Need for Decentralized Identities The current way of validating identity (KYC & ID Fraud) within the online lending space is primarily done using “triangulation”. Application PII is validated against industrystandard databases that supply an aggregated view of public and credit records on file matching the PII. Confidence for this solution is developed based on database coverage and reputation. However, there are critical gaps to this approach; 1. High false positives, specifically for thin-file and new immigrants 2. Because of the subjectivity involved, it is still no fullproof way of answering the holy grail of all questions “Are You Who You Say You Are?”. This has given way to a plethora of fraud solutions that mostly use similar databases but augmented with more advanced machine learning...yet not solving for the root cause. A new way of authentications like bio-metrics or mobile verification is unproven and cumbersome to implement. All being said, the complexity in ID verification has added to the regulatory burden and higher costs of doing business for digital lending companies - running into billions of dollars. A blockchain-backed infrastructure for identity validation seems a promising solution, almost kindling the idea of an individual universal borderless identity. At a high level, it involves developing an identity consortium supported by blockchain to help companies accurately validate an applicant’s identity via a dynamic token, or private-public key, that will, in turn, return the pre-validated consumer information.
Opinion by: Subbu Narayanaswamy
C
The fraud sphere has not been altered in the 15 years I have been a part of it. It has pivoted to different types of attack vectors but in principle remains the same. Obtain or steal an identity, monitor a system to find its flaws, and use said identity. The times of unsophisticated single person operations have evolved into elaborate networks that transcend borders in the pursuit of profit. Having multiple locations, varying identities and access to different cards which may or may not abide by OTP measures gives an advantage to the perpetrators to attack where the system is weakest and with a low-risk profile. Strategies have evolved into multi-pronged challenge points to counter the sophistication in an intricate game of cat and mouse. The pandemic has brought the industry of e-commerce to the forefront as a means to continue consumer consumption in a contactless environment, along with it fraud has followed... not deviating in the pattern but taking advantage of the volume needing to sifting. By learning the system and it’s prevention and monitoring procedures even the most elaborate fraud prevention system will see itself bypassed. It is clear that during the pandemic the rate of fraud didn’t increase, or we are led to think this due to the average volume of traffic increasing. The number of gamers was as it is normally, but the playtimes increased. This behaviour may allow for better system studies and procedure testing so future attacks may be more sophisticated and harder to detect. In parallel to non-accurate delivery times and system overloads, the playing field was in favour of fraud. The results of which we will start seeing within the following months and beyond. On the brighter side, this influx also gave companies to better prepare and tools to better evolve to meet the challenge as well as new tools to emerge. The shift to a more online economy will not come without its headaches, but it is for the foreseeable future quite the reality.
Opinion by: Alex Kamberos
26
C
