From criminals creating fake accounts using stolen or synthetic identities, to exploiting the traditional onboarding process, to capitalizing on data breaches to launch credential stuffing attacks; there seems to be no shortage of avenues fraudsters are using to launch attacks aimed at online businesses.
The pandemic hasn’t helped either, creating an ecosystem that has accelerated cybercrime across all industries and sectors.
“What we see today is the highest level of successful fraudulent attacks, more people are being targeted, unfortunately, and cybercriminals are getting cleverer,” Tamas Kadar, CEO at U.K.-based fraud prevention firm SEON, told PYMNTS in an interview.
He said cybercriminals are using bots and heavy automation to retrieve passwords and access websites to gain financial advantage over the businesses attacked.
The introduction of open banking in Europe, enabled by the revised Payment Services Directive (PSD2), has also had a negative effect on the payment landscape in the region, leading to a surge in chargeback fraud in the last few years.
Read the PYMNTS report: Mitigating the Chargeback Surge in eCommerce
And recent data from PYMNTS backs this up, showing that 39% of eCommerce shoppers in three countries surveyed — Australia, the United Kingdom, and the United States — say they are disputing more transactions now than they did before March 2020.
Overall, Kadar said businesses could not have anticipated, and have been caught off guard by, the magnitude of the problem: “As they moved online and started to provide more digital services, many businesses were not prepared, so their approach has been more reactive than proactive.”
Strengthening Firms’ Cyber Ecosystem
This lack of preparedness is partly why the British-Hungarian online fraud prevention firm, founded in 2017, has been supporting businesses with solutions around digital identity validation through its API-first platform, connecting it to the entire customer journey, starting from onboarding.
“It’s a frictionless, invisible way of verifying user accounts and transactions. We use methods of data enrichment, digital footprint analysis and machine learning to score onboarded customers and their transactions,” he explained.
The London-based company has grown significantly in recent years, becoming “the go-to fraud prevention solution” for companies like Revolut, NuBank, Afterpay and Patreon in the last year alone. It also tripled its annual recurring revenue and opened new offices in Indonesia amid plans to further expand its U.S. operations in the next two to three years.
Read more: Fraud Prevention Firm SEON Raises $94M
As further proof of their growth and boom in investor confidence, the FinTech firm recently raised $94 million in a Series B round, which has been partly earmarked for increasing the number of partnerships with eCommerce platforms.
Holistic, Multilayered Approach
Cybercriminals are getting smarter and finding new loopholes to threaten businesses, an indication that companies and fraud protection providers have to be on top of their game.
The most effective way to combat these attacks, according to Kadar, is to cover all their bases by taking a multilayered, holistic approach that engages different cybersecurity providers.
“For almost every type of cybersecurity problem there is a different solution to apply for. It’s very rare to find a [single] provider or out-of-the-box solution which can be applied across all these different problems,” he explained.
The biggest asset companies have, though, is the amount of data they’ve collected. It’s all the more reason why businesses should invest in cybersecurity and be proactive in securing their own databases, ensuring that they are compliant with regulation and implementing the best practices.
Moving forward, he said they are looking to create a solution to help clients verify a URL or a business online using the same data collection and enrichment process they are employing today.
And given the heightened geopolitical risks, moving into the anti-money laundering space would not be such a bad idea either.
“It’s very useful for many businesses to check the sanction list and politically exposed persons lists to see if that individual who they’re interacting with is part of any of those lists,” Kadar said. “That’s something we’d like to achieve.”
Sign up here for daily updates on all of PYMNTS’ Europe, Middle East, and Africa (EMEA) coverage.