The FinTech Revolution: Fraud Prevention in the FinTech Space
This is the sixth installment in a series of articles. For more background on this topic, please read our first article in the series, An Introduction to Financial Technology; our second article, The FinTech Revolution: Enforcement Actions Brought against FinTech Companies and Their Implications; our third article, The FinTech Revolution: The Impact of Blockchain Technology on Regulatory Enforcement; our fourth article, The FinTech Revolution: Complying with Anti-Money Laundering Laws to Avoid Regulatory Enforcement Actions; and our fifth article, The FinTech Revolution: How Data Breaches Can Result in Regulatory Enforcement Actions.
As the FinTech industry rises in popularity, the number of digital transactions—also known as e-commerce—is sky-rocketing, creating ever-greater opportunities for fraud.1 These vulnerabilities are compounded by an expansion in the range and assortment of digital transactions. As a result, there is a critical need for companies in the FinTech industry to ensure that they have sound and comprehensive fraud prevention strategies, policies, and programs in place.
People seeking to engage in fraudulent schemes or artifices are attracted to an industry that is on the cutting edge of technological development where they see opportunities to exploit weaknesses in data protection. Identity theft (the misappropriation of someone else’s identity by targeting his or her personal information), and “phishing” (using fraudulent communications such as websites, text messages, and e-mails to induce people to part with their personal information), are two of the more common types of fraudulent devices that are employed, in addition to other sophisticated fraudulent schemes.2
Because of constant changes in technology and the increase in the frequency and volume of digital transactions, companies are not always fully equipped to prevent fraud. This is true even for enterprises that have diligently implemented traditional fraud prevention policies and programs, such as robust anti-money laundering (“AML”) compliance programs. Why so? Because many current fraud prevention techniques are rooted in the idea of manual detection (i.e., before a company can implement preventative measures, a form of fraud must be detected by an individual).3 As discussed below, companies should consider adopting a more comprehensive approach to combating fraud by combining traditional, manual fraud prevention policies and programs with more cutting-edge fraud prevention techniques that utilize artificial intelligence (“AI”).
One way the FinTech industry has been supplementing traditional fraud prevention policies and programs is through the continued development of machine learning fraud prevention approaches using AI. With machine learning, a computer is able to recognize schemes that are likely to be fraudulent by analyzing prior data and then making decisions with respect to ongoing transactions, with or without continuous human interaction. “Supervised” machine learning, which requires human interaction, involves the selection of a random set of transactions that are then manually sorted into “fraudulent” or “non-fraudulent” buckets. The results of this sorting are then used to create an algorithm that enables computers to recognize and flag other fraudulent transactions as they occur.4 “Unsupervised” machine learning, by contrast, is a type of machine learning that analyzes a randomized dataset for patterns or potential indicators of fraud without manual input by an individual. The results of the analysis are then extrapolated to larger sets of data.5
Several FinTech companies are focused specifically on helping other companies in the industry to mitigate or prevent exposure to fraud. For example, some companies use machine learning and data analysis to prevent fraud in payment processing, opening new customer accounts, and validating customers, among other things. Other services allow businesses from different industries to share positive and negative information about devices so that merchants can determine whether a device has been previously linked to fraudulent activity. Similarly, some services use data from numerous sources to collect and share information on billions of people, allowing e-commerce merchants to verify new customers, and thus reducing the risk of fraudulent purchases and subsequent chargebacks.
Given the evolution of fraud and fraud prevention tools, financial institutions and other businesses susceptible to e-commerce fraud should carefully review and evaluate their fraud prevention policies and programs to ensure that their businesses and customers are adequately protected. In addition, they should consider whether they should supplement their existing defenses with the incorporation of machine learning solutions.
- See Experian Report, E-commerce Attack Rates, available at experian.com/decision-analytics/identity-and-fraud/ecommerce-attack-rates.html.
- See fintech.finance/01-news/types-of-fraud-in-e-commerce.
- See innoarchitech.com/machine-learning-fintech-secret-weapon-against-fraud.
©2018 Blank Rome LLP. All rights reserved. Please contact Blank Rome for permission to reprint. Notice: The purpose of this update is to identify select developments that may be of interest to readers. The information contained herein is abridged and summarized from various sources, the accuracy and completeness of which cannot be assured. This update should not be construed as legal advice or opinion, and is not a substitute for the advice of counsel.