Myth Busting: You need scores or reason codes for transparency

The discipline of fraud prevention has changed dramatically over the past five years and continues to evolve rapidly. Consequently, former truths about fraud prevention are increasingly becoming outdated myths. In this series of posts, we’re tackling the four most widely circulated myths. Check out the other three parts on fraud insurance, manual overviews and chargeback guarantees.

In this post, the myth we’ll tackle is that a fraud prevention solution has to provide scores or reason codes to be considered transparent. There are (at least) two reasons why the stated need for scores or reason codes is a myth:

Artificial intelligence and machine learning are more complex than reason codes

In fraud prevention, there’s a fallacy around transparency. Some vendors shout about their transparency and point to a simple set of reason codes as proof that they can help you understand the reason for every decision they make. But a simple set of reason codes isn’t a feature; it’s a bug.

A simple set of reason codes is the result of simplistic technology — typically a rules-based system that can produce only a limited number of outcomes or a rudimentary use of machine learning. But the truth is that fraudsters are increasingly sophisticated; their behaviors cannot be boiled down to reason codes such as “Address mismatch” or “Unrecognized IP.”

» Related: Read our eBook on the difference between rules-based systems and machine learning

That’s why leaders are turning to advanced machine learning and artificial intelligence. For example, Forter’s Identity Protection solution looks at up to 7,000 attributes for every online identity we assess — surfacing patterns across time and seeing (even loose) connections between identities in our vast dataset. 

Consider a known identity making a purchase from a new device at a Chicago IP address, via a French-language browser, with a shipping address in Belgium. Red flags everywhere, right? What if artificial intelligence can determine that the online identity is completing an order for their maternal grandmother while she is visiting them at their home in Chicago. Approval is the right decision, but how do you boil that down to a reason code? And why would you even need a reason code? You can drill into the details of any decision when an investigation is necessary.

The simpler the set of reason codes, the more susceptible the solution

Let’s give fraudsters credit. They are professionals and, as noted above, are growing ever more sophisticated in their technology adoption. So, if your fraud prevention solution can be distilled down to a score or a handful of reason codes, fraudsters can reverse engineer the outcomes they want — manipulating the right attributes to affect their score or avoid a predictable reason code.

But AI and machine learning can be used to stay ahead of fraudsters. Together, these technologies can address known and unknown forms of fraud. How do you address unknown fraud, you ask? AI and machine learning see patterns, and by surfacing those patterns, they can pinpoint a fraud ring, a blunt force attack, or new bot behavior.

Third-party datasets do not facilitate transparency

There’s another reason some vendors distill their assessments down to scores and reason codes — that’s all their dataset will allow. For example, one of the vendors in the market knits together data from ThreatMetrix, Tower Data, Emailage, and more — using the total to inform their decisions. Pulling in all this third-party data creates problems; for example, third parties may have conflicting data about an identity that is hard to reconcile, and pulling sources together can prolong decision times. And sometimes, these vendors have to obscure data and take shortcuts. Ironically, these vendors are not very transparent about their dependencies on third-party data sources.

Forter has a massive first-party dataset — we know more online identities than Amazon, PayPal, or Shopify — so we have no dependencies on third-party data to make decisions. That means that when you want to drill into the data behind a given transaction, you can see it all in our portal — we put it all at your fingertips.

Summary

Look, we’ll be the first to say that transparency matters. But there’s irony in how we talk about transparency. When other vendors talk about transparency, they point at simplistic scores and reason codes to justify dated technology. When we talk about transparency, we’re focused on surfacing patterns that AI and machine learning can see, but humans cannot. Ultimately, this provides the Fraud team with better decisions and better data so they can better focus their own efforts.