Bernardo Lustosa, Ph.D.
You shouldn't be. Here are five reasons why:
1. Being the market leader does not mean you have all of the information available.
Since the days before information technology, fighting fraud and crime has required knowledge of the population and industry transactions or people movements. To avoid illegal immigration for example, travelers have long needed to carry travel documents issued by the nation of which they are citizens - what we now call Passports. Passports register information about the older and the trips he or she has made. All of this is centralized by an information network, normally a government agency in charge of border protection. In Brazil, this is handled by the Federal Police. It is no different when approving credit, where there are databases that list credit restrictions, or when collecting taxes, where the revenue services plays this centralizing and controlling role. A company may have control of their client data, but on its own, it cannot control all population and transaction data. This requires a specific organization, which will always be potentially better informed and detain more knowledge about how to prevent fraud than any single merchant alone, specifically because it uses all of the data it collects for all of its clients in an aggregate manner.
2. A fraudster is a professional criminal
Whenever someone applies to a bank or finance company for a loan, or purchases a post-paid plan from a telco, or makes "Card-Not-Present" (CNP) transaction online, to mention just a few examples, one might wonder if the person using the card is the rightful card owner. Fraud may appear to be a one-off incident, each fraud a stand-alone incident, leading one to think of this as an isolated crime. It is true that there are isolated cases of fraud. However, a true fraudster, the type of criminal who truly causes damage and keeps executives awake at night is not an individual looking for an opportunity to get some sort of advantage by acting in bad faith. Fraud is a profession; fraudsters normally work in network or gang themselves. They know the velocity checks used by company and the ongoing processes. They will repeatedly attack a company with the same data. They will attack a number of merchants sequentially. Once a company has been targeted, it is normally unable to detect these fraud attempts. The job of a prevention network is to watch for such attacks and warn businesses. Alone, businesses cannot observe all ways that information is being used.
3. The data you are trying to protect is the same data the fraudster has in hand
Many companies insist on going it alone, claiming to protect privileged client data. For fraud prevention, the only data that needs to be part of the network is the type of information normally contained in databases. Everyone has seen videos on "Internet Psychics", or googled their own name or address. The amount of data we knowingly or unknowingly place online is impressive. After all, how many spam or phishing e-mails do you get each day? And how did these people get your e-mail? There are hundreds of companies selling prospecting lists and databases with consumer information. In today's world, it would be unrealistic to think that the type of information we use for registration is confidential. Bank and credit card information on the other hand, should be confidential. However, identity theft does not require this data.
4. As member of a network, the cost to make a decision is smaller, and the accuracy is greater
Companies that have not joined a network are aware of only a small fraction of the population and its behavior. Thus, the cost to decide whether or not to approve a customer transaction is much larger. It requires personal contact, collecting and storing signatures (for the most part useless), storing paper and training staff in security procedures. No matter how much is invested in artificial intelligence and data mining, not having all of the data available about the market detracts from the accuracy of these techniques. The power to automatically approve transactions of a prevention network will always be larger than that of a company that decides to go it alone.
5. Fraud prevention is not a competitive advantage
Fraud is in fact a crime. Corruption is a crime. Theft is a crime. Just as it is no competitive advantage to have your business located in a safer part of town, so you less subject to robbery, being a less frequent victim of fraud is not a competitive advantage. This is thinking small. It is analogous to a country trying to capture market share from a competing nation by increasing the amount of corruption in that country. It might even work, but that is not how ethical business is conducted. There are numerous ways to develop a competitive edge. However, fraud prevention is crime prevention. It is protecting the common good.
