Ai Editorial: Leveraging dynamic friction to only target dodgy shoppers

13th November, 2019

Ai Editorial: Authentication of risky shoppers shouldn’t hamper the digital experience of all. Rather merchants must focus on finding ways to applying the right friction to right person at the right time, writes Ai’s Ritesh Gupta


Filling a form, verifying a payment method, registering for an account…when a shopper is presented with such options in the booking flow, it evokes resentment. No one likes to spend extra time or make that additional effort to verify their identity knowing that they are legitimate shoppers.

But travel merchants have to ensure that the least number of fraudulent transaction slip through. Key then lies in identifying that anomalous shopping behaviour in a more shrewd way that doesn’t screen every shopper!

As Sift’s Trust and Safety Architect, Kevin Lee points out; merchants can’t get away with their airport screening approach. Travel e-commerce players have to ensure trusted shoppers or consumers can sidestep added authentication, while potentially risky users undergo that further screening.

“They (merchants) need to focus on dynamic friction,” said Lee. “The concept means having the ability to apply the right friction to right person at the right time.”

The team at Sift describes it as the optimal application of friction to user journeys based on behavioural and situational attributes, applying it to the right person at the right time.

Many companies have this airport security approach where everybody has to go to two-factor authentication (2FA), enter CAPTCHA etc.

“Honestly that’s a terrible experience because 99% plus of consumers on a platform tend to be legitimate. They just want to move from A to B (or shop legitimately with any retailer),” said Lee.

So how to apply dynamic friction and what sort of signals can be used? Since there is so much of data from customers via the app usage, device usage etc. there is a need to use behavioural fiction or behavioural dynamics looking at the signals to identify normal behaviour for an authentic shopper on an app or an online platform. And then being in a position to spot an anomaly where certain behaviour doesn’t seem to be normal. Then only there is a need to introduce certain friction or additional check in the shopping process. 

For example, looking at a certain security measures for a particular fraud, MFA is deemed to be an astute way of shielding user accounts, since hackers or fraudsters don’t often have access to the additional factor required to authenticate. But merchants fear that the introduction of MFA would cause friction. The way to go forward then is to capitalize on dynamic friction, because the judicious use of this authentication method doesn’t disturb the experience of authentic users and only those go through the MFA that fall in the category of risky users.

Also, the specialists ensure that as a shopper moves from the discovery process to the completion of the transaction, all interactions are assessed for risk. In case a risk touches a given threshold, extra verification comes it play. If the interactions come across as reliable, that extra authentication is eradicated, providing the shopper a more rationalized experience.

So in case of account takeover protection, the real-time risk evaluation suggests the level of authentication a particular shopper/ consumer should go through. Riskier actions with more red flags trigger MFA, while suitable actions pave way for a smooth interaction.

Dynamic friction in the travel sector

The application of dynamic friction in the travel sector, especially among airlines, is poor at this juncture, said Lee.

What tends to happen is that there are lots of legacy systems and rules in place to stop illegitimate shopping from happening. But 100% rules-based fraud prevention isn’t proving to be an ideal solution today. It’s not dynamic enough, it’s not fluid enough, said Lee. All of this is important since consumer today are very demanding when it comes to what they purchase, when, how and where they purchase. And that’s where machine running has contributed in terms of responding not only to new types of fraud but also to better recognising legitimate shopping behaviour. 

Sift recommends an apt blend of risk and revenue decisions:

  • Rather only looking at shielding the bottom line, also evaluate how to deliver a superlative UX while mitigating risk.
  • Embrace a growth mindset - Customer data is leveraged across all teams to make decisions that balance growth initiatives with risk policies.
  • Machine learning fraud prevention leverages customer data to assess risk in real time and route users to the appropriate experience based on that risk.

Ai’s new 2020 conference dates: