June 14, 2019 By Christine DeFazio
Rob Rendell
3 min read

This is the first installment in a three-part series. Stay tuned for parts two and three to learn more.

Innovation is key to successful digital transformation, digital identity trust and, ultimately, business growth. We live in a dynamic environment that benefits from an adaptive security approach to digital identity trust. Many industry experts recommend continuous risk authentication, but also important to your strategy is your security solution provider and its ability to innovate.

The fraud protection and digital identity trust solution provider you choose can impact your success. Fostering an environment of protection and engaged customers is a team event. Trust in your fraud detection provider can build trust with your customers — it runs full circle.

So how do you know which security provider is best for you? How do you know who to trust? Rob Rendell, global client success leader, financial fraud prevention and strategic development at IBM Security, has been hands-on in fraud prevention vendor selection processes for years and has a deep understanding of what can lead to a successful partnership.

How to Maximize Your Fraud Prevention Investment, According to a Digital Trust Expert

Question: In your experience, why do organizations typically seek a new fraud protection vendor?

Rendell: Typically, one of two things sparks a need for a new vendor:

  1. Fraud losses: Either continual losses (slow bleed) or a major event will cause an organization to look externally to seek a new solution or extension of an existing solution to curve the trend with losses.
  2. Customer experience optimization for new product or feature expansion: When leadership decides to launch new capabilities for consumers, risk management leaders must perform risk evaluations. In some cases, new features and functionality mean unfavorable risk exposure, which requires risk management teams to leverage technology to mitigate the exposure. They also look to balance risk and customer experience. This combined effort can help establish a digital identity trust approach that can provide customers with the journey they expect.

With growing customer demand for anytime, anywhere access, why is real-time visibility important in a new solution?

Rendell: As the settlement of transactions has moved to real time, risk should also be evaluated in real time. Passive monitoring throughout the user journey can help achieve this continuous viewpoint into user risk. It is also important to mitigate session account takeover attacks, which have become increasingly sophisticated.

Passive monitoring also enhances the user experience by helping to reduce interdiction rates. Historically, organizations used strict business policy rules within user flows. Today, they can use intelligence from passive monitoring and only interdict when there is evidence of risk.

We hear a lot of buzz around machine learning and artificial intelligence (AI) being built into fraud protection solutions. Can you tell us what that means?

Rendell: Pairing machine learning and AI with a continuous security strategy can lead to fraud tools that help enable continuous learning. These models can quickly update based on changing fraud trends. This self-tuning doesn’t rely on data analyst intervention. Such intervention requires lengthy data jockeying and can be costly from an employee funding perspective.

What additional value can a vendor bring to your organization that you can’t otherwise do yourself, and how important is this?

Rendell: Typically, vendors (service suppliers) have a unique perspective, as they have a viewpoint into trends in other geographies, markets and organizations. When it comes to fraud information/intelligence sharing, this is important. Consortium data is a powerful tool to help protect peer organizations from common bad actors, and it provokes peers to share insights as they happen. In this model, everyone has each other’s best interest in mind. Consortium insights provide businesses a global viewpoint that they otherwise might not have access to.

Read the “2018 Digital Identity Trust Survey” to learn more

More from Fraud Protection

Virtual credit card fraud: An old scam reinvented

3 min read - In today's rapidly evolving financial landscape, as banks continue to broaden their range of services and embrace innovative technologies, they find themselves at the forefront of a dual-edged sword. While these advancements promise greater convenience and accessibility for customers, they also inadvertently expose the financial industry to an ever-shifting spectrum of emerging fraud trends. This delicate balance between new offerings and security controls is a key part of the modern banking challenges. In this blog, we explore such an example.…

Remote access detection in 2023: Unmasking invisible fraud

3 min read - In the ever-evolving fraud landscape, fraudsters have shifted their tactics from using third-party devices to on-device fraud. Now, users face the rising threat of fraud involving remote access tools (RATs), while banks and fraud detection vendors struggle with new challenges in detecting this invisible threat. Let’s examine the modus operandi of fraudsters, prevalence rates across different regions, classic detection methods and Trusteer’s innovative approach to RAT detection through behavioral analysis. A rising threat As Fraud detection methods become more and…

Gozi strikes again, targeting banks, cryptocurrency and more

3 min read - In the world of cybercrime, malware plays a prominent role. One such malware, Gozi, emerged in 2006 as Gozi CRM, also known as CRM or Papras. Initially offered as a crime-as-a-service (CaaS) platform called 76Service, Gozi quickly gained notoriety for its advanced capabilities. Over time, Gozi underwent a significant transformation and became associated with other malware strains, such as Ursnif (Snifula) and Vawtrak/Neverquest. Now, in a recent campaign, Gozi has set its sights on banks, financial services and cryptocurrency platforms,…

The rise of malicious Chrome extensions targeting Latin America

9 min read - This post was made possible through the research contributions provided by Amir Gendler and Michael  Gal. In its latest research, IBM Security Lab has observed a noticeable increase in campaigns related to malicious Chrome extensions, targeting  Latin America with a focus on financial institutions, booking sites, and instant messaging. This trend is particularly concerning considering Chrome is one of the most widely used web browsers globally, with a market share of over 80% using the Chromium engine. As such, malicious…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today