Rake Narang: How is the growing popularity of smartphones and mobile Internet devices creating further threats of online fraud?
Greg Pierson: What technology enables is usually ahead of security concerns, let alone solutions. Look at cloud computing for a great recent example.
As online businesses scramble to take advantage of every new Internet device, feature and capability, they will inevitably be opening more vectors for fraudsters to abuse their business and user base. I don’t see this cycle changing.
Rake Narang: Are the thousands of mobile apps offering diverse functionalities, including games, reference, navigating, social networking, and even online advertising really safe? Are there any quick tips for consumers?
Greg Pierson: Common sense still rules the day. Generally speaking, and ignoring malware vulnerabilities, the online businesses you interact with can’t expose information about you that you don’t give them. Stick to reputable sites. Peace of mind alone might make it worth spending a few extra dollars with a site you know and trust. Some people feel more comfortable having a separate credit card or other payment vehicle that they only use for online purchases. In any event, review your statements carefully. At the end of the day, your bank will quickly take care of any fraudulent activity. The online business that was defrauded by some joker using your credit card will ultimately be left holding the bag, not you. In other words, all of us pay indirectly.
If the site’s revenue model isn’t obvious, you are probably the product. The old adage “There’s no such thing as a free lunch” is always good to keep in mind.
Rake Narang: Why is the database such a powerful tool in determining approval, review, or denial of transactions? And how is privacy handled in securing digital transactions?
Greg Pierson: Having protected billions of transactions, we have a database with more than 450 million unique computers from literally every country in the world. We understand how computers, iPhones, iPads, Blackberries and other Internet devices are related to one another.
Our real-time services tap this knowledge base to help online businesses protect themselves from any kind of fraud and abuse you can imagine. We are creating a powerful network effect as we aggregate data from hundreds of online businesses and thousands of fraud managers. Independent of identity and financial data provided by the end-user, we can tell you if the computer they’re using has ever harmed your business. More valuable still, we can tell you if their computer is related to any other device that has harmed your business. Moreover, we can tell you if any of these related computers are associated with fraud or abuse at any other business protected by iovation. The value of this network effect literally grows every second of every day.
While protecting our customers from fraud and abuse, we also protect the identity and privacy of their good customers. We don’t know the identity of the consumers doing businesses with the businesses we protect. We don’t collect personally identifiable information (PII) or financial data about consumers.
Rake Narang: Are there any substantial benefits of taking a practical proactive approach to fighting online fraud?
Greg Pierson: Online businesses that are subject to fraud and abuse need to take reasonable steps to keep problems to a minimum. The right mix of people, process and technology to mitigate risk varies greatly from business to business. What’s right for one business won’t necessarily work well for another.
From our perspective, the Internet device is the common denominator and Device Reputation is a powerful tool that helps many types of online businesses share the risk. Device reputation can be leveraged to significantly cut financial losses from fraud and abuse, while increasing operational efficiencies. And our shared platform enables businesses to immediately benefit from the collective experience of hundreds of other organizations and thousands of other fraud analysts that use our system every day. Defense in depth is also very important. We leverage tagged and tagless recognition, anomaly detection, profiling and real-time risk rules to maximize protection at transaction time. Our web service also makes device properties, geolocation, and details on each triggered risk rule available for further analysis in home grown or third-party analytics engines that combine device reputation and risk with other transaction data.
Rake Narang: How much does online fraud really cost businesses? What is the ROI for using iovation solutions?
Greg Pierson: For one of the Fortune 100 financial service companies that use our service, Forrester Consulting conservatively calculated a fully burdened ROI of 321%. In this case, they saved $8 million dollars and uncovered 43,000 fraudulent credit applications. Some of our subscribers see significantly higher ROIs, others less.
It’s harder to attach specific and meaningful ROI numbers for a social network or online dating site that uses us to keep out bad actors that are abusing their good customers, but we do have some interesting statistics. At one large international dating site, we help stop 3,000 fraudulent profiles from being created every single day. At another dating site, one-fifth of all dating profiles created each day are found to be fraudulent. On average, dating sites are reporting 10,000 romance scam attempts a month to our device reputation network.
New Era Tickets, created by Comcast-Spectacor, saw a 98% reduction in total fraud losses with iovation. New Era serves over 60 clients through US and Canada, from sports organizations to entertainment companies, including the Philadelphia 76ers, the General Motors Centre, The Rose Quarter, Dover Motorsports and Pocono Raceway. Handling 11-12 million ticket sales annually, New Era processes $400-450 million in business transactions each year. What started out as a significant fraud problem—resulting in nearly six-figure losses from one client alone—turned into an almost non-existent issue, with iovation’s fraud protection service. According to New Era’s VP of Client Services, Steve Geib, “There’s almost no fraud anymore. Now it’s a matter of someone not liking their seat. Can you imagine? Now that’s our biggest problem.”
In my opinion, the real cost of online fraud and abuse is grossly under reported. For starters, most reports are going after hard losses, like fraudulent credit card charges, which are not always reported accurately, not to mention the fact that a significant percentage goes unnoticed and therefore unreported by consumers. And most estimates don’t even attempt to estimate the cost of tools and people involved. The cost of abuse, like fraudsters scamming account holders at an online dating site, is even harder to measure.
The total hard costs of fraud and abuse are massive and extremely difficult to measure. The soft costs of added friction in the digital market place is even bigger. A tiny fraction of Internet users are bad guys that are making life more difficult, costly and time consuming for the rest of us.
We’re doing our best to try to change this, one device at a time, 450 million and counting. |
