A common theme in the inquiry calls that I am getting at the moment is clients seeking insight into how the pandemic is affecting online fraud rates. It’s a valid and interesting question, for sure…….and one to which I don’t have the answer.
Various vendors have released reports discussing what they’re seeing across their own client bases – although if you cast a critical eye across many of these reports they are really telling you more about how ecommerce volume is varying across industries, rather than actual data about fraud rates. Online grocery shopping is up, airline bookings are down.
With no consistent approach to looking at this across the different vendors, it’s hard to draw meaningful conclusions. Some of the data seems to show a relative increase in transactions that are judged to be fraudulent and declined, and an increase in login attempts that are deemed to be account takeover (ATO) and are blocked. Other data isn’t quite so clear.
For vendors this represents an opportunity to address a potentially growing need for their services, but it’s also important not to be seen to be exploiting the situation to stoke up demand for services. It’s unclear where that balance lies.
How useful is it to know whether there is an increase in fraudulent activity during this pandemic? I’d argue that you need to keep your guard up at all times as a B2C business, whether in banking or ecommerce or in other verticals. You should be regularly reviewing your fraud detection strategy and the capabilities that you have deployed, deciding how you want to strike the balance between risk and CX, and working in close partnership with your vendors. That should be your BAU approach whether there is a pandemic or not.
What has been more interesting to me is how businesses have had to adapt their existing fraud screening processes – not to look out for more fraudsters specifically, but to adjust to new norms of shopping behaviour and not decline genuine customers. Rules and models may have been accustomed to your pre-pandemic behaviour…..the days and times when you shopped, how much you typically spent, the device that you used. Once in lockdown, that may all have changed, and many fraud detection strategies may have been struggling to keep up. Buying 24 tins of tomatoes and half a dozen velour tracksuits online at midnight on a Weds night may have looked suspicious a few months ago, but now….not so much. A flippant example perhaps, but illustrative nonetheless.
The key message coming out of all this to me is not whether your fraud detection strategy is able to deal with (possibly) higher rates of fraud attacks. It’s about how flexible and easily adaptable your fraud detection strategy is to unexpected changes in the environment. Succeeding in the pandemic isn’t just about stopping more fraud attacks. It’s about adapting to changing customer behaviour to ensure that the vast majority of your customers who are genuine and in desperate need for those tinned tomatoes and velour tracksuits in the middle of the night can get what they need.
Five Board Questions That Security and Risk Leaders Must Be Prepared to Answer
As board members realize how critical security and risk management is, they are asking leaders more complex and nuanced questions. This research helps security and risk management leaders decipher five categories of questions they must be prepared to answer at any board or executive meeting.Read Free Gartner Research
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.