Good morning, welcome to our webinar today where our topic of today is choosing the right fraud reduction intelligence tool in a digitally evolving economy. I'm John Tolbert, I'm a lead analyst here at KuppingerCole and today I'm joined by Paul Hossack, a systems engineer at RSA. So a little bit about our upcoming events. Before we begin next week, we will have two things. We'll have our cybersecurity leadership summit running through the early part of next week.
And then in conjunction with that, we have our KC live tools choice, which is focused on endpoint protection detection and response on the ninth. And then closer to the end of the month, we will have the debut of our cybernetics world 2020 conference. So hopefully you can join us for those as well.
About the webinar today, everyone is muted. We're going to control the muting and unmuting. We are recording the webinar and the slides will be available too afterwards. So we should hope to have those up by probably tomorrow.
And then at the end of the session, we will take time for Q&A you'll notice on the side here and the GoToWebinar control panel. There's a blank for questions. So feel free to type those questions in at any time and we'll address them at the end. So I will start off today talking about the background on fraud trends as we see them in the different fraud reduction techniques. And then I will turn it over to Paul to add some more information about that.
And again, we'll save time at the end for questions.
So starting off looking at the overview of fraud techniques and trends, you know, cyber crime has been a growth industry. Unfortunately, back in 2015, it was estimated to have siphoned off about $3 trillion out of the global economy. And by next year, it's expected to have doubled that. And so it's, it's a huge problem that businesses, governments face, and of course, individuals as well.
So, you know, let's look at what industries are targets. It may be easy to figure the things like banks and other financial institutions, payment services are natural targets or even retail, you know, because they have the money, but all these different industries have been targeted by specialist, malicious actors in one way or another. And in the time of COVID-19, we find that there's an emphasis on retail sites, healthcare sites in geodesy being a government to citizen healthcare.
I mean, just about every aspect of healthcare has been plagued by different kinds of account takeover attacks and things like that. Whether it's, you know, pharmaceuticals, healthcare providers, patient records, this has been an ongoing problem. And then even though people aren't traveling nearly as much as they used to travel and hospitality sites before the pandemic were increasingly being targeted as are other kinds of rewards programs, just due to the fact that the, the value of what is in those accounts can be converted to money.
So thinking about the major types of fraud that are out there today, we want to focus on two and one has three different names for it, but it's really all the same thing. It's new account fraud, synthetic fraud, some call it account opening fraud. And then on the other side, we have account takeover fraud, which is just what it sounds like we often abbreviate the ATO for. So we'll dive down on these a little bit more account take over taking over the account.
There's some interrelated ways in which malicious actors do this, probably still the most common involves fishing in one way or another sending emails designed to get people to give up credential information, whether that'd be by directing them to fake websites, to harvest those credentials or, or maybe taking them somewhere where they get malware installed on their machine, which might include key loggers or other root kids.
So that whenever somebody types in a username and password that gets captured and sent to the, the bad actor for their illegitimate use, there's still things like drive by downloads, where you may go to a website that's been contaminated and pick up malware. And the same thing, results loss of credentials. Spyware can grab ID information out of cookies.
In some cases, credential stuffing is kind of like using the compromised credentials that might've been found on the dark web, maybe from some other data breach, those username password combos can then be used by malicious actors to kind of blast those out against lots and lots of different sites, hoping that somebody has reused the same username password combination elsewhere that would allow them to get into that site. And then there's also brute force password guessing still happens today.
So account takeover fraud, it is what it sounds like.
And it is often based on those breach password dumps that are found they're often used for financial fraud banks, other kinds of financial institutions. I mean, people often think of banks, but I think we also need to consider, there are other places where people keep money and some of these kinds of businesses, whether they be pension hosting services or 401k service providers, insurance of different kinds, all of these kinds of companies or businesses are also under attack. And fraud is a major concern. Even things like real estate, miss escrow of misdirection, that's still happens.
And as, as I said, you know, frequent flyer programs, other kinds of reward programs, anything that can be converted into a more liquid kind of asset is going to be targeted in one way or another for account takeover. And we believe that, you know, the number one way to reduce the risk here is by using multifactor authentication and risk adaptive authentication.
And those really need to be powered by what we call fraud and threatened Teligent, which we'll get into a bit more in a minute, but to prevent those credential stuffing kinds of attacks.
And for various other reasons, we still are obligated to tell people don't reuse passwords and whatever you do. Don't use knowledge based authentication for cat recovery that's security questions because of the security questions, or, you know, that's a weaker form of authentication than even passwords new account fraud.
This is harvesting information about an individual so that you could build an account with somebody else's credentials again, for the purpose of probably moving money around and the kinds of data that malicious actors are interested in for this purpose includes things like your email address, maybe a phone number of course, name, physical address. Then there's also, you know, social security numbers, date of birth.
Those kinds of things are often used when you're trying to sign up for a new account and the malicious actors can get this kind of information from a lot of different sources like healthcare records, you know, they'll have, you know, address social security number, date of birth in many cases. So it's all right there, easy for a fraudster to put that information together and try to create accounts based on that same thing.
You know, government agencies, maybe your old school records, employment records, people who haven't necessarily, or they may have a legitimate reason for keeping records, but then they also may have a requirement to remove stale data, but either way, a lot of this data about individuals is still out there and can be used for this purpose. So why do they do this? Well it's for financial fraud, but often a different kind.
It could be for the mule accounts, creating accounts to move money around from the dark web, into the, the brighter world.
It can be used to open up credit cards or lines of credit, you know, transferring or translated cryptocurrency into currency. These kinds of accounts take a lot more effort to put together in the beginning, but for an attacker, they get more bang for the buck, literally because it can be harder to detect. And then once you have an account, you can do all sorts of things with that rather than just, you know, typically credit card companies will shut down fraud once they detected. So they may get one or two fraudulent purchases out and then it gets shut down with these kinds of accounts.
They can definitely do more with it usual in some of the main mitigations here, bot intelligence and management identity vetting. And then from a user perspective, there's credit freezes and fraud alerts that you can ask for.
So the major fraud reduction technique says, I see them today. I think there are six major techniques that these fraud reduction intelligence platforms have as capabilities. Number one, identity proofing, and vetting.
And we'll dive down into each one of these a little bit more in a minute, Prudential intelligence device intelligence bot intelligence and management behavioral, or sometimes called passive biometrics and then user behavioral analysis. So identity proofing and vetting. This is pretty straightforward from a conceptual point of view, but it can also be somewhat more difficult to do, especially remotely in today's world. This is just validating a person against some authoritative documents and most cases.
So the best way to do that often tends to be using some sort of authoritative government issued ID, whether it be, you know, a state or national ID or a passport. And you'll notice these things generally have pictures.
And in many cases they have digital components as well. So identity vetting, you know, in, in the old world, we would, you know, take our credentials into let's say a bank and show those to a person in order to get an account. There are options today where you can do mobile based document verification and, and selfie verification.
And that kind of helps with the whole remote onboarding, a requirement that we see today. These can also help with complying with like anti money laundering regulations and know your customer regulations and initiatives. But the end goal really is to increase identity assurance, credential intelligence. This is using information about the credential, you know, in a lot of cases today, we see businesses using somebodies email address as a primary Prudential. So finding out where that username or email address may have been used fraudulently before.
So couple of different approaches for that, you know, if you're a big identity provider, you've got a lot of information about the credentials on your network. So, you know, where maybe somebody has tried to log in with those and, and failed.
And then also there are third party services that aggregate this across lots of different identity providers, or they may take into account other kinds of intelligence package this and allow companies to subscribe to that as feed or as a service that they can query over API APIs.
And in this case, you know, you can get a much larger set of data about possible compromised credential usage, and it has to be fresh. I mean, it doesn't really do you any good to know that somebody may have had a password breach, you know, two years ago likely they've changed it or gotten rid of the account altogether or something. So freshness of the information is really important as well. And then risk analysis. This is taking this credential intelligence and other things into account. Every time you do a transaction.
So plugging lists, credential intelligence into the risk engine is a necessary component to there's a long list here of attributes around device intelligence.
I won't go into all of them. And this is certainly not even a comprehensive list. I know some vendors will look at 200 different attributes.
I mean, I will call out a couple that I think are important that, that not every vendor does geo velocity. Sometimes this is called the possible journey. When we get back to traveling, it's, it's good to know that a person shouldn't be able to log in and let's say chili, and then an hour later login from Japan, it's just not physically possible. And this is something that should always raise a red flag in a risk analysis, a device health assessment is the other, that's not quite as common. This is measuring a device to find out.
Does, does it have malware? Does it have some sort of anti-malware installed?
Is it, you know, signatures or machine learning detection algorithms up to date, what OSTP and patch level, a lot of this information can be gathered at runtime and decisions made on that.
But again, not all of the fraud reduction, intelligence platforms support that particular attribute, user behavioral analysis. Another important thing to look at this is really about considering the present request or transaction in light of past transactions, you know, are, is a user presenting your requests that falls in line with what they've done before, or does this differ significantly?
If it does, then that might raise some alarm. If it's a transaction type that hasn't been done before, or maybe the amount is just way too much, or maybe a whole series of things has happened, you know, in a short time period, that's very atypical of a given user. These are things that should be considered, you know, before every transaction and does really depend on not only a comprehensive user history where possible, but also the use of machine learning detection algorithms.
Then we have behavioral or sometimes passive biometrics they're called.
This is looking at how users interact with their devices. This is case of, you know, many times this is implemented as JavaScript dropped on a browser to, you know, see how a user types now, the dwell time, things like that, or how they move their mouse. So you can build a fairly unique profile based on how people interact with their devices. Same thing on the mobile side, you can do swipe analysis, how do they press the touch screen? How do they, and they actually move and hold the phone, a gyroscopic analysis gestures. Then you can look at other bits of data.
Like, are they on networks that they commonly are on? And both on the, you know, the cellular side too, are they on a mobile network that they maybe have never been on before plug that location analysis into the risk decision?
And then lastly, we get to bots here. I thought this was interesting because this is a taken from a researcher site where one is generated by a bot. This is video game input, and the other is generated by a real user, but you can see from a pattern perspective, they look pretty similar. The answer is the one on the right is actually generated by the bot.
But you know, it would be hard to tell this without machine learning analysis and looking at a large volume of data, so different button detection techniques, how do systems determine whether it really is a bot or a user? So there are a signature based methods that are very similar to old antivirus.
You know, you can look at different patterns of interaction between a user and a site, but most commonly, like I said, it's, it's JavaScript on a browser or in the case of a mobile device, having an SDK that can collect different signals intelligence from the device and to make this effective.
It really depends on having large volumes of data that you can run through machine learning or deep learning detection, algorithm, just sort that out, you're out what is from a user and what's not. And then also behavioral biometrics can, can be helpful here.
If you're seeing activity from a given account, you wouldn't be able to better tell if it was the user, the actual user behind that, rather than a bot, not all bad bots are bad bots, get a lot of business done on the web. They do things like crawl the web for search results, you know, check inventories and whatnot. So there are bots that are, are very essential for, you know, providing us with the web experience that we expect today. But then of course there are also bad bots and gray bots thinking about checking inventory.
There are bots out there that, you know, try to deplete in inventory and competitors.
So there's lots of different kinds of bots that you wouldn't necessarily want to have on your site. So how do you manage them?
Well, there's a few different things you can do. You can challenge them. We all see captures recaptures, things like that. That's a way of deterring. If you hadn't have known the addresses from which bots normally come, you can choose to blacklist or white list them if you want. And then again, you know, some bots are good. Some gray bots may be useful at times, but you may want to do things like throttle cash or redirect them. So if you're having like a high traffic day on your retail site, you may want to limit how many bots can get through.
Even if they're legitimate bots, you may want to send them Joe Cash instead of having them, you know, go against your main site or simply redirect them and park them. So bot management allows you to not only identify which are bots, but also what to do with them when you encounter them.
So wrapping up here, I wanted to talk about what are the best measures for preventing new account fraud. Obviously safeguarding our information, you know, be careful about what you put, where, but, you know, really it's out of our control. Think about old school records or old employer records.
A lot of cases like that. Healthcare, we don't really have a lot of control over the information that's out there in many jurisdictions.
I mean, I think things like GDPR are, are certainly helping for regions where that's applicable identity monitoring services. That's students kind of the default that were issued, at least here, if you're a victim of a data breach, these are services that kind of look for strange account opening events, identity vetting. If you're going to use a remote identity vetting service, then it's good to include a liveliness detection that way you don't have a bad guy out there comparing two different pictures to create an account.
As I was saying earlier, credential intelligence, it's good to keep it fresh device intelligence. There's lots of different possible attributes. Look for things like, you know, the SIM swap events or network history. And then this is where the third-party intelligence services can be very helpful. Knowing where that device has been used to create accounts elsewhere. And then lastly, bot intelligence, is it real or is it a bot?
And again, risk adaptive leading the way to continuous authentication is a great way to help reduce ATO account takeover attacks. And again, we have here, you know, a risk analysis of events should proceed.
Any decision about letting a transaction go forward, if at all possible looking at all these different kinds of information, including user attributes, user history, the behavioral analysis, that wealth of information around a device intelligence, whether it comes from just a given service provider or a whole mobile network operator, and then the environmental attributes, which includes not only location information, but can you determine whether or not malware has influenced the transaction requests that's currently in front of you?
So lastly, what do you look for in a fraud reduction intelligence platform? Just to reiterate it's about functionality. I would say, look for those six functional areas, the ID proofing user behavioral analysis device until credential until behavioral biometrics and bot management. Then also you see that there are different kinds of vendors that are in the fraud reduction, intelligence space. Many times they have experience in different kinds of industries.
I mean, many will focus on the financial industry because it's a huge concern. So looking at who has a wide experience in your industry is important. There are specialists for finance they're specialists for retail, some the deal just with payments, we see more and more that there are companies that are specializing in healthcare, travel and hospitality, government to citizen kinds of interactions, and then performance.
Lastly, to look at here, how scalable is the solution? What are its detection rates versus intervention rates? What are the false positives and false negatives?
And then, excuse me, some, some Fripp solution providers actually provide guarantees so that if you're in a situation as a customer where you may be, you know, have, have a chargeback or some sort of loss situation, if they feel their services strong enough that they provide some sort of guarantee that you're not going to lose money, that's an interesting thing to consider as well.
So with that, I would like to turn it over to Paul from RSA to fill in the blanks on some more of what they see from a customer perspective.
Okay, thank you job. So, as John said, I'm Paul horseback. I'm a systems engineer at RSA. I've been here for four years, work in helping customers to fight for, and I've been in this industry and market for just over 10 years. So what I'd like to talk to you about today is, you know, what has happened in the last six months and how it affected fraud. So RSA is a provider of fraud solutions. We have solutions for customers from beltway research all the way through to preventing fraud at the point of transaction.
And we have solutions that work in that 3d us Cardinal presence, phase two, but I guess what I'd like to, to focus it on is what has changed. And, and obviously there is a global pandemic happening right now and showed a mass migration towards homework. One thing that RSA is has noticed is that, you know, digital transformation has massively accelerated online payments and they've changed hugely.
There've been massive shifts towards online payments.
So there has been an overall increase in the volume of online activity and online banking, payments, car payments purchases, and there'd been some declines in some industries and there've been massive increases in others. And I guess we'll always sit in here today. Haven't spent our time trying to get the CEO or the CTO to release some budget, to start a digital transformation journey. And this pandemic came along and did, or did it for us. People were forced to transform were forced to move people to the homework and environments.
And of course that brings with it new exposures exposure to new channels that perhaps I've not been exposed to the same lengths before or at all. And of course brings with it a whole host of new challenges.
So thinking about the market dynamics, as I said, this digital digital transformation is happening now much more rapidly than we were experiencing even late last year. I think we've reached a consumer tipping point where consumers were an inflection point really where consumers, behavior and expectations is changing all the time.
They expect from us a secure and frictionless access to that accounts to deliver their transactions in a secure and friction frictionless way. And as organizations, we have a lot of outside pressures affecting our ability to do that. We have the FinTech and the API economy plugging into all those different, new ways of working, allowing those different new organizations into, to have connectivity in. So our user access is more improved.
We have the internet of things on the outside making potentially making a banking transaction for us, whether that's a phone or whether that's an echo type device, home, home assistant type device, we have cost per case investigation.
And then we have the rather large regulatory pressures regulatory pressures on the looming 3d S two dot oh two X increase as retailers in particular, start to move towards a, using a platform that allows them to enable that regulation.
And I'm talking here of course, about particularly about PSD two, the center of that, we've still got an ever increasing sophistication in cyber and volume of cyber attacks. So for us, there's our using ever, ever increasing numbers of fraudsters are using an ever increasing sophisticated level of attack in order to try to compromise our consumers. And of course we're responsible in some way for protecting those consumers.
If I take a look at the trends for Q2.
So what we decided to do at the start of the onset of this pandemic is to look at the trends of transactions and this digital economy is evolving rapidly in these interesting times. So in the UK, as an example, we have a massive increase in investments in online banking, people move in towards personal transportation purchases and fitness and sporting goods for all boom industries through Q2, in terms of the number of, or the volume of transactions that we saw go those, those industries. And obviously, as John mentioned earlier, things where we all can't travel at the moment.
So things like airlines, public transportation, tourism, and entertainment, as we're all forced to stay at home, all four large reductions transaction mode.
Now, if we thinking about the fraud trends that we've observed during this pandemic, I think it's clear to see that some of our research teams have uncovered some interesting changes in the way that the fraudsters are carrying out their attacks. So we're very quickly, we saw that for actors and for fraudsters fraudsters pivoted to use COVID as the new method of attack.
Our anti fraud team found lots of examples of messages saying HMLC, which is a UK government tax authority has issued you a Goodwill payment because of the coronavirus pandemic, just click this link to accept that new tax filing and payment due dates are, are now in place. Click this link to see this are very common fishing.
As John alluded to earlier, fishing is probably still the number one threat factor and target for consumers because it's so easy to go to a widespread user base for relatively low cost and attack those individuals and try to compromise, compromise the machines and use that as a spot for further fraud compromise. Even the world health organization's Brandon has been used in a phishing attack to try to get consumers, to click our link, to see advice, fake advice about COVID-19, which obviously is looking to capture data in the background.
Furthermore, we've seen a sharp spike in the number of fraud attempts on either unemployment benefits or business administration loans. Here's some examples, screenshots of either dark web or social media underground, social media sites affecting or selling effectively a package of data that enables you to carry out a fraud for a unemployment benefit claim or a small business loan administration for it.
And these are grown massively during this pandemic time where we compromise or afford to compromise a user's entire sets of data, and is selling that to somebody else who is prepared to try to comp to apply for that money and take off from the government agency. That's offering that support, which of course why in one, one side only affects a government agency, but on the other side effects will have our ability to be able to have to, to claim those things in hard times, because if we stumble across them, there'll be less support available from a government.
If the money keeps disappearing into a frost this pocket, and as John said, can a trick 6 trillion next year is expected to disappear from the various economies. And I think that those figures might look a lot worse when we think about this impact on our governments economies.
If I look at fraud, trends arise, the number of bridge dumps available.
So John mentioned earlier the sort of attack of creating a lot of a biologic don't prefer emails, addresses, and having a go, you know, the credential stuffing attack on a particular site, we have seen an adult where research team that these large films have become increasingly available. There have been significant increase in breaches and data leaks available for purchase on the underground.
And I guess this is because, you know, prompts those of wanting to use these and fractures or wanting to use these, to compromise people during this time, because they will be found on manpower and download resource and focusing on other things. And may not note, it may, it may find a harder time fighting that credential stuffing attack in the middle of this. So these large dumpsters increased massively the number of around somewhere attacks, but the being carried out or being discussed, being carried out I've changed a lot.
And what we've also seen interestingly, as a skew towards healthcare fraud. So healthcare fraud is not something we saw much, lots of, it's not a primary fraud vector in the years up to, and including 20 it's, 2020, but in the first half of this year, we've seen a significant increase in the, in the healthcare sector being attacked by, by fraudsters.
So thinking about, well, a strategy to protect ourselves against, through many organizations today, be they banks or retail or insurance or whatever. Maybe they have a, a breath, a multi-channel approach to the digital banking.
How did that fraud prevention and to the channel? So we, we protect the branch. We look at digital banking. We look at ATM's, we look at our chatbots or IVR channels. We look at our call centers and we're looking at IOT. And what we don't have is we don't have a conceit, a cohesive, consistent, and unified or experience because we don't know how aware the customer reaches out. For example, the customer in a multi-channel environment, each one is identified differently, could be the branch where they use their social security number.
We could website or not might be used by a username, unique username and password. When they get to the ATM, I have a card and a pin, and then the call center, they have a, an IVR. My force is bypassed and all of this is difficult and leads us to a much fragmented user experience. If we think about the channel should be well, Omni channel should be a cohesive experience. Omni channel is one identity across all channels, try to minimize that those different for the customer.
So what RSA really does is try to leverage that single identity as organizations move towards this Omni channel approach, try to leverage that single identity to increase our fraud detection capabilities.
And I'm thinking about that a little, our banks fraud management evolution really is to try to layer and centralized fraud, risk management across all those different channels, whether they be physical branch user access, whether they be call center online, whether they'd be the card channel while a user is using their card to shop online.
What RSA has is a centralized fraud protection and management hub with a comprehensive view across all of those channels. And that's both online and offline. We can share knowledge and awareness of a customer's interaction with the organization and let disables.
This enables us to track fraud across those channels, whether that's detection and mitigation layer, where we can start to detect and mitigate fraud after we've seen account access and, and got our fraud management risk policies in, in place and whatever channel that is in the, in the journey for that customer, we're able to layer across that with centralized fraud, risk management.
No, we do realize I've guessed that many banks and retail customers have a lot of different solutions, even in a single channel.
So sometimes, you know, each solution solves a specific problem, but it gives us a challenge to Coro correlate all that information together. And that's where we can step in and leverage it with our authentication or adaptive authentication or a fraud management platform solutions step in. And we'll leverage that all of that data in one place to make that the, the inflection point. So I guess the bottom line is we can have more streamlined operations in a more secure environment and a smoother end user interaction and experience. And there's the important thing.
There is the end user experiences remains the same across all of those channels.
So what are the benefits of this approach?
Well, firstly, of course we can prevent fraud in multiple channels instead of individual. We can tie those together to increase our capability, to protect fraud. We can look beyond just web or mobile and start to look to other channels, to increase our ability to catch that web and mobile all and centralizing fraud management gives us a holistic view of our users across all of the channels RSAs platform for prevention and risk and target suite is broken down into three main components that is the RSA adaptive authentication and the RSA adaptive authentication for commerce products.
These products are driven by our class leading risk engine. So as John mentioned heavily before these device profiling user profiling type scenarios, in order to prevent things like account takeover and or fraud transactions, these require a machine learning risk engine. So at the heart of our solutions is our machine learning risk engine, which takes in all of that data, those device profiles, there's behavioral profiles, there's transactions or consumer authentication.
When we challenge our user, I mean, it's successful.
We can feed our risk engine to let it learn that that challenge was successful. We can take that data and we can let our risk engine profile over time to understand what good looks like. And then in the longer term, that means we can also understand what bad looks like. And that means we can step in and step up challenge that user John talked earlier about bots.
For example, whilst we don't have a specific bot protection module, what we do is we profile the users behavior over time, which allows us to very quickly see that as John said, you know, it's impossible for them to have a geo location in Cuba, and then an hour later have one in Japan. And that will be something that our system could advise off and step up challenge that transaction accordingly, similarly with about authentication for e-commerce that enables us to do the same thing, but in the e-commerce channel.
So our RSA has a product that is an ACS provider in the EMV code, 3d secure space. So I talked to them about that 3d S two, changing the way that businesses do business, that retailers do business PST to driving that behavior towards the 3d S to market RSA as a key Mark Key player in that market space and provides customers with risk-based authentication and step-up challenge inside the market that enables them to meet their PST two regulatory demands whilst keeping their fraud prevention rates high and their interruption rates as low as possible.
And then finally, something you've seen during this, during this presentation was those screenshots from our fraud action team. So RSA fraud action is our threat intelligence platform. We do underground.read research. We have automated calls to take down phishing attacks. So when a phishing attack happens, new fishing site is for not, we have the ability to automatically grab that, recognize it as a fishing site and request that the ISP take that something bad.
And that gives us the ability to confidently put in a holistic fraud management approach.
And the last part of this is the RSV fraud network. This is RSAs consortium data. This is where all of our customers, when they find the frost is information ends up in this RSA E road network. So many of our customers get an initial Lego a benefit when they stop using our platforms, because they're able to benefit from the known fraud data that is inside that for our P fraud network.
So when a transaction happens against my organization, if it's already showing the same pattern as a fraud stuff from another organization's traffic, then we're able to step in and challenge or decline that transaction immediately.
So how do you assess your only channel fraud prevention strategy and what will be some good best practices and key takeaways for you today?
Well, I guess the first thing is to think about fraud detection, rates and intervention rates move away from this feature function capability checklist, where we checklist all of what is available. And we make a decision based on the person who checked the most boxes and evaluate solutions based on what the end game is, which is to reduce fraud, to have low, false, positive rates, to have as high a transaction success rate as possible. And to retain your consumers.
Friction is a big reason why your consumers will put your car to the back of the wallet, or maybe move to a newer organization or in the retail space, maybe go and buy from somewhere else. The friction is a big reason why people move away. And I think it's important that for customer retention, that we think about the solutions that have the least friction and the best fraud detection rates combined together.
So I guess last, lastly from me key takeaways from today's presentation, the global pandemic has changed everything.
Digital transformation is happening much faster than we thought frost does act across channels. They don't care and social, your fraud prevention tools. We will first, this will work everywhere and social Jew, you should manage fraud holistically and not in silos. And that enables you to balance the user experience with that fraud prevention. Think about vulnerabilities in your fraud prevention efforts and look to mitigate focus on accurate fraud detection, low intervention, and an efficient step up process.
And I guess lastly, the fraud prevention tools and strategies should really be reviewed and adjusted periodically to ensure that you keep on top of the latest trends and that you don't get behind in this fight against the fraudsters. Thank you very much.
Thank you. Follow. It was pretty enlightening there. We haven't got a couple of questions, but I would like to remind everybody that over on the side and the go to webinar control panel there's questions, blank, feel free to type some men and we'll take them.
So, first thing I see here is you mentioned in your last slide, when thinking about a fraud tool, we should focus on fraud rates versus intervention rates. Are there any benchmarks we should be looking at? I guess I would just say, you know, obviously you have a month to pick tools that employ these ML detection techniques to reduce false positives and also reduce the friction like you were saying.
So, you know, you don't want to be intervening. You don't want to be forcing some sort of additional authentication or verification event during the course of normal transactions. So transaction success rate is important.
What, what are the benchmarks that you see customers asking about? All
Thanks, John.
Yeah, I guess in, in EMEA, we pay us T2 looming customers have a certain number of sensitive transactions. They just have to challenge and the better they can get from detection, the fewer of those transactions, they have to challenge because they can lift that threshold of dimension higher.
But we, we consistently see our customers performing 95% fraud detection rates with single digit intervention rates. Three to 5% intervention rate is a normal rate for, so for our customers today, pre PSD two, we, we hope that it's not going to change too much in the, in the PSTT future. And we hope that in the long-term that will actually improve matters because the more we challenge the better our fraud detection should be. So one of the negatives of having to interrupt our consumer can turn into a positive and increase for our prevention because we all by default catch more fraudsters.
So we have 95% fraud detection rate coupled with a three to 5% intervention rate is normal for our finance customers.
Okay. Now the carts in here at the start of the presentation, you talked about digital transformation, accelerating due to COVID-19 organizations, feeling pressure to do more with less acute pressure placed on business finance, I would say, yeah, I would.
There's, there's probably a good element of that, but I've also heard from both many people on the end user organization side, as well as vendors, that things like identity management, cybersecurity, fraud reduction, those budgets are not really being cut. And in fact, in many organizations they're being increased right now, what, what are you all seeing?
Well,
Yeah, I would agree, I guess you're right. Budgets aren't necessarily being caught in this area. I have had a lot of customers recently who have spent some of the planned future budget on digital transformation early because of the pandemic. So think that some customers have spent spent money this year on realizing a Titan of their budgets in the fraud prevention space, at least in the very short term, until they can unlock budgets that have been spent this year, or the worry about makeshift have been spent this year.
But overall I think the, the overwhelming feedback from my customers is if they can save money in fraud and save more in fraud than they're saving today and save more than they're spending than they might spend on acquiring a particular tool or solution. For example, I find that that means that they are able to repurpose some of those frauds savings for other things that perhaps they can't necessarily do right now because they've spent money on digital transformation, accelerated digital transformation with new equipment and making security locked down. So people working at home, et cetera.
So I think that, you know, a good fraud prevention tool that saves you more than you're currently losing today on fraud, I guess means that you can repurpose some of that budget.
Yeah, that's an excellent point.
Well, I don't see any other questions. Well, thanks everyone for attending and thanks, Paul and RSA for your side of the presentation. Lots of good information there. Okay. Yeah. Please join us on a future event as outlined earlier, and we are recording and we will have the webcast and the slides available later this week. So thanks everyone. Have a good rest of your day.
