Reducing Friction and False Positives: How to Let the Good Customers In and Keep the Bad Guys Out
Not being able to quickly and confidently identify good customers can mean lost revenue, increased costs and frustrated customers. Aite Group predicts U.S. card issuers will have falsely declined $331 billion in transactions in 2018. Nearly one in every three (30%) transactions that were declined because of suspected fraud are actually legitimate. False positives are a bigger revenue drain for merchants than chargebacks: merchants only lose about 0.52% to chargebacks but five times more — 2.79% — to false positives.
Not being able to authenticate good customers upfront also increases costs, as banks and credit unions now need multiple steps. For example, although banks and credit unions cannot legally deny an online credit card application, they can flag them for further review. However, each review costs the institution about $10. Multiply that cost by thousands of applications, and profits can take a significant hit.
In addition, customer tolerance for friction is lessening — they expect a pleasant, fast and personalized experience. When customers contact your bank or credit union, they expect that you know who they are. In addition, Signicat found that 40% of consumers have abandoned bank applications, with almost three-quarters of them saying they did so because the enrollment process took too long or required them to enter too much information.
Balancing Fraud, Friction, and False Declines
While every financial institution wants to keep fraud rates manageable, they also don’t want to alienate a legitimate customer by declining the transaction or asking them to jump through hoops to prove they are who they say they are.
According to a 2018 American Banker/Neustar survey, one-quarter of financial institutions rank customer friction as a very high priority. More than half (51%) say that removing customer friction is as important as identifying fraud risk.
“Banks and credit unions will always need to comprehensively address fraud, but they recognize that they can’t create a challenging user experience in those efforts,” said Mitchell Young, Executive Director of Identity Risk Solutions at Neustar.
For example, in an effort to reduce customer friction, banks and credit unions are moving away from using knowledge-based authentication (KBA) questions. Not only do customers find KBAs intrusive, but fraudsters are adept at getting access to the answers through data breaches and social engineering.
Leveraging the Same Data
The same data elements that banks and credit unions use to detect fraud can be used to make transactions easy, quick and convenient for legitimate customers and deepen customer relationships, explains Young.
For example, if a customer calls in to their institution’s call center from a mobile device but the institution only has the customer’s landline number in the customer relationship management (CRM) system, automatic number identification (ANI) won’t identify the customer. The call center agent then has to ask for the customer’s account number, as well as their mother’s maiden name — not a great experience for the customer.
But, what if the call center agent is able to greet the customer by name and has their full profile on their screen — along with a personalized offer for additional products and services — even if they call from their mobile phone. It’s a totally different, much more positive and personalized customer experience.
The Power of Device-Based Identification Data
To reduce customer friction, banks and credit unions need to authenticate customers within milliseconds with a high degree of confidence. But a single identity-data element can’t provide that confidence. Fraudsters can buy a social security number (SSN) from the dark web. They can guess a password using social engineering. A fraudster can spoof a mobile phone and intercept a one-time passcode (OTP) sent via SMS text.
What can’t be stolen or spoofed is device-based identification data, including mobile phone type, usage and how long the customer has had the phone. For example, a certain phone is either an iPhone or it isn’t — meaning that a fraudster can’t walk into Walmart and buy a TracPhone and pretend it’s an iPhone that was activated a year ago.
To definitively authenticate a customer’s identity — no matter how they contact your institution — requires linking multiple data points from multiple sources. A social security number is not authoritative — but combining an SSN with online data, such as an IP address, cookie data, and device identification data, results in a much more confident identity verification.
Device data will become even more important in the future. With the vast number of data breaches, name, address and SSN are not the iron-clad identity verification data points they were in the past. Instead, Young believes that customers’ phone numbers will become the basis of identity verification.
Data privacy concerns for mobile phones are — and will continue to be — a hot issue. The European Union’s General Data Protection Regulation (GDPR) tightens the guidelines for data privacy and gives more control to individuals over their personal data. If the U.S. passes similar legislation — and industry leaders, including Apple CEO Tim Cook, are calling for these types of regulations — the smartphone provides a natural identity platform.
Today, companies including PayPal allow customers to enroll with nothing more than their telephone number. Young predicts we should expect financial institutions to follow suit.
With more than 90% of caller ID data in the U.S., Neustar has access to updated device data on more than 500 million phones through relationships with mobile network operators (MNO). This includes if a SIM card is tied to a customer’s phone or if a phone number has been forwarded. Neustar can use that data, along with offline and online data, to confidently authenticate customers.
Reducing fraud is always a priority, notes Young. But now, banks and credit unions are looking at how they can effectively reduce fraud and reduce friction at the same time. “The same elements that allow you to identify potential fraud are the same data that allow you to identify good customers and deliver a better customer experience,” Young said.
Neustar’s authoritative consumer identity intelligence enables financial institutions to reduce compliance risk, improve the customer experience, and increase revenue across the enterprise.
For more information, contact us at 1-855-898-0036, ext. 4, or email firstname.lastname@example.org.