Guilty Until Proven Innocent: How Incorrectly Identifying Good Customers as Cybercriminals Damages Your Bottom Line

Chances are, your brand’s fraud management technology is costing you money.

According to the Department of Commerce, e-commerce sales in this year’s second quarter grew by a robust 15.7 percent over the same quarter in 2013. But while the growth of online sales presents new opportunities for retailers, it also brings additional risks — not the least of which is an increase in cybercrime.

In an effort to protect their companies and customers from online fraud, many retailers have adopted a “guilty until proven innocent” security approach that turns away customers if there’s the slightest hint of suspicious activities, resulting in lost revenue due to the incorrect labeling of users as fraudulent.

Fortunately, it doesn’t have to be that way. By leveraging context-based authentication and a global network, you can improve security without damaging online revenues or the customer experience.

The Problem With Fraud Management Technology
Too often, the threat of a serious breach has led online retailers to implement technologies that prioritize security over customers. As a result, retailers have grown accustomed to an unacceptable level of customer friction in the online channel.

In the banking industry, when a customer attempts to log in to their account with a device the bank hasn’t seen before, the bank initiates a phone call or text message to authenticate the customer’s identity. This creates additional steps, especially if the customer hasn’t updated his or her contact information or is unable to respond to the verification attempt.

The situation in retail is similar. Fraud management systems have historically been designed to accommodate the needs of specific industries and have been deployed for the singular use of retail brands. Consequently, the intelligence collected by the enterprise about e-commerce users is limited to the brand’s own interactions with the customer, forcing retailers to presume that unfamiliar users or devices are guilty of fraudulent login attempts.

Related Content