First Published on 29th August, 2017
Ai Editorial: Managing revenue and fraud shouldn’t be about adding friction to transactions. One needs to set right expectations from initiatives such as Dynamic 3DS and biometric authentication, writes Ai’s Ritesh Gupta
Airlines, just like any other e-commerce business, need to cater to a variety of payment methods, currencies and devices.
As much as consumers experiment and embrace new forms of payment options, each new technological development introduces new avenues for fraud, meaning detection and prevention efforts need to be just as agile.
Airlines can’t afford to slip on one main count. Many fraud prevention methods introduce dilemmas between maximising revenue and minimising fraud – e.g. with more rules, implementation of 2FA or multifactor authentication fraud rates can be lowered, yet more genuine customers will be blocked; on the other hand, with less rules and lax authentication to maximize revenue, merchants will be more vulnerable to fraud attacks.
Avoid more friction for users
This dilemma only exists because airlines and travel companies are still relying on introducing more and more friction for users as a means of preventing fraud, says Justin Lie, CEO, CashShield. Citing an example, he says the new introduction of Dynamic 3DS promises greater conversions and less users blocked (on a case-by-case basis), but it still remains a rule-based system with restrictions that block users and introduce friction during payment.
The new version of 3-D Secure is being considered for supporting app-based purchases on mobile devices, and paving way for sharp risk-based decisioning for frictionless authentication. Other aspects include multiple authentication options, including passcode and biometrics, and integrating seamlessly into the checkout process. Even as this tool can play a part in combating illegal transactions and criminal fraud moves, airlines need to consider potential hurdles as well. As Lie points out, the problem with Dynamic 3DS is that it is controlled by card issuers and is therefore still working with the same set of data as before. “They are unable to tap on the merchants’ data for more information on fraud and are not as smart and flexible as they tout themselves to be. Therefore, merchants cannot expect Dynamic 3DS to be a be all and end all solution to solving fraud woes,” he says.
Merchants should still develop their own fraud tools that are able to tap on their own sources of data for greater efficiency and more accurate detection of fraud.
As we highlighted in one of our recent articles, rather than hard rules, airlines should direct fraud prevention efforts on behavioural analysis instead, which is compatible with all various payment methods, currencies and devices. A further step in sustaining or even improving conversion rates for airline can be to develop a decisioning algorithm with the mandate of maximising revenue at an optimal level of fraud risk. This will make the airline’s fraud prevention methods truly agile at maximising revenue while minimising fraud. Specialists point out that rules-based systems are in general reactive and probabilistic solutions, which is why they are unable to prevent fraud before it happens. Probabilistic frameworks only seek to train the system on historical data, and do not possess the expertise to move beyond probability scoring for fully automated decisions, thus crippling the system on manual reviews. Because of the need for manual reviews, rules-based systems also start to show cracks at high volumes, and reduces the company’s ability scale on demand.
Being susceptible to unknown fraud attacks
Among other developments, the industry has also been focusing on Dynamic Authentication. It uses multifactor authentication, machine learning, fraud intelligence and advanced device recognition technology.
“While the intentions of Dynamic Authentication to stop fraud in it tracks may be applauded, it also introduces new problems for users and cannot be seen as the be all and end all. Multifactor authentication, dynamic passwords disrupts the user’s experience severely and are forms of unnecessary friction that will be especially felt by the older generations,” says Lie. He says at the same time, Dynamic Authentication’s use of machine learning technology is still heavily reliant and trained with historical data, using old (and dated) fraud patterns to predict future fraud. This means that even with Dynamic Authentication, travel companies can still be susceptible to unknown cyber fraud attacks.
“Dynamic Authentication is very counterproductive, considering the added friction placed on users. On average, only 70% of dynamic passwords delivered are used, while merchants see a 40% reduction in purchase conversion rates after introducing Dynamic Authentication. Cart abandonment rates also grow significantly, but merchants do not track these dropout rates. Merchants must understand that even if fraud losses are mitigated, their business potential and opportunity costs have been restricted, since many genuine users are turned away constantly,” explained Lie.
As for biometrics, this technology can turn out to be an important proof in indicating that a shopper did authorize a transaction. At the same time, as Monica Eaton-Cardone, COO, Co-Founder of Chargebacks911 points out, this would be futile if the card network won’t consider biometric data as verification. In one of her blog posts, she mentioned that the industry “must revisit their policies before biometrics can be a truly effective method of fighting fraud and recovering revenue”.
“Card networks need to make biometric authorization a cornerstone of the dispute process,” asserted Eaton-Cardone.
So it is imperative for airlines and all other travel e-commerce players to study in detail the utility of emerging tools and technologies. What is going to be their role in managing criminal fraud, friendly fraud, chargebacks etc. and the same time how they impact the customer experience at the time of making a transaction.
Follow Ai on Twitter: @Ai_Connects_Us