When customers interact with a known and trusted brand, they expect a positive, seamless experience. They probably have a certain goal in mind, whether it’s making a purchase, setting up an appointment or checking on a credit card transaction, but more likely than not, safety isn’t a top-of-mind issue. Until it is.
As organizations grow larger and more complex, needs around fraud prevention and customer experience may be seen as being inherently in conflict with one another. But preventing fraud and enhancing the user experience are not zero-sum objectives. Effective fraud controls can both mitigate risk and improve customer experiences, as they reduce friction for legitimate consumers and increase friction against the small minority of risky interactions. For companies, identifying and implementing the right controls is a critical step toward remaining in front of bad actors, but success is predicated on equal access to identity data. And the key to ensuring such access often lies in the corporate structure.
Strive for a “friction-right” customer experience
In 2022, identity fraud accounted for $43 billion in losses, with victims numbering in the millions. As the volume of exposed consumer personally identifiable information (PII) continues to swell, fraudsters have a trove of sensitive details to plunder for nefarious activity, such as performing account takeovers, building synthetic identities or conducting credit card fraud. And, fraudsters are adept at using ill-gotten PII in their quest to bypass security or sneak through gaps, using such opportunities to further infiltrate organizations and prey on vulnerabilities across multiple segments of a business. This cross-channel fraud is enhanced by the existence of internal siloes within the organization that hinder effective sharing of risk data across lines of business.
Consider who really benefits from silos
To realize the greatest benefit of fraud prevention tools, organizations must use them consistently across the enterprise. Too often, that doesn’t happen. For instance, companies usually deploy mobile device analytics for digital channel access control, while call center agents use a separate platform or system altogether. Not only does this disparate approach create risk for organizations by reducing the efficacy of fraud prevention and CX efforts, it could wind up putting customers at risk.
Having strict access control in place is a common-sense security strategy, but it’s one that could produce unintended consequences if it leads to a culture of inefficient information sharing. Let’s say a fraudster has obtained customer information in one channel, through socially engineering a contact center agent, for example, which they can then use to attempt an account takeover in another channel, such as online. If the enterprise isn’t effectively sharing the risk data across the organization, the fraudster will have a much easier time of it. Organizations may try hard to break down these siloes, but the absence of a holistic strategy which establishes identity data linkages across channels enables malicious actors to readily employ their tactics.
Adopting omnichannel identity management and authentication tools is just the first step. Even the most effective tools — those that provide a comprehensive digital identity for each user through IP address and geolocation attributes, device reputation, consortium data and behavioral analytics — can’t live up to their full potential if they are relegated to one channel or vertical. Enterprises must share data and risk signals broadly so that any business unit or channel can identify users with suspicious behavior and stop fraudsters in their tracks.
Begin clearing technological and cultural hurdles
Breaking down silos may be a popular refrain, but the reality of doing so can be daunting considering the various technological and cultural forces at play. On the technical side, challenges range from integrating disparate software systems to navigating different data formats. Prompting a cultural shift may be an even higher hurdle to clear, as it may be difficult to find bandwidth among executives already stretched with their own priorities — and competing ones, at that. There may also be a fear that centralized processes for fraud prevention could limit departmental flexibility or autonomy.
Organizations are engaged in an intricate dance when it comes to serving the interests of customer experience, operational efficiency and revenue generation along with fraud prevention and information security. The way forward is to develop a team representing each interest area and appointing a champion in the C-suite to see its mission through. By giving key stakeholder groups a seat at the table, enterprises can foster greater collaboration in developing practices that acknowledge individual risk tolerances and goals while developing solutions that serve the whole organization and achieve the intended results.
With buy-in from and the active participation of key groups impacted by fraud prevention strategies, enterprises can keep the focus on what drives them: their customers. Sharing risk signals to ensure that legitimate users are seamlessly served while potentially risky traffic has appropriate friction placed against it will ultimately enable organizations to build the customer trust and loyalty that is critical to remaining competitive. Revenue generation and operational efficiency should follow.