We were privileged to host a roundtable at the Quality Chop House in London with a mix of clients and friends that represented a tremendous mix of perspectives on the current state of fraud.
We enjoyed the company and participation of a mix of finance, operations, customer service and fraud and payments professionals from a range of companies including Green Man Gaming, Encore Tickets, Resident Advisor, 31Dover, Minicabit and QuipUp all in attendance (alongside Ravelin CEO Martin Sweeney and CIO, Mairtin O’Riada). In fact Sam from Quipup enjoyed it so much we had an entirely spontaneous non-staged high five with Sweeney on receipt of his beautiful graph network artwork (exclusively available to all Ravelin clients, just ask).
So a real mix of experiences and perspectives. The discussion, as always with our roundtables, was under the Chatham House rule allowing for free and open conversation.
Fraud - more blatant, more of it, harder to stop.
A common theme emerging not just in this roundtable but across the year is that the fraudsters out there are feeling more emboldened than ever in their attempts. Even calling and speaking to potential offenders only has the effect of dampening their efforts and not stopping them. The group shared the usual frustration of attempting to have any fraudsters arrested.
There is still a comprehension and resources gap between what the police need and what online vendors can provide in order to efficiently effect a prosecution. Our recent podcast with the DCPCU gives some colour into what the police are doing but their focus is on large scale criminals and not the small-scale persistent offender.
The panel shared that they are not picking up on determined gangs of third party fraudsters in their fraud networks. This might be because this large-scale ‘fraud-to-order’ industry is in its infancy. It might be the nature of the businesses at the roundtable. Certainly they all had their ‘pros’.
In ticketing for instance certain events were very definitely high-risk due to the resale value of certain tickets and there are persistent, determined and skilled fraudsters who will target these events. For the delivery companies the classic signals are the items that are ordered. Someone once memorably ordered 10 bottles Ciroc Vodka and a kebab!
Worryingly while we clearly have professionals working at the backend to perform breaches and hacks for identities and card numbers we might only be at the start of seeing gangs operate at the front end to actually secure the goods to order from often unwitting buyers.
GDPR and PSD2: next year’s favourite acronyms
The conversation turned to the twin challenges of GDPR and PSD2. In contrast to previous roundtables, people were reasonably comfortable with where they were as businesses on GDPR. While no-one would risk saying they were fully compliant, most at least felt they knew what they had to do.
The picture around PSD2 is a much more fluid one. Sweeney gave some background on the emerging authentication landscape and what it can mean for their businesses. Strong Customer Authentication (SCA) for every transaction has the possibility of being a great boon for consumer safety done right. Done wrong it could have serious implications for the health of the online commerce itself.
One simple piece of of advice is to keep a strong eye on the exemptions to SCA which relate to the fraud rate and challenge your PSP to comply with the exemption rate (or be able to prove that you do as a merchant). Being under the fraud rates means exemptions from authentication which will likely confer a competitive advantage to a merchant that can smooth the journey for its customers.
Growth not fraud
Finally one of the conversations we’re increasingly having with customers is less about fraud prevention per se, but more about how it is that we can help businesses to grow. Everyone at the table was representing a company with growth ambitions whether organic growth in the markets they were in, adding cities to their roster or, in case of Green Man Gaming, entirely new territories with Latin America.
A shared challenge is to make businesses aware of how pivotal the fraud team is to those ambitions as an enabler of expansion and not simply as a backstop to revenue loss. As discussed this can mean adding cities without repeating mistakes of the past, reducing false positive rates, reducing the reliance on 3DSecure, and ensuring promotions are not abused.
A key step forward in doing this is continuing to participate in the events like the roundtable. to share our experiences, to talk about the importance of the work that we are doing and the ways in which it is not a cost centre but a growth-enabler for businesses that are serious about succeeding in e-commerce for the long term.
We host these events regularly, usually in central London but we are looking to expand them across Europe in 2019.. If you think you could benefit from joining please contact me at gerry dot carr at ravelin dot com, whenever you are located and we will try to make it happen.