Roberto Valerio, CEO of leading fraud prevention software company Risk Ident, shares his insights on the issues set to hit online businesses in 2017 and explains how organisations can combat increasingly sophisticated fraudsters.
2016 was a remarkable year in fraud. We saw the first pan-European e-commerce fraud operation, which ended with the arrest of 42 professional fraudsters, as well as a 17-year-old prosecuted for stealing 21,000 customer bank details from a major broadband provider. But like the mythical monster Hydra, one severed head in fraud can spawn two even more menacing heads.
Fraud has now become one of Europe’s most prevalent crimes; figures such as “You are now 20 times more likely to be robbed while at your computer than held up in the street” dominate headlines. But not only are individual internet users in danger: online businesses have never faced greater threats. In 2017, it is critical that they protect their reputations and their revenue with effective fraud management. Here are my top six trends to look out for in 2017:
- Shopping set to become mobile-first
The number of Europeans regularly using a mobile device for payments has tripled since 2015 (54% vs 18%), according to Visa. Through a mixture of in-person, online and in-app payments, more of us are using mobile devices to complete transactions. However, so are fraudsters. Using device fingerprinting technology, it is possible to see what devices fraudsters are using – often they will use multiple portable devices, alongside other masking techniques, in attempts to avoid detection or trigger fraud alerts. Fortunately, device fingerprinting and machine learning is helping the industry to track fraudsters and weed out their activities.
- Data breaches are not going away soon
Last year, Yahoo revealed that data from more than 1 billion user accounts were hacked in the largest breach in history. UK telecoms company TalkTalk was meanwhile fined a record amount by the authorities for failing to apply “the most basic cyber security measures” for 150,000 customers. In 2017, private and state-sponsored hacking will continue to target private user information, including names, email addresses, telephone numbers, dates of birth, passwords and security question answers. Collectively we need to identify such threats early and minimise any potential damage.
- Social media scams will flourish
As our online lives continue to grow, personal information available to fraudsters is becoming easier to obtain. Criminal elements are increasingly piecing together details about us that they can use to steal identities or break into our online accounts – sometimes, no technological expertise is needed, fraudsters simply take advantage of people sharing too many details publicly, which should be kept private. Social media users need to realise what damage fraudsters can do, even from seemingly innocuous posts.
- Account takeovers will rise
We all have so many online accounts that it may be tempting to use the same password for each account. Fraudsters know this and they are taking advantage of it. For example: Shopping on the black market in the dark corners of the web, fraudsters can buy usernames and passwords and use them to try multiple other accounts online. We expect fraudsters to attempt even more in 2017.
- The impact of bots is going to increase
Smart software can generate spam, vandalise information on Wikipedia or try to influence opinions on social media. But bots are helping fraudsters as well. For example, when it comes to ticketing, bots are often able to order tickets faster than real customers. The number of bots, and the level of their intelligence, will continue to increase in 2017, so we’d expect the booming ticket black market to grow.
- Machine learning and artificial intelligence are here to stay
More and more companies are recognising the scalable benefits of machine learning technology. They are doing research into their fraud problems and trying to find ways to put their latest findings into production. Machine learning has evolved significantly during the last few years and it’s obvious that the evolution of machine learning will go on and that systems are going to improve steadily.
When it comes to fraud prevention, it is important to recognise that technology alone is insufficient. Fraud managers with years of experience fighting fraud can never be replaced by a machine, but a combination of the two entities can produce far better results. People dedicate their lives to committing fraud with the help of technology; we should do the same to counter it. Driving innovation means aiding human intelligence with machine-level speed and scalability. It’s the best way of driving innovation and out-manoeuvring those who attempt to bring us down day-by-day.