In Part I of our series on mobile fraud prevention, we provided an introduction to the benefits and challenges of mobile commerce. We focused on the importance of addressing mobile as its own channel, taking into account both the user experience, and the unique risks of mobile.
In Part II, we addressed common mistakes businesses often make as they enter mobile commerce. Mobile is usually treated as an extension of online commerce, which increases the risk associated with it for most providers.
Here in Part III, we’ll discuss the unique opportunities mobile presents for managing risk, and how you can use natural information from the user experience to supplement your risk program.
1. Leveraging the Phone.
- Apps can provide accurate location using latitude & longitude.
Rather than analyzing IP location for payment, many apps already collect location data to better inform the consumer of nearby stores, coupons or deals in their area, reviews, and more. In these scenarios, a device’s proximity to the billing address can be a strong positive indicator. On the flip side, however, purchases outside a reasonable ratio of the billing address, or opting out of providing these details aren’t strong indicators of fraud in themselves.
- SMS verification
Correlating the correct phone number with an account via SMS verification helps build a strong customer relationship. While it’s desirable to associate a phone number with an account, just the fact that a customer responds to SMS verification is a positive indicator, especially when responding correctly to a challenge. On the other hand, failure to verify through SMS is also a very strong negative indicator. In contrast to what many merchants believe, SMS verification usually increases customer satisfaction, especially on high value orders.
- Phone type as a risk indicator
In general, prepaid phones, toll free phone numbers, and Voice over IP (VOIP) are higher risk than “normal” contract carrier phones. Voice over IP can be tricky though, as some industries- for example, online gaming- have demographics more prone to using VOIP. Phone type in these scenarios should be used in conjunction with other indicators.
2. Leveraging the Knowledge of the User
- Recycle natural user information where available
Customers tend to share more data through smart applications, where information is collected passively, and when there is an incentive to do so- such as sharing extra information to receive coupons or rewards. Much of this information can be reused for risk analysis purposes.
- Carrier Data
Some providers have a level of insight into carrier data- this data can used to match subscriber and phone number.
The mobile channel taps into underbanked and unbanked demographics both domestically, and abroad. Depending on your type of business, finding data partners that have visibility into these demographics can be essential.
- International Identity Verification
Some countries maintain local user databases with name and address information that can be used for customer verification- find a partner with access to these databases.
3. Knowing the Risk
- Discriminate by Risk
Not all transactions are created equal. It’s important to segment your traffic and create profiles based on the risk they pose to your business. Analyze, and add friction where necessary. The most basic discriminations and examples include:
– Mobile vs. Web
– International vs. Domestic
– High ticket items vs. Average ticket items
– Physical vs. Virtual Goods
- Payment Types
All payment types have different risk profiles- make sure you understand how to measure and translate this risk. Fraudsters will take advantage of the nuances of different payment methods and models. This also includes rewards and coupon systems, stored values, and similar programs.
- Visibility across the ecosystem on underbanked/unbanked demographics
With higher rates of unbanked and underbanked audiences now using mobile to access the financial system, it’s important to find a way to verify audiences who may not be recognized in established databases. A solution like IdentityMind is an important asset in this regard.
Mobile devices will continue to be adopted at an accelerated pace, and are already bringing new demographics into digital commerce and financial services. 52% of smart phone users with a bank account have used mobile banking, and 22% of all mobile phone owners reported having made a mobile payment according to the Federal Reserve’s 2015 report. Mobile will continue to grow as a fundamental aspect of international commerce, and the most successful providers will offer high-value user experiences through sophisticated apps.
However, without an accurate understanding of risk challenges and investment into proper risk management strategies, the cost of fraud in mobile commerce will continue to hinder the ability of merchants and providers to operate cost effectively in this channel.
IdentityMind: Fraud Prevention for Mobile
To compensate for these challenges, we’ve created a solution specifically for mobile providers. Our mobile fraud prevention combines superior identity verification services and technology, with fraud policies designed to accommodate mobile channels, seamless use of natural user information, and our core Electronic DNA™ to provide worldwide fraud prevention services in even the most difficult environments.
On March 31st, we announced our strategic partnership with Mozido to expand safe, secure mobile commerce around the world.
Mozido’s mobile payments platform includes mobile financial services, loyalty programs, and mobile offers for business and retail. Through its white-label, cloud-based platform MoTEAF, Mozido serves people around the world who choose to manage their money using their mobile phone rather than relying on traditional financial institutions. Mozido’s MoTEAF platform is highly interoperable, works with virtually any wireless carrier or mobile device, and integrates easily with products from other vendors.
This partnership bolstered our vision, and importantly, increases our footprint in addressing the challenges associated with preventing risk on mobile platforms for payments, money transfers, and overall digital commerce worldwide.
For more information on IdentityMind and our fraud prevention services for Mobile commerce, feel free to reach out to us at [email protected].
If you have comments or reactions to this series, or would like to see how we can address other use cases please drop us a line through our twitter @identitymind or send us an email to [email protected].