This is the first installment in a three-part series. Stay tuned for parts two and three to learn more.

Innovation is key to successful digital transformation, digital identity trust and, ultimately, business growth. We live in a dynamic environment that benefits from an adaptive security approach to digital identity trust. Many industry experts recommend continuous risk authentication, but also important to your strategy is your security solution provider and its ability to innovate.

The fraud protection and digital identity trust solution provider you choose can impact your success. Fostering an environment of protection and engaged customers is a team event. Trust in your fraud detection provider can build trust with your customers — it runs full circle.

So how do you know which security provider is best for you? How do you know who to trust? Rob Rendell, global client success leader, financial fraud prevention and strategic development at IBM Security, has been hands-on in fraud prevention vendor selection processes for years and has a deep understanding of what can lead to a successful partnership.

How to Maximize Your Fraud Prevention Investment, According to a Digital Trust Expert

Question: In your experience, why do organizations typically seek a new fraud protection vendor?

Rendell: Typically, one of two things sparks a need for a new vendor:

  1. Fraud losses: Either continual losses (slow bleed) or a major event will cause an organization to look externally to seek a new solution or extension of an existing solution to curve the trend with losses.
  2. Customer experience optimization for new product or feature expansion: When leadership decides to launch new capabilities for consumers, risk management leaders must perform risk evaluations. In some cases, new features and functionality mean unfavorable risk exposure, which requires risk management teams to leverage technology to mitigate the exposure. They also look to balance risk and customer experience. This combined effort can help establish a digital identity trust approach that can provide customers with the journey they expect.

With growing customer demand for anytime, anywhere access, why is real-time visibility important in a new solution?

Rendell: As the settlement of transactions has moved to real time, risk should also be evaluated in real time. Passive monitoring throughout the user journey can help achieve this continuous viewpoint into user risk. It is also important to mitigate session account takeover attacks, which have become increasingly sophisticated.

Passive monitoring also enhances the user experience by helping to reduce interdiction rates. Historically, organizations used strict business policy rules within user flows. Today, they can use intelligence from passive monitoring and only interdict when there is evidence of risk.

We hear a lot of buzz around machine learning and artificial intelligence (AI) being built into fraud protection solutions. Can you tell us what that means?

Rendell: Pairing machine learning and AI with a continuous security strategy can lead to fraud tools that help enable continuous learning. These models can quickly update based on changing fraud trends. This self-tuning doesn’t rely on data analyst intervention. Such intervention requires lengthy data jockeying and can be costly from an employee funding perspective.

What additional value can a vendor bring to your organization that you can’t otherwise do yourself, and how important is this?

Rendell: Typically, vendors (service suppliers) have a unique perspective, as they have a viewpoint into trends in other geographies, markets and organizations. When it comes to fraud information/intelligence sharing, this is important. Consortium data is a powerful tool to help protect peer organizations from common bad actors, and it provokes peers to share insights as they happen. In this model, everyone has each other’s best interest in mind. Consortium insights provide businesses a global viewpoint that they otherwise might not have access to.

Read the “2018 Digital Identity Trust Survey” to learn more

More from Fraud Protection

Kronos Malware Reemerges with Increased Functionality

The Evolution of Kronos Malware The Kronos malware is believed to have originated from the leaked source code of the Zeus malware, which was sold on the Russian underground in 2011. Kronos continued to evolve and a new variant of Kronos emerged in 2014 and was reportedly sold on the darknet for approximately $7,000. Kronos is typically used to download other malware and has historically been used by threat actors to deliver different types of malware to victims. After remaining…

How Security Teams Combat Disinformation and Misinformation

“A lie can travel halfway around the world while the truth is still putting on its shoes.” That popular quote is often attributed to Mark Twain. But since we're talking about misinformation and disinformation, you’ll be unsurprised to learn Twain never said that at all. In fact, no one knows who first strung those words together, but the idea that truth spreads slowly while lies spread quickly is at least several hundred years old. The “Twain” quote also serves to…

A View Into Web(View) Attacks in Android

James Kilner contributed to the technical editing of this blog. Nethanella Messer, Segev Fogel, Or Ben Nun and Liran Tiebloom contributed to the blog. Although in the PC realm it is common to see financial malware used in web attacks to commit fraud, in Android-based financial malware this is a new trend. Traditionally, financial malware in Android uses overlay techniques to steal victims’ credentials. In 2022, IBM Security Trusteer researchers discovered a new trend in financial mobile malware that targets…

New DOJ Team Focuses on Ransomware and Cryptocurrency Crime

While no security officer would rely on this alone, it’s good to know the U.S. Department of Justice is increasing efforts to fight cyber crime. According to a recent address in Munich by Deputy Attorney General Lisa Monaco, new efforts will focus on ransomware and cryptocurrency incidents. This makes sense since the X-Force Threat Intelligence Index 2022 named ransomware as the top attack type in 2021. What exactly is the DOJ doing to improve policing of cryptocurrency and other cyber…