Fraud continues to plague the digital world, despite the fortunes spent to curb it. Industries that operate solely online are some of the most vulnerable to fraud, including that of online travel. Many of these schemes take the form of clean fraud or friendly fraud — which sound innocuous, but are actually never-ending threats that many fraud-fighting systems are ill-equipped to counter. They leverage real identities rather than invent new ones, meaning that artificial intelligence (AI)-based fraud detection solutions that rely on pattern recognition to spot inconsistencies will notice nothing wrong.
However, security measures designed to stop fraud run the risk of alienating customers, inconveniencing users to remember complicated passwords with numbers and special characters, or submit to potentially intrusive biometric scans. Striking the balance between security and seamlessness is an enduring struggle for security providers, and a perfect solution remains elusive.
In the December “Digital Fraud Tracker®,” PYMNTS explores the latest developments in the world of digital fraud, including a new JavaScript skimmer plaguing eCommerce sites, Priceline’s efforts to balance security and convenience, and how clean and friendly fraud defy their innocuous names to menace online retailers.
Developments Around the World of Digital Fraud
Cryptocurrency is a popular target for cyberattacks. A recent study found that hackers stole $4.4 billion of cryptocurrency during Q3 2019, a year-over-year increase of 159%. The increase is due to a relatively small number of high-value schemes, including a $3 billion theft via Ponzi scheme in Asia, and a series of heists perpetrated by North Korea-backed cybercriminals. Chinese authorities arrested six members of the Ponzi scheme over the summer, and the U.S. Department of Justice arrested an alleged accomplice of North Korea’s cryptocurrency racket.
Fraudsters are deploying a variety of tools to execute their schemes. A team of Visa security researchers recently discovered a new JavaScript skimmer that has infected at least 17 eCommerce websites. The skimmer monitors and attempts to steal inputted payment information, and avoids detection by uninstalling itself after its theft. The malware has not yet been found for sale on darknet marketplaces, leading the researchers to believe that it is the work of either a single bad actor or a group of bad actors.
Technology providers are working on solutions to curb these cyberattacks, including DataVisor. The fraud detection solution provider is collaborating with credit reporting company Experian to augment the latter’s CrossCore platform with machine learning-powered transaction risk-assessment capabilities. The system is meant to replace old rules-based systems with more proactive fraud analytics to stop fraud before it occurs.
For more on these and other digital fraud news items, download this month’s Tracker.
How Priceline Balances Security and Convenience With AI
The online travel industry is a honeypot for bad actors, using stolen payment credentials to purchase vacation packages and resell them for profit. Combating them, however, comes at a cost, as onerous security protocols may scare away legitimate customers.
For this month’s feature story, PYMNTS spoke with Eric Lorenz, vice president of finance operations for Priceline, about how the company leverages AI to promote security and seamlessness.
Deep Dive: Why Clean and Friendly Fraud Are Anything But
Digital fraud wears many hats, but two of the most damaging and difficult to detect are clean fraud and friendly fraud. Both utilize existing identity information rather than invented data, but are different in one key manner: Clean fraud uses stolen identities from someone else, while friendly fraud uses the fraudster’s own information.
This month’s Deep Dive explores how both types of fraud wreak havoc on merchants, and analyzes how using real data makes them so hard to catch.
About the Tracker
The “Digital Fraud Tracker®,” done in collaboration with DataVisor, serves as a monthly framework for the space, providing coverage of the most recent news and trends, along with a provider directory highlighting the key players across the segments that comprise the digital fraud ecosystem.