Three Core Considerations for Evaluating Model-Based Fraud Scoring Providers

By: Justin McDonald


A recent white paper from the Fraud Practice emphasized the significance of having a risk management strategy that can evolve with changing fraud and consumer trends as well as support omni-channel or Unified Commerce. While model-based solutions typically fare better than rule-based systems when it comes to maintaining effective risk management in the face of dynamic fraud trends, not all model-based solutions are created equal.


Whether in the market to move from legacy fraud prevention systems to a model-based strategy or looking to assess a current modeling-based solution provider, organizations should consider the following factors when evaluating the capabilities and strengths of prospective or incumbent model-based fraud scoring providers.



What Point Tools and Technology Tools are Included?


Model-based risk scoring models guide us towards making very important decisions: do we accept, reject or escalate a given transaction? That direction or recommendation is based on the presence of thousands of individual signals. For any given transaction, there will be signals that are very meaningful, somewhat meaningful or nearly meaningless when it comes to how much that signal influences the recommended decision regarding a given transaction attempt. The more signals that are cultivated, the more likely there are to be meaningful risk signals, but the quality of risk signals is important as well. It is important to understand the multitude of signals a model-based fraud scoring provider can identify and use to facilitate risk management decision making, considering prospective vendors’ relative strengths in terms of the quantity and quality of risk signals available for their models to leverage. One of the appealing aspects of utilizing a model-based fraud scoring provider is the fact that many point tools, technology tools and signals are all included. Organizations that develop and manage their own custom models have to use a multitude of third party providers to derive signals, such as device fingerprinting and consumer identity data, which organizations typically cannot build in-house.


One of the values of model-based fraud scoring is that these various point tools and technologies are included with their services, both simplifying and reducing third party vendor costs for the merchant. Not all model-based fraud scoring providers are created equal in this regard, as each has their own vendor partnerships and homegrown tools or technology that feed and impact the accuracy of their models.


In general, the more signals the better, but quality of the signal has to be addressed as well. Two great examples for considering the quality of a risk signal are device identification and data sharing components.


Device identification needs to continue to recognize end users even as they intentionally try to morph their device and appear to be someone new. This return user recognition may include the use of behavioral characteristics as well. Device ID is a very strong anchor point for velocity checks, which can in turn be a very strong signal for catching morphing fraud schemes. However, a modeling feature or risk signal around the device fingerprint is only as strong as the ability to continually recognize the return device or end user. When one provider has a stronger or more reliable and accurate underlying device or behavioral identification technology, all modeling features utilizing device ID are stronger as well.


Data sharing modeling features are also a consideration, which should include cross-merchant velocities beyond just shared negative lists. Data sharing assets are another strength of model-based fraud scoring providers in general. Merchants can benefit from the fact that a nefarious end user has had irregular or high volume activity across a third party provider’s network, stopping that user even though it is the first time the merchant has seen this bad actor directly. Different model-based fraud scoring providers will have varying strengths when it comes to data sharing based on two primary factors: breadth of data and the number of modeling features leveraging data sharing assets. Breadth of data refers to the network effect or the fact that the more clients a vendor has participating in the data sharing pool, the more likely all merchants are to see a valuable high risk signal. The number of modeling features utilizing data assets includes the number of shared velocity of use, shared velocity of change and shared negative list features that are leveraged within the fraud scoring model.



Assessing Their Level of Expertise