Ongoing Corona Crisis have led to a spike in the number of fraudulent transactions and cybercriminals nowadays are sitting tight to exploit the new avenues. Reports spurred in showing the increasing curve of the fraud attacks and how even AI and ML technologies alone are proving ineffective against them. Ecommerce has been the major target, apart from the prevalent areas of cards and user accounts.
Pandemic has unfortunately led to increased “Delivery Attacks” that target the BOPIS segment, (Buy Online, Pickup In Store) as customers and merchants both try to accommodate with the needed social distancing norms. The prime vulnerability in the BOPIS segment is the end delivery point, since there have observed inconsistencies in verifying the information against who has purchased the commodities. Frauds as such are on the rise in regions that are still under lockdown. Mobile orders have seen as prime victims in the increasing rise of account takeover attacks
Fraudsters have been using multiple attack vectors to hamper the security overtime. While initial activities involved were meant for information gathering, actors have stepped up and started verifying the compromised credentials as valid. News accounts are made and kept dormant with the merchants and overtime create an illusion of being a longtime customer. They make them fall under the category of more relaxed fraud strategies, trying to build trust and credibility, which actually makes it difficult for the analysts to differentiate it from genuine accounts.
These observations spotlights the fact that how organized and sophisticated the fraud regines are and while the world is dealing with the pandemic, new actors are on the rise to make a quick buck even in these situations and considering the ongoing situations the fraud activities can only be expected to rise since the world and economy has shifted online for a major portion of their operations.
AI and ML in fraud mitigation.
Adaptation of AI based anti-fraud systems have increased, but it has also been observed that technology alone cannot be relied on against payment frauds. In times where the customer buying pattern changes rapidly, it is difficult to stick on one logic or strategy.
Let's take a look at the travel industry, normally the last minute purchase of a one way ticket is flagged as high risk, but the COVID-19 showcased the surge in the purchase of tickets at that particular time even before restrictions took effect. The increasing activities of using Amazon vouchers and other gift cards which are cash redeemable.
These incidents have mirrored the need of a multi layered fighting approach which the technologies are clubbed with a rule-based strategy. Since AL and ML require established pattern recognition to detect fraudulent transactions, a rule based strategy enables the business to set the context and define parameters. Relying alone on the ‘black box’ of an AI / ML technology can be dangerous, we require an explanatory and context based approach or XAI the upcoming generation of AI models.