Current context of the means of payment

Before the pandemic, the world of financial services and means of payment was already immersed in a process of profound and rapid transformations that challenged the dominant position of the traditional market players. The growing power of consumers, which had significant impacts on other vertical segments of activity, is also strongly manifested in banking activities, progressively forced by the market to incorporate channels and products that contemplate new ways of executing financial transactions, better adapted to the life and consumption habits of the population, especially the youngest, who demand immediacy, mobility, freedom of choice of the channel to be used and new products that are easier to use and cost less.

If we thought that no one could know more about technology than generations Y (“millennials”) and Z, we are very wrong: the Alpha Generation arrived, the first that is 100% digital native, made up of those born between 2010 and 2025. The letters of the Latin alphabet are over, but we started using the Greek alphabet.

The proliferation of digital channels was deepened and accelerated and new products such as instant payments began to appear, which significantly reduce costs for consumers, extending without limits the execution windows of payment transactions and instantly producing the credit of paid values, regardless of schedules, weekends or holidays. This product began to benefit Customers – Consumers and decreased the margins of financial institutions. And new providers of financial intermediation services known as FinTech began to appear, that maximized the use of digital channels (hence the Tech) tending to offer the market better conditions for new and traditional products.

At the same time, Open Banking emerged, another global initiative in favour of openness and greater transparency in the means of payment and financial intermediation, which reinforced pre-existing concepts on the right of consumers to own their general information (masters) and financial behaviour (transactional), favoring the incorporation of new players, forcing traditional players to allow the integration of these new players through programmatic interfaces (APIs),and the exchange of consumers’ registration and transactional information, always with their prior consent, which facilitates the intermittent use by Customers of the services of numerous traditional and emerging players, simplifying processes and, once again, reducing costs to consumers

In the words of CPA Enrique Iglesias, former Foreign Minister of Uruguay and former President of the Inter-American Development Bank (IDB): More than in an era of change, we are in a change of era”.

In this context, we are witnessing an exponential growth of payment transactions through digital channels, through products that, while better suited to the preferences of consumers by significantly simplifying their user experience, present greater vulnerabilities to attacks by financial criminals, who have also changed radically, becoming experts in technology, able to effectively use sophisticated tools such as Big Data Analytics and Social Engineering, to monitor the activities of Customers until detecting opportunities to execute fraud. And when this happens, they quickly escalate, exploiting this vulnerability to produce significant losses in minutes.

The means of payment are experiencing a substantial increase in the volumes of digital transactions, and, at the same time, a considerable increase in fraud. The predominant traditional second-generation defenses, conceived for another reality, rebelled completely ineffective to contain this wave of financial crimes in real time, much faster and more sophisticated, highlighting the urgent need to build platforms collaboratively integrated by multiple prevention and detection engines in what constituted the third generation of anti-fraud defenses.

 Exit barriers and “churn”

FinTech and other new players in financial intermediation services began to offer the market products very well adapted to the usage preferences of the majority of Clients – Consumers, incorporating in them the preferred concepts of mobility, simplicity, immediacy and low cost, unleashing a fierce competition for the conquest of Clients and forcing traditional banks to follow the same path with the consequent erosion of their margins.

The examples of these products are numerous and cover the entire Customer’s lifecycle, starting with their acquisition, which in this new scenario includes digital onboarding offers, without the need for new customers to travel to a bank agency, executing the entire process virtually online through the use of advanced technologies such as biometrics and multi-factor authentication (MFA). Other examples include, for example, the execution of “voice contracts” through a telephone connection with a recording of the customer’s voice authorizing the release and delivery of debit and/or credit cards, or the execution of instant payments through QR codes from the customer’s phone.

This phenomenon of “empowerment” of Customers – Consumers is part of a global social and economic phenomenon that covers all sectors of activity, as exemplified by the “number portability” established by legislation in many countries, determining that the telephone number belongs to the User, not to the Operator, so that, if a User migrates from one Operator to another, he/she can take his/her number with him/her. The eventual change of the telephone number, known by Customers, colleagues, friends and relatives, was an exit barrier that hindered the migration of subscribers from incumbent Operators to other providers. “Number portability” eliminated this exit barrier. 

In the same direction go the Personal Data Protection Laws approved in most Western countries, which establish with force of law that the master and transactional data of the Customers – Consumers, of undeniable market value, belong to said Customers – Consumers, and can only be used for economic purposes through their authorization. Note that these provisions are a basic part of the concepts of Open Banking that oblige financial institutions to share their Customers’ data in the market if they so request it, thus paving a path that opens up opportunities for new emerging players to participate in the financial market, increasing competition and producing improvements in the services received by Consumers at the same time as substantial reductions in the costs that such services entail for them.

In this context of proliferation of attractive and economical product offerings, the exit barriers of Customers from traditional banks are becoming lower and lower, tending to make it as easy to change from “preferred bank” as “preferred airline”. As FinTech offerings increase, “churn” rates exceed acceptable percentages and set off alarm bells for traditional banks.

 The Customer experience

 Never more than now, themain routers (“drivers”) of the banks put the Customer in a central position (“Customer Centric“). This is a strategic and survival issue in a new era, in which the vertiginous rise of digital transactions and the proliferation of highly sophisticated fraud threats exacerbated the need to implement faster and more secure processes.

However, mounting an excess of controls could “plaster” legitimate operations, generating high rates of false positives, which should be avoided at all costs. The reason for this is the growing importance of the experience of Customers, increasingly demanding and increasingly with greater facilities to change banks.

Let’s think now in the case of a Customer of the bank who is buying an air ticket online, and after a good time browsing to get the “perfect offer” tries to make the purchase, but the bank incorrectly blocks the payment (false alert or false positive) causing the Customer to lose all the effort made and all the time invested to reach the right offer for his/her needs, everything must be restarted from the beginning. Imagine the customer’s irritation with his/her bank. Indeed, high rates of false positives are one of the main causes of friction and irritation of Customers, characterizing a poor Customer experience. On the contrary, offering services with low false positive rates, not only allows to generate substantial savings in the operating costs of the bank in analysis and investigation, but, fundamentally, contributes to improve the experience of the Clients. 

Most of the predominant defenses, mainly second generation, are based on neural networks or statistical modeling engines that perform indirect detection (using “consortium data”) in “black box” mode, and produce high rates of false positives.

The third-generation anti-fraud platforms collaboratively combine a variety of fraud prevention and detection engines that perform direct detection (through proprietary data) in transparent “white box” mode, and allow to graduate and know “a priori” the desired false positive rates (the desired level of service), counting with tools and processes that allow reducing drastically the rates of pre-existing false positives.

That is precisely one of the competitive differentiating factors of the latest (third) generation anti-fraud platforms: their ability to significantly increase fraud detections with minimal false positive rates. That is why these anti-fraud platforms openly announce that their false alert rates are significantly lower and that they can parameterize the platform to obtain the desired level of service, which typically delivers false positive rates in the 1:3 environment, as shown by some real cases of installations that significantly reduced their false positive rates by replacing their previous solutions with third-generation platforms.

Such are the cases, for example, of the National Payment Switch of France STET with 10 billion annual transactions, sustained peaks of 4,000 TPS, 1 billion euros of savings for avoided fraud and false positive rate 1:1, or the North American Processor FIS that declares to have reduced net fraud by 72% and false alerts by 90% after replacing its previous second generation solution,  implementing a third-generation platform.

But, how is this substantial improvement in the false positive rate achieved? Analyzing this question is particularly relevant.

Let’s start by mentioning that third-generation anti-fraud platforms (PAF-3G) are “channel agnostic“, because from their conception they were designed for an environment with a proliferation of digital channels. PAF-3G are “cross channel“, that is, they analyze and qualify transactions (generate a “score” or scoring) regardless of the channel through which they arrived, and considering profiles calculated based on all existing channels. Recall that most second-generation solutions proclaim themselves as “multichannel”, because they were designed for some channels and subsequently adapted to other channels, which is very different from being authentically “cross channel“. 

Secondly, PAF-3G use a wide range of information sources in their decision process, not only transactional data (primary data), but also Master Data and information from other external sources such as “black” and “white” lists, and device reputation and IP addresses (secondary data), which allows them to perform direct detection (with proprietary data), but also to combine it with indirect detection (with consortium data).

Finally, PAF-3G combines these data sources with the use of functionalities that allow them to voluntarily graduate, in order to reduce the false positive rate, such as their powerful Entity Profiling capabilities. Profiling consists of recording, to be accessed very efficiently (through indexes), the typical behaviors of different entities, calculated based on past information of those entities (statistical capability). The entities subject to profiling can be numerous, such as “transactional sequence patterns” (financial crime modalities), devices, Customers and Merchants, to name a few of the main entities subject to profiling.

The combination of the “cross channel” condition (not to be confused with multichannel) with numerous sources of information and with the functionalities of integral profiling, that is, the profiling through all channels allows the PAF-3G to generate in milliseconds a 360º vision of the behavior of the Customers, which makes it possible to produce fewer false positives and a 360º vision of the criminal activity,  that allows obtaining  higher detection results.

Let’s look at an example. A Brazilian bank receives a credit card payment transaction belonging to a Customer that typically only makes transactions initiated from Brazil. The IP address of the device is from Japan and the account to be credited belongs to a Japanese bank, which is completely outside the Customer’s usual behavior pattern.

A second-generation solution will recommend declining to process the transaction, while a third-generation anti-fraud platform (PAF-3G), through cross-channel profiling, will confirm in milliseconds that the Customer made an online purchase a few days ago from a Merchant, that is an airline company, and made a withdrawal from an ATM in Tokyo the previous day. Result: the third generation platform will recommend to the authorizing system the processing of the payment transaction to the Japanese restaurant, considering it legitimate, avoiding the Customer unnecessary hassle. All in less than a hundredth of a second!

It is also worth considering the own simulation functionalities of PAF-3G, which allow the bank’s Anti-Fraud Analysts to work with real production data from the past and with profiling results, in a simulation model (“Challenger”) to carry out fine tuning activities of the parameters and rules, dosing and knowing “a priori” (before placing anything in production) which would have been the result of applying this model in simulation, in terms of fraud detection and false positive rates. That is another example of the truly cognitive characteristics of PAF-3G (because they combine the automatic functionalities of prevention and detection engines with the knowledge of the Analysts) and of transparency (“white box”) by allowing the Analysts not only to visualize the rules that would be applied, but also to adjust these rules and to know “a priori” what their result would have been if they were truly placed in production.  In other words: the control and the last word will always be in the hands of the bank’s Analysts, not the software, much less its provider.

Banks have always been concerned with customer loyalty and retention; this is not a novelty of this era. But if we combine some elements of the current scenario we will find the ingredients of a “perfect storm”:

  • Customer dissatisfaction with products unsuitable for their usage preferences
  • irritation due to the repetition of false positives;
  • easily accessible availability of other service offerings more appropriate to the profile of current Consumers; and
  • ease of migration to the new providers of such services.

 Conclusions

In the current reality, real-time anti-fraud systems are more demanded than ever, due to the significant increase in digital transactional volumes through products and channels increasingly comfortable for Customers – Consumers, who present greater vulnerabilities and possibilities of fraud.

The banks’ “traditional recipes” are insufficient to combat increasingly rapid and sophisticated fraud. Making an illustrative comparison with Medicine: it is not possible to combat “new diseases” with “old medicines”; using traditional second-generation anti-fraud solutions at this time would be like trying to fight cancer by bleeding the patient instead of using the emerging discoveries of immunotherapy and other therapies resulting from the latest advances in medical science.

The new “FinTech” players do not have “the backpack” of old second-generation anti-fraud solutions, but directly combine their innovative digital banking products with third-generation anti-fraud platforms, offering their Customers a doubly comforting experience: by adapting to their habits of life and consumption and by avoiding the own frictions and frustrations of false positives.

For the above reasons, the Implementation Project of a new Anti-Fraud Platform will allow traditional banks to reconfirm a leadership role in technology and services, offering their Customers an improved experience of safe and efficient use of their financial services, with the most advanced technological components of Artificial Intelligence and Machine Learning protecting the most innovative products available in all their preferred channels.

José C. Nordmann
SME in Digital Fraud in real time
Member of the World Council for a Safer Planet
Member of ACFE (Association of Certified Fraud Examiners)