The First Rule in Fighting Fraud: Rules Can Fail
By Bill Hodak /
23 Jan 2015
If you’ve ever seen the movie Fight Club, then you know that the first rule of Fight Club is, “You do not talk about Fight Club.” The second rule of Fight Club is, “You do not talk about Fight Club.” Apparently, they didn’t trust that people would follow the first rule, so they made the second rule the same as the first. While I’m not sure that doubling the rule would actually doubly enforce the rule, it did effectively send the message that Fight Club members were forbidden to talk about Fight Club.
When it comes to the Fraud Fighting Club, the first rule is, “Rules fail.” Channeling my inner Brad Pitt, I will also say that the second rule of Fraud Fighting Club is, “Rules fail.”
So why don’t rules work when fighting fraud? First, let’s define what we mean by rules. The first generation of online fraud management systems were essentially rule-based engines or systems that allowed fraud managers to manually compile a list of static if-then statements that defined whether to consider an order “good” (and process normally) or whether to consider an order “bad”. If the order was “bad”, then the fraud management system could either block the order or send it over to the fraud team for further review.
On the surface, rule-based systems seem pretty effective at detecting and preventing fraud. However, let’s take a look at an example to understand the inherent flaws of using rules to fight fraud:
Let’s say someone tries to buy shoes online from vendor We Sell Shoes Online and the customer order information reveals that the customer’s last name is “Fraudster” and he is trying to purchase a pair of kicks for $199.
Unfortunately, We Sell Shoes Online experienced fraud in the past from someone with the last name “Fraudster”. In response, they created a rule that automatically blocks all orders from customers with the last name Fraudster. Boom – problem solved, right?
Not so fast. As it turns out, the last name “Fraudster” is actually quite common and this particular shopper was actually a good customer! And because his order was blocked, Mr. Fraudster took his business to competitor We Sell Shoes Online Cheaper.
When Mr. Fraudster checked out with his $179 order from We Sell Shoes Online Cheaper – his purchase went through in no time and he saved a $20. Looks like We Sell Shoes Online Cheaper just got themselves a repeat customer!
Did We Sell Shoes Online Cheaper take on more risk? Not at all. They use a new technology to fight fraud called Machine Learning. With this powerful technology, they are able to proactively analyze thousands of attributes about each and every order in real-time. They too have experienced fraud from people with the last name “Fraudster”. But based on other attributes about the above example’s specific order (e.g. shipping and billing addresses, number of users per device, structure of the email address, etc.), their Machine Learning technology identified that this was in fact a good order.
Now imagine that another customer tries to buy the same shoes from We Sell Shoes Online and his last name is “Fraudster123”. Since We Sell Shoes Online never previously encountered a customer with that last name, they process the order quickly and a month later get a chargeback because this guy used a stolen credit card. Dang it – rules failed again!
Mr. Fraudster123, feeling confident from successfully stealing from We Sell Shoes Online, decides to try his luck again – this time buying shoes from We Sell Shoes Online Cheaper. Lo and behold, nobody with the last name of Fraudster123 previously purchased from We Sell Shoes Online Cheaper either. However, our merchant blocks Mr. Fraudster123’s order immediately. Why? Because their Machine Learning technology analyzed other attributes about this order – not just the customer’s last name. And as it turns out, there were many red flags, clearly marking this order as fraudulent. For example, We Sell Shoes Online Cheaper customers with a last name ending in 123 are 90% more likely to be fraudsters. This data, plus thousands of other signals, gave We Sell Shoes Online Cheaper the information they needed to block this order with confidence.
Let’s tally up the results:
We Sell Shoes Online just lost $998:
– $199 (by canceling a good customer’s order)
– $199 (by selling shoes to a fraudster)
– $100 (chargeback fee due to fraudulent activity)
– $500 (future lost revenue from losing a good customer)
We Sell Shoes Online Cheaper just earned $679 and saved $279 for a total gain of $958:
+ $179 (for selling shoes to a good customer)
+ $500 (future revenue from gaining a good customer)
Saved: $179 (for not selling shoes to a fraudster)
Saved: $100 (for not getting a chargeback fee)
It’s pretty clear that We Sell Shoes Online Online Cheaper did a better job of fighting fraud and providing good service to good customers. And they made more money while doing it. Triple Bonus! Now, you must be thinking to yourself, “I want to be like We Sell Shoes Online Cheaper, but Machine Learning sounds awfully complicated and I’m sure it’s ridiculously expensive.”
That’s where we come in. Sift Science has created the world’s best fraud prevention system based on our advanced machine learning technology. Learn more about Sift Science and Machine Learning at siftscience.com!