You’d suppose that consumers would be pleased to know their retailer is trying to prevent them from becoming the victim of fraud – such as hackers that access the personal details – but, in fact, you’d be only half right.
Naturally, you would be thrilled if the retailer stopped a miscreant half a world away from putting a high tab on your stolen payment information. However, if the transaction is refused for an important purchase you are in fact making, ‘thrilled’ would be about the last word that came to mind.
Therein lies the problem for anyone engaged in fraud detection. Looked at from the perspective of the customer experience, there’s a very fine line between getting it right and getting it very wrong. Moreover, you generally get it right only when you’ve really stopped a fraudulent transaction from taking place, but there are so many ways to get it wrong.
Pay at the Pump
Consider the following scenario: Your customer is about to make a large purchase but he or she has not told you about doing so. Suddenly, your fraud detection system is picking up a purchase that looks off.
Is it fraud or not fraud and how do you know? You could block the transaction, but when it is your customer trying to refuel their car by so doing you’re providing just the opposite kind of customer experience that you strive to provide. Moreover, your brand suddenly moves from top of wallet to that dark, ignominious place reserved for smaller purchases. Yet if you don’t block the transaction and it’s not your customer, then it’s not an experience you want to embrace.
Should word get out that you failed to detect and stop this fraud, your credibility and reputation as a retailer will suffer. Clients will find themselves wondering whether their information is safe with you. Should they start asking that question, it may be only a matter of time before their activities move to another retailer that they perceive as more credible.
Making the Call
What if, instead of blocking the transaction, you reached out and called your customer on her registered cellphone number. You can ask if she’s about to make a large transaction and if she says ‘yes’, you can ask for her verification details. Provided her answers give you confidence that she’s the one trying to do the purchase, then you let the transaction proceed without interruption. Surely this would be seen as great customer service and more proactive fraud protection.
However that policy can backfire too. Customers generally don’t like the idea that you’re scrutinising every purchase they make. That can feel more intrusive than vigilant – creepy rather than protective. Your zeal could actually become a liability no less damaging than the suspicion that you’re not zealous enough.
So is there a real path through this minefield? There is – the key to fraud prevention lies not in the ability to detect, in near real-time, the events that appear anomalous such as the expensive meals and the distant fuel purchases. Rather, it lies in the ability to analyse, in real-time, information from many different data sources to determine whether an event really is anomalous. The moment the transaction popped up in your transaction processing system, your customer experience management system should have been looking through other data or activity to identify indicators that the customer would be making a large purchase.
The fraud detection system that can perform this kind of multifaceted data analysis – within a second or two of the supposedly anomalous event – is the one capable of making a well-informed decision about whether there’s fraud occurring or not. If all the signs from all the different data feeds indicate that a trip has long been planned for these dates, your systems should be able to determine – with a much higher comfort margin – that the transaction is legitimate. Your job then is to provide an excellent customer experience by making sure the transaction happens as quickly and as smoothly as possible.
However, if instead your systems analyse the data and discover that your client has used the card in three local stores within the last two hours and was complaining about the local weather on Facebook that morning, then you really may have caught a fraud in progress and can phone the customer with a much lower risk of making the wrong call.
At that point, your vigilance is not creepy. At that point, you’ve made the right call.
Many banks around the world, large and small, continue to experience major security failures. Biometric systems such as pay-by-selfie, iris scanners and vein pattern authentication can help.
The implementation date of Europe's revised Markets in Financial Instruments Directive, aka MiFID II, is fast approaching. Yet evidence suggests that awareness about the impact of Brexit on MiFID II is, at best, only patchy and there are some alarming misconceptions.
Despite all the automation and improvements that digital banking has the potential to achieve, customers and their needs still form the very core of the banking sector.
Banks might feel justified in victim blaming when fraud occurs, but it does little for customer confidence.