The digital age brought a lot of opportunities to businesses and consumers.
Buying from home, selling at scale, discovering new industries, new products & new experiences, are all examples of its great benefits. Unfortunately, it also carried a dark side == a colossal digital fraud industry that could not wait to get their hands on payments and goods that could instantly transfer in large numbers without a trace.
Greed, power, and other psychological factors, such as low self-esteem or a desire for recognition, are some of the factors that motivate these fraudsters. And the best (or worst) of them are infiltrating digital goods and payments.
WHY digital goods and payments?
To better understand why digital goods, let's first realize what digital goods are.
Digital goods or e-goods are intangible goods or services that exist in digital form (Wikipedia).
Some examples include: Gaming, Crypto, E-tickets (Traveling, concerts, museums, etc.), Gift cards and prepaid debit cards, money transfer businesses, and more.
WHAT makes them so attractive to fraudsters?
1. Anonymity: Fraudsters are able to operate anonymously in the digital world, making tracking them difficult.
2. Scale: Digital goods do not require physical shipping or handling. They are delivered instantly and mostly have a more extensive inventory. This makes it more comfortable for scalable fraud (i.e., a lot of fraud in a small amount of time).
3. Low barrier to entry: Setting up a digital storefront or website is relatively easy and inexpensive, making it possible for fraudsters to establish a presence quickly.
4. Accessibility: Fraudsters have easy access to global markets in the digital space, allowing them to reach a large number of potential victims.
5. Lack of regulation: Big parts of the digital goods market are still relatively unregulated, making it easier for fraudsters to operate without detection.
6. Complex: Some sociogroups (elderly, for example) find the digital goods market more complex than the physical one, making it harder for the average consumer to understand the risks and identify fraud.
WHO are the fraudsters of the new age?
Modern-day fraudsters use advanced technology to commit crimes in the digital goods world. They may use sophisticated hacking tools to gain access to personal information, use bots to hack digital marketplaces, or use machine learning algorithms to evade detection. Some fraudsters may use deep fake technology to create convincing fake identities or manipulate digital images or videos. Furthermore, they may use techniques such as social engineering, cookie stealing, phishing, and malware to trick individuals into giving away sensitive information or access to their devices.
WHERE do they do their business?
To combat fraud effectively in today’s growing digital goods world, one must be proactive, not reactive, and use offensive measures, which means fraud prevention; not fraud protection.
As noted earlier, the challenge of payment fraud prevention in the riskiest environment involves thinking like fraudsters, acting like them, and going where they go to gather information and ammunition.One of the places we spend time in is the Dark Web. This is essential to fraud prevention efforts.
In the photo below you can see a real-life example of how scalable BIN attacks usually start. The BIN list below is actually for sale on the Dark Web.It included 700 valid credit cards, including full PANs, expiration dates, CVVs, and names of cardholders, etc.
Imagine the mess fraudsters need to make to stay profitable when they buy such a list for $10K. For obvious reasons the list is blurred. But you can still see how such a list would look and how much chaos it would cause when one is reactive. Alternatively, do you get how the prevention made easy and efficient when one is attacked but already posses the list?
A blurred list of 700 valid credit cards, including full PANs, expiration dates, CVVs, names of cardholders, etc. From the Dark Web
HOW AI Technology Will Take Us Forward
Overall, technology is a double-edged sword. It can be used by fraudsters to carry out their activities but also by legitimate companies to protect their customers and assets. In the digital goods space, where goods and services are being fulfilled immediately and the decision must happen instantly, AI is the key. Only AI can examine thousands of different factors from a wide range of areas, such as behavioral analytics, anomaly detection, and contextual analysis (e.g.,device fingerprinting), to arriveat a decision in less than half a second. AI is the only technology that can provide a dynamic defense, which simultaneously reacts and changes according to thousands of data points.
While liability is still on the merchants’ side, that’s exactly what their fraud departments (or the payment fraud prevention companies protecting them) have to understand. Without it, they can’t win this war. The way forward implies a place where there is no more manual review, no more payment fraud rules and no more being 100% reactive. It’s a new place where fraud prevention is not just protection. It’s plain and simple a necessity for customer top and bottom line business growth.