SBN

How do you stop payments fraud with the CARTA approach?

Spoiler alert: user verification happens ongoingly in the background, cutting customer friction. Adopt a continuous adaptive risk and trust assessment (CARTA) – aka Connected Intelligence in the Mastercard world – to prevent fraud and boost online sales.

 

In our last post, we talked about assessing every step along the way in a customer’s journey. Starting at login and finishing at checkout, this approach to fraud detection is what Mastercard has been promoting as Connected Intelligence and Gartner supports under the name of CARTA (continuous adaptive risk and trust assessment).

Traditionally, users are authenticated at login and perhaps again at checkout. As a user, you know the drill: to log in, you may have to verify who you are through a one-time password or may have to answer questions like your mother’s maiden name, your first pet, and the best man at your wedding – answers that could be gleaned from your social media. You happily shop for a birthday gift and get to the checkout, only to decide to have it delivered to your new office address instead of your home so you can keep the surprise. Except this leads to more friction to confirm the legitimacy of this unexpected address change.

New address? Please enter the code texted to your mobile phone. Oops, forgot the suite number. To edit, please enter another code texted to your mobile. And when you enter a new payment method that can lead to – yes, you got it: more friction!

According to research by PYMNTS.com, this sort of friction costs U.S. online retailers $200 billion a year in lost sales. Furthermore, 44 percent of shoppers never use that retailer again (Javelin Advisory Services).

There’s another problem with this screening method. With a little research or the right software to intercept the one-time code, a fraudster could make it past the login to steal credit card information, loyalty points, or simply buy goods for future resale.

With this siloed approach to security, we end up with friction, false declines, and, yes, fraudulent transactions. It’s definitely time to implement holistic fraud prevention methods that take place throughout entire interactions. This is the CARTA (Gartner), or Connected Intelligence (Mastercard) approach.

 

What to look for in a CARTA solution

Trust and security are not static. Fraudsters often evolve methods more quickly than security platforms can, and that’s how they stay in business. Gartner recommends buying fraud detection and prevention tools that are connected to each other to get the deepest insights possible. They need to focus on malware and bot detection, behavioral analysis, event monitoring, and more (Akif Khan, Gartner, Take a CARTA Approach to Building a Successful Payment Fraud Detection Strategy for Digital B2C Channels, August 2019).

It’s also important to use a solution that breaks down siloes across all platforms, because that’s where the fraudsters can break in, says Gartner analyst Akif Khan. He writes that “rather than looking at individual security tools, [CARTA] leverages a multi-layered security connected through thousands of data-based decision points that mitigate fraud at every step throughout the customer journey.”

Khan suggests enterprises that take the CARTA approach, produce real-time results, and predict fraudulent behavior as well as prevent it.

Here’s a few things from Gartner’s list of what to look for when shopping for a security platform:

  • Open APIs to enable integration with your sites so transactions are seamless
  • Multiple protection techniques
  • Full access to your data without penalty (these are your customers after all)
  • Omnichannel screening of all devices accessing an account identify
  • Adaptive technology that learns your customers’ behaviors, improving results and becoming more accurate over time

 

A connected intelligence is best practice

The best way to stay ahead of payments fraud, leveraging CARTA, is following Mastercard’s Connected Intelligence. This embodies Gartner’s approach, bringing together machine learning and artificial intelligence, evolving rules and data insights.

With Connected Intelligence, Mastercard puts together the power of different technologies, including NuData’s behavioral knowledge. Transactions are analyzed at each point from attempted login to final checkout, monitoring an enormous amount of data for unusual behavior from both humans and bots. This passive authentication happens invisibly and dramatically reduces friction for your customers.

As part of Connected Intelligence, supported by Gartner’s CARTA approach, NuData provides the following security layers at every stage of a session:

  • Device: Is this the same device used in the past, or is this a new one? Where is the user located? Is the location the same throughout the transaction, or does it change partway?
  • Behavior: Is this human or non-human behavior? Do they always act like a human? Is this behavior expected for this account?
  • Passive biometrics: How is this person typing or holding the device? Are their inherent movements similar to what we’ve seen in the past?
  • Behavioral Trust Consortium: NuData has the biggest behavioral network, with over 650 billion behavioral events monitored in 2019 alone. Real-time data across its clients is processed, anonymized and encrypted, and stored to build predictive models that prevent known and emerging types of fraud.

 

A final word about machine learning

As the platform gets to understand its users, it becomes increasingly effective. Friction costs online merchants $3.00 in lost sales for every $1 lost to fraud, according to Christopher Bailey, NuData CEO. In behavioral and passive biometric verification, machine learning rescores users with each transaction, continually improving results and preventing false declines.

Using those powerful layers combined at the different user touchpoints, from account creation to purchase, retailers can understand threats earlier in the process and block them before they generate any losses. This is the core value of following the CARTA or Connected Intelligence approach.

Get to know your user’s experience if you use a Connected Intelligence approach.

Learn more about the CARTA approach by downloading Take a CARTA Approach to Building a Successful Payment Fraud Detection Strategy for Digital B2C Channels.

The post How do you stop payments fraud with the CARTA approach? appeared first on NuData Security.


*** This is a Security Bloggers Network syndicated blog from NuData Security authored by Yash Chaurasia. Read the original post at: https://nudatasecurity.com/resources/blog/how-do-you-stop-payments-fraud-with-the-carta-approach/