Predictions for Fraud & Payments in 2020

This week I caught up with Catherine Jones, Product Manager for Ravelin's payment authentication solutions, our smart routing system which combines risk scoring and issuer intelligence to route payments to the path of least friction. Catherine has 8+ years’ experience in ecommerce fraud prevention, working in risk and fraud teams at Worldpay and Groupon. Catherine shares her predictions for fraud in 2020 and what merchants should be focusing on.

There are 3 main technological trends that I expect to see develop in 2020:

1. Increased use of data and machine-learning solutions

I predict a continuation of the move from rules to data-led fraud detection methods. Today, many merchants are still using rules alone for fraud detection. I expect more and more will move to hybrid data-led methods involving machine learning.

I also predict that we will see increased use of consortium data pools, pulling more data in house and larger companies (eg. payment service providers) using chargeback data more efficiently. The increased use of machine learning will also help deal with these larger data sets.

2. More innovation in authentication eg. behavioural monitoring

As PSD2 takes effect across Europe and use of authentication increases, I hope that the demand for better authentication (security and experience) methods pushes providers to innovate and improve on existing methods even further. Biometrics are likely to be used more frequently for authentication methods, as we see with Apple Pay and Google Pay today.

We’ve also seen behavioural patterns emerge as a form of authentication. This helps determine any behaviour which appears abnormal for the user such as devices used, delivery address, payment method or their current IP address when ordering. This will be especially useful to detect account takeover - when a fraudster uses stolen credentials to break into genuine customer accounts and commit fraud.

As well as account takeover, we expect to see marketplace businesses using behavioural monitoring to alert to signs of supplier-side fraud. This could be useful for businesses who connect suppliers and consumers such as taxi services or food delivery. Companies will be looking for ways to monitor behaviour between suppliers and customers, for example the frequency of individuals connecting and number of cancelled orders by supplier.

3. Larger payment service providers and banks moving to the cloud

Moving to the cloud will help larger businesses to catch up with the latest fraud-fighting technologies faster. Despite security concerns, the cloud has benefits for larger companies - automatic upgrades, more predictable expenses and the ability to scale on demand.

There’s a slim chance that some international merchants may see additional fraud prevention measures as an additional expense adding to the costs of operating in the region, and be put off by this. However, most won’t want to miss out on the European market, and so I expect most large international businesses will embrace the new measures.

Look at GDPR as an example of a recent Europe-wide policy. Did this result in international merchants pulling out of Europe? No, they largely complied with it, and now we're seeing parallel regulations being enacted elsewhere.

In the future, international merchants may be encouraged to adopt the same fraud security measures across their business, where feasible. We can already see other countries and regions following suit and developing their own mandates, such as Australia. Eventually, it may even make Europe a safer market to expand into as fraud decreases, especially the more ‘historically fraudy regions’, such as the UK and France.

The main concern right now is that not enough international companies are aware that PSD2 exists, or don't fully understand the details. To help businesses keep track of the key points of all major regulations, we’ve just released the Global Online Payment Regulation map with a downloadable report which includes regulation, top payment methods and popular payment method providers for each country in the EEA, as well as country-level 3D Secure statistics and major global regulations.

Open Banking and increased data sharing. There are significant risks here around the fact that it will become easier for malicious actors to get hold of data and that when they do they will have more access and more opportunities for fraud.

More broadly, there is a continuing trend of fraudsters operating internationally, but many countries continue to face inwards. Without getting too political, I would like to see more cross-border cooperation to find and fight those accessing the funds and data of individuals around the globe.