August 22, 2019 By Christine DeFazio 3 min read

This is the last installment in a three-part series. Be sure to read part one and part two to catch up on the full story.

Going live with your fraud protection solution should be a strategic process, enabling smooth transitions and positive outcomes. This continuation of your ongoing relationship with your vendor is where you can find ways to help your teams achieve success in the execution of your new solution as well as opportunities for continuous improvement. So, what is involved, and how can you help achieve a secure, seamless customer experience through this partnership?

Rob Rendell, global client success leader, financial fraud prevention and strategic development at IBM Security, has shared his valuable fraud and risk experience with us along this journey, and he’s back with more insight into what vendor involvement should look like to help develop a stable, cross-functional group.

How to Ensure Go-Live Success With Your Fraud Protection Vendor

Question: Once the fraud protection vendor is onboarded and teams are ready for implementation, what are some steps for success? Who should be involved throughout?

Rendell: Cross-functional stakeholder meetings should be established throughout the approval and onboarding life cycle. At the point of implementation, it’s important to have a joint meeting between technology partners from both groups to understand how the solution intends to hook into the target environment. It also helps to map out how the solution will be executed.

To start, ask yourself: Will the solution be leveraged as a standalone tool? The benefit here is speed to production and short-term wins.

In addition, will the solution need to be integrated with a larger risk engine? Many fraud organizations are integrating vendor solutions into larger risk engines to be a supplier of data/intelligence that is then aggregated with other data points to help increase fraud detection rates. Integration with a larger risk engine can also provide operational benefits since fraud analysts aren’t required to work out of multiple systems, reducing time wasted toggling between tools. Consolidated alert management can also improve efficiencies with alert workflow, alert automation (auto-contact strategies), reporting, and ongoing model performance and governance

Next, determine where the data will be stored for analytics reasons. You should also create testing plans to intended solution use cases. Furthermore, individual test scripts should be created and fully executed against. Validate connectivity and data capture with the supplier, and employ a “round-trip” approach to testing the connectivity from the customer to the supplier and back to the customer.

Finally, conduct a pre-go-live solution readiness workshop with the internal stakeholder group and supplier. Functional areas to be addressed include how the solution works and impact to process and people. Help review teams (operations analysts) understand what the solution is there to do so they know how to take action against review items and what the data means to analytics teams.

Question: How do you define what go-live success looks like? Can you provide an example?

Rendell: Successful go-live usually means minimal or no defects from the implementation, no major end user impact, and operations teams able to execute against the technology.

In the space of creating digital identity trust, this means organizations are able to execute authentication policies and inherent risk systems are able to take decisive action against solution recommendations. Downstream end users are passively protected against malicious acts of potential fraud and account takeover.

Question: As the threat landscape and fraudster sophistication evolve and customer digital demands grow, how can teams continue to maintain this success?

Rendell: Feedback, feedback, feedback. I repeat this because too often stakeholders in organizations implement a solution and start to let it run in autopilot. Continuous conversations between customer and supplier are needed to help protect the organization against the latest threat or if the solution has evolved and the organization needs to make updates to capitalize on the latest feature.

This is part of the supplier’s role too. They should understand the customer’s road map and current threats and educate the stakeholder on environmental trends that are happening in the larger ecosystem.

Fraud Protection Is Constantly Evolving

Much like the fraud landscape and digital customer experience, the supplier relationship evolves, and rightfully so. When partnering, your vendor is an extension of your team and should help advocate for the value of your efforts in securing and simplifying the customers’ digital experience.

See how fraud protection and authentication solutions can help your customers more securely and seamlessly interact with your platforms and apps throughout their entire digital journey.

More from Fraud Protection

PixPirate: The Brazilian financial malware you can’t see

10 min read - Malicious software always aims to stay hidden, making itself invisible so the victims can’t detect it. The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan (RAT) malware that heavily utilizes anti-research techniques. This malware’s infection vector is based on two malicious apps: a downloader and a droppee. Operating together, these two apps communicate with each other to execute the fraud. So far, IBM Trusteer researchers have observed this…

New Fakext malware targets Latin American banks

6 min read - This article was made possible thanks to contributions from Itzhak Chimino, Michael Gal and Liran Tiebloom. Browser extensions have become integral to our online experience. From productivity tools to entertainment add-ons, these small software modules offer customized features to suit individual preferences. Unfortunately, extensions can prove useful to malicious actors as well. Capitalizing on the favorable characteristics of an add-on, an attacker can leverage attributes like persistence, seamless installation, elevated privileges and unencrypted data exposure to distribute and operate banking…

From federation to fabric: IAM’s evolution

15 min read - In the modern day, we’ve come to expect that our various applications can share our identity information with one another. Most of our core systems federate seamlessly and bi-directionally. This means that you can quite easily register and log in to a given service with the user account from another service or even invert that process (technically possible, not always advisable). But what is the next step in our evolution towards greater interoperability between our applications, services and systems?Identity and…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today