![Native[risk]](http://images.squarespace-cdn.com/content/v1/65704856a75e450a6d17d647/f3aa0ca7-8a4d-4034-992f-9ae514f1127e/Native+risk_logo-invert.png?format=1500w){kind=logo}
#50 - The overlooked truth about false positives
We talk so much about fraud prevention, but let’s face it: most businesses, most of the time, don’t have a fraud problem.
Fraud comes and goes, and especially mature businesses would know how to detect and suppress it relatively quickly.
The real problem these companies face is that of false positives, lost revenue, and user friction.
But funnily enough, when those companies look at the vendor market, no one really talks about solving this problem.
I mean, sure–almost every vendor will have an “up to 22% increase in revenue” kind of statement on their website, but do they really explain how they reduce false positives?
No. Instead they would opt to explain how their unique technology is designed to catch the most sophisticated fraudsters. Exactly what most businesses don’t think about most of the time.
So where do you look if you want to drive false positives down?
You look at data enrichment vendors.
Why do data enrichment vendors get ignored?
When I speak about data enrichment vendors I mean the collective assortment of vendors that specialize in providing intelligence on user identificators such as email, address, identity, device, IP, etc.
Most, if not all of these solutions, would be categorized as “point solutions”. Meaning, their role is mostly limited to enhancing your decision-making with additional data points.
These are not end-to-end fraud prevention platforms that allow you to deploy rules/models, facilitate case management, or manage disputes.
As such, they would rarely be the first fraud vendor a business would partner with, if at all.
But here’s the thing about data enrichment vendors:
Do they help you detect more fraud? Yes, but honestly, it’s usually pretty marginal.
Side note: The exceptions are basic device ID and basic IP intelligence (i.e., geolocation), and these are pretty much commoditized nowadays.
The ROI gets even more shaky when you consider the fact that these are not solutions, just building blocks.
You still need to streamline the data into your ML model pipeline or into your rule engine. You still need to run research on how best to use it.
Couple all of this with integration resources, high latency in many cases, and additional costs, and you can understand why businesses tend to ignore such solutions unless they have very specific challenges.
Why you shouldn't ignore data vendors
How come fraud data vendors are not particularly good at pinpointing fraudsters?
The answer is quite simple. Fraudsters are criminals– they frequently switch assets and cover their own tracks.
They do that exactly for the reason to not get caught linked to a previous fraudulent activity.
Take email for example: if I have zero intelligence on it, it’s quite suspicious. But then again, even a very bad data vendor would have zero data on it. See the problem?
It also means that it’s very hard to use these data points as “silver bullets” to identify fraud. As we know, detecting fraud is about detecting the entire pattern, not single values.
Now look at it backwards.
What if we want to identify legitimate customers?
Legitimate customers don’t switch assets. They don’t try to cover their tracks. They are fine with being linked to their previous activity/history.
Legitimate customers leave tracks behind.
And these tracks are easily picked up by fraud data vendors.
Not only that, these tracks can be used as “silver bullet” logics:
Switched phones but in the same GPS location - great!
Weird-looking email address that doesn’t match the name but registered on ten platforms - awesome!
Burner phone number that has many positive consortium hits - fantastic!
Each of these logics can be accurate enough to exclude false positives from getting wrongly blocked.
And because researching and implementing these logics is a simple exercise, it’s also easier to test and calculate the ROI you can get.
This is especially true if you design your experiment to be focused on your blocked population instead of on your general population.
The bottom line
Getting more data on your users can mostly help you prove they are good users. It rarely helps you prove they are fraudsters.
When it comes to fraud data enrichment vendors, we need to:
Recalibrate the role we have for them in our fraud prevention system
Change how we test them
Rethink how we determine their ROI
If you do all of that, I promise you’ll rethink whether they can be of value.
What’s your experience with using data vendors for fraud detection / false positive reduction? In which use cases do you see them shine? Hit the reply button and let me know.
In the meantime, that’s all for this week.
See you next Saturday.
P.S. If you feel like you're running out of time and need some expert advice with getting your fraud strategy on track, here's how I can help you:
Free Discovery Call - Unsure where to start or have a specific need? Schedule a 15-min call with me to assess if and how I can be of value.
Schedule a Discovery Call Now »
Consultation Call - Need expert advice on fraud? Meet with me for a 1-hour consultation call to gain the clarity you need. Guaranteed.
Book a Consultation Call Now »
Fraud Strategy Action Plan - Is your Fintech struggling with balancing fraud prevention and growth? Are you thinking about adding new fraud vendors or even offering your own fraud product? Sign up for this 2-week program to get your tailored, high-ROI fraud strategy action plan so that you know exactly what to do next.
Sign-up Now »
Enjoyed this and want to read more? Sign up to my newsletter to get fresh, practical insights weekly!
