Masha Cilliers,

Founder and Principal Consultant

Payment Options Ltd

Masha Cilliers, Principal Consultant since 2012

23 years in payments business: Visa, Microsoft, Cybersource, GlobalCollect and Datacash

Focus on international sales for corporates, start ups and payment companies

There are differences: some goods are received immediately, some delivered later, some ‘claimed’ months after the transaction

There are similarities: fraudster behaviour can be predicted but they get more technology savvy

Fraudsters don’t discriminate – they are happy to defraud all sectors! And they exchange information about their experiences across industries and are a lot more ‘professional’ about it than many retailers

There are fraud losses and there is loss of revenue from declining valid orders – both are very important to merchants◦ UK – 1.65% lost to online fraud◦ US – 0.9% lost to online fraud ◦ As much as 2.3% of orders are rejected ◦ Up to 10% false positives

*Cybersource fraud report

• Fraudsters focus on making ‘payment journey’ look

legitimate

• ‘Clean Fraud’ is when fraudsters have all the legitimate

data (from identity theft, phishing and other scams)

• They have a very good knowledge of the fraud engines

and frequently test merchant’s sites

• Fraudsters are working together and exchanging

information – it is truly a global issue

• New Fraud types: reshipping (changing

destination/ticket class), account take over, man in the

middle to name just a few

Established:

• CVV &AVS

• 3D Secure (UK)

• Customer order history

• Negative lists

• IP geolocation

• Manual Review

Emerging:

• Google maps for location and other location options

• Device fingerprint for PCs (not as much for mobile)

• Website behaviour analysis

• Pass on, buy or share customer data

• Social network and other external behaviour analysis

• Focus on specific important factors

Trends spotted:

Clean Fraud• Correct address, CVV and IP, no risky characteristics

Organised fraudsters and ‘Gaming’• Botnets, scrumping: using real customers’ PCs used as proxy and challenging

merchant’s system to find out the rules

Timing and assessing fraud strategy effectiveness• Real fraud information is received through chargebacks up to 3 months after the

transaction which is too long

Some of the solutions:

Device and cross merchant transaction comparison• Packet signature inspection – device fingerprint – combined with browser fingerprint• Interrogate the device to see if anything controls it

Layered set of detectors• Cornering – ask for information• Dimension – combine related data• Specific – safety net if some data is not available, look at others parameters

Decision Manager Replay• Testing new rules based on own transaction data for the past 6 months

Trends spotted:

Synthetic Identities developed by fraudsters

• Tools and rules no longer enough

• Need real-time systems and comprehensive list of attributes

Some of the solutions:

Order Linking

• Attribute linking

• Looks at entire online world

• Relating transactions

• Who are the fraudsters and where they are

Email verification

• Age, previous use and other factors

• Great way to add a new attribute

Trends spotted:

Real-time screening critical but not enough

• Predicting behaviour on what has previously happened and not taking into account new fraud threats doesn’t show full picture

Merchants need more information from other merchants across industries

Some of the solutions:

Re-screen live orders

• Use past data to rescreen recent (72 hours) transactions to detect fraud attacks. Merchant can reconsider the order (cancel ticket, stop delivery, call customer etc). Also helps with cutting down manual reviews

Share information

• Provide a ‘club’ (information exchange) for merchants to screen data against each others both real time and retrospective

Trends spotted:

Issuers and Merchants• Not enough information is being passed between the parties, but the

Issuers soon know about transactions being fraudulent from the cardholders

Post transactional screening is needed• This ensures that the verticals with long exposure can thoroughly screen

for fraud

Some of the solutions:

Merchant/Issuer collaboration• A network of issuers connected to the platform which enables the

merchants to receive the alerts as soon as the transactions are reported as fraudulent

Alerts• Advance notification of customer disputes before they turn into

chargebacks allowing the merchant to stop shipment of good and refund fraudulent transaction, thus optimising on customer satisfaction

Trends spotted:

Fraudsters are Sophisticated• They are getting very collaborative and organised Teams of people

‘working’ as fraudsters but the retailers are not sharing as well across the markets

Rules have limited use: • Rules are not always enough and don’t give information about who the

buyer really is nor do they give enough history on the customer• Especially challenging for the digital goods sector

Some of the solutions:

Fraud screening by email address• Email address is used universally across different sites and merchants

and is key to consumers online identity• Using extensive database and various other data sources to check if the

email address has been seen in a fraudulent transaction• Not exposing or sharing of data across the value chain

IP cross validation• Additional checks of IP to combine with email address to validate the

email check results

• 80% of Merchants are either selling via mobile or planning to

• But very few have fraud strategy relating to mobile devices

• Not many providers have specific offers

• Device fingerprint is important but is hard to implement due to mobile companies not sharing data

• Need specific mobile strategy and tools

• Look at other variables (voice recognition and mobile location)

• Use of new payment methods (bank based wallets etc)

Cybersource 2014

Data sharing between merchants

Mixing real time and post transaction screening

Device fingerprint technology for both packet signature and to interrogate to establish secure use

Order linking and behavioural rules

New attributes (mobile location, email verification and other)

Appropriate Manual Review and chargeback management

Mobile fraud management strategy

•Device interrogation

•Packet signature

•Identity morphing

•Order linking

•Email address check

•Using reporting data

•Sharing by merchants

•Buying validation data

•Chargeback re-presentment and forecasting

•Real-time

•Post transaction screening

•Reporting

•Chargeback

•Testing rules on past transactions

•Velocity

•Limits

•Product types

•Traditional attributes

•New attributes

•Social

Rules Time

BehaviourData

Many thanks for your time. Any

questions?

Masha Cilliers has 20+ years experience in

payments from traditional card business to online

and mobile commerce and new digital payment

products

The main area of focus is on Merchants, Payment

Companies and Investors and the area of

expertise are◦ Selecting suppliers and payment products

◦ Payment strategy and ecosystem

◦ Alliances and partnerships

◦ Launching products and markets

@Visa 1993-2003

◦ New Market development

◦ Product marketing, selling and enabling pan regional launch of new payment products (smart cards and VbV)

◦ Designing business models to support new products and building partnerships to support maketwide acceptance

@Microsoft 2003-2008

◦ Innovating with and implementing payment methods to support online products MSN, Xbox, Search etc in over 20 markets

◦ Identifying payment strategy to include alternative and mobile payment instruments, launching mobile operator billing

◦ Working closely with all key providers (Cybersource, First Data, GlobalCollect, BNPP, Citibank, Arvato and more)

@CyberSource 2008-2009

◦ Advising US management on European ecommerce and payment trends, evaluating new payment instruments

◦ Identifying strategic partnerships and key payment products to grow European business

@GlobalCollect 2009-2012

◦ Building and promoting payment portfolios required for international ecommerce business including mobile payments

◦ Part of management team involved in benchmarking and competitor evaluation, working closely with key merchants

◦ Creating partnerships and alliances and building relationships with key ecommerce platforms, mobile payments and banks

@Datacash/MasterCard 2012

◦ New online payment product innovation strategy with UK and European business exposure

◦ Pricing and competitor benchmarking and overall strategy direction for ecommerce growth as part of executive board

@ Payment Options 2012-present

◦ Advising and helping launch new payment products, schemes and start ups

◦ Identifying payment requirements and finding suitable providers for retailers, digital and other merchants

◦ Consulting large payment organisations such as Visa, Vocalink and Barclays on ecommerce and new payments technology

◦ Profiling PSPs and other payment providers for investors, other PSPs and financial institutions

CUSTOMERS

focus on understanding the latest consumer

payment products, their pros and

cons as well as current and future

uptake

MERCHANTS

Fully understanding the digital merchants needs and issues they need to solve

thus helping clients build

products to suit digital merchants

PAYMENT COMPANIES

extensive experience in working with

Payment Systems, Banks, PSPs and

other payment providers both as partners and as

suppliers

PARTNERSHIPS

Understanding the ecosystem and

building alliances with payment

industry intermediaries

PRODUCTS AND MARKETS

Good understanding of

new payment products and innovation,

advising clients how to interpret or

launch new payment products

or markets