Interview with a ClearSale Fraud Analyst - Antonio Gonzalez
ClearSale Fraud Analyst Antonio Gonzalez helps e-commerce merchants around the world prevent e-commerce fraud, recover their losses and improve their customer experience by approving more legitimate orders and preventing false declines.
Before joining ClearSale in 2018, Antonio served as a fraud analyst at Tracfone Wireless and as a compliance analyst for two other U.S. companies.
We asked Antonio for his opinion on emerging fraud trends and how merchants can better protect themselves. Here’s the insight he offered.
Q: What’s your role as a ClearSale fraud analyst?
Antonio: I monitor real-time queues to identify high-risk transactions within my clients’ business portfolios. I’m also in constant contact with my clients to provide extra information about our transaction decisions and to share with them the metrics, specific attacks and trends we’re observing through our analysis.
Q: What’s the most challenging part of your job?
Antonio: Getting used to the specific requirements of each client and company we work with. We work in many different markets, with companies located in different countries and with companies selling a wide variety of products. That means we encounter and must track a range of fraud trends, and we must keep in mind different logistical processes with each of these clients. But it’s this customized approach that helps our clients see results.
Q: What’s your favorite part of being a fraud analyst?
Antonio: My favorite part is the data analysis we do after the data is collected and cleaned. We look at a large number of transactions — analyzing patterns and making statistical analysis — to identify new fraud trends.
Q: What part of your job do you find most rewarding?
Antonio: It’s definitely seeing the positive impact our results can make even shortly after welcoming new clients and companies to the ClearSale family. Because we’re dealing daily with their transactions and we’re making decisions to positively impact their experience, seeing the clear improvements on clients’ metrics is very rewarding. We love knowing that our clients are happy with our services.
Q: What are some common fraud problems that you and other analysts see?
Antonio: Every day, we encounter many fraud patterns and trends. Some are clear examples of intentional fraud, but others aren’t so clear. With the latter, we explore every possibility before we suspend a transaction.
One of the most delicate stages in our analysis is when we contact the “customer” to confirm the transaction but already have information that indicates the transaction is fraudulent. In these cases, we must make a balanced decision based on the information we already have and what we gather during the verification call.
Another common problem we encounter is being unable to match transaction information with the customer in question. Sometimes, customers live in countries where available information is limited or restricted, making it harder to verify whether the information customers provide on these transactions is authentic.
Q: Can you give examples of some of the more common patterns and trends you’re seeing?
Antonio: Here are just a few of the most general patterns and trends we encounter:
- Full account takeovers. When a fraudster has access to all of a customer’s information, they can create nearly perfect transactions that can be very hard to identify as fraudulent.
- Friendly fraud. We continue to see instances of customers intentionally creating chargeback claims under false premises (e.g., claiming an item wasn’t delivered, telling their financial institution they returned the item but the refund was never received, claiming the purchased item doesn’t match the online description).
- High velocity. Fraudsters often make high-risk and high-velocity transactions under common metrics.
- IP address/subnet recurrence. This happens when fraudsters create multiple transactions using different identities while morphing the IP address, but it’s under the same subnet. That prevents a fraud prevention solution from recognizing the transaction as fraudulent.
- IP address matches the shipping location. Sometimes we encounter high-risk transactions in which the IP address matches the shipping location and not the billing address.
- VPNs or proxies. Fraudsters often mask their IP addresses, but using a VPN doesn’t always indicate fraud. Sometimes, customers from other countries must use VPNs to access specific websites.
- Low-value orders. Sometimes, fraudsters gain a merchant’s trust by making several “legitimate” low-value transactions before launching a full-scale fraud attack.
- High-risk email addresses. Here, fraudsters use emails without any history. But even if the email address does have a history, the structure of the email address influences our decision. Random-sounding email addresses through free providers — like firstname.lastname@example.org — can indicate fraud.
- Shipping address changes. We sometimes suspect fraud when customers change the shipping address after the transaction is approved. Fraudsters often initially use the authentic address of the cardholder and then change the shipping address to the location where they want to receive the product.
Of course, none of these metrics are 100% definitive. Some transactions look fraudulent, but upon closer inspection, they’re actually legitimate. It’s these cases where the review of an analyst plays a pivotal role — analyzing the big picture and identifying whether the order is fraudulent or authentic. At ClearSale, we often encounter cases in which the transaction in question seems suspicious, but after digging deeper, we learn that many are authentic.
Q: What solutions do you put in place to solve these problems?
Antonio: We maintain a constant feedback process with all our teams. We work with the Operations Team to ensure all our analysts have updated information about specific attacks and patterns that we encounter through our analysis. We also share with them the positive metrics we identify so we can avoid false declines.
Our Analytics Team plays a big part, because the rules and strategies they implement based on their observation play a big part in our analysis.
Then there are the software developers. Our constant contact with them means they can continually improve our platforms based on the needs that may arise.
The communication amongst all these departments is fundamental in our feedback loop for facilitating a positive impact on our results. We constantly communicate changes and new information discovered with our merchants, so the whole company can be aware of our findings and the solutions we put in place.
Q: What fraud or fraud prevention trends do you see on the horizon?
Antonio: It’s always difficult to predict what kind of fraud patterns awaits us. It’s very likely that as information becomes more digitized, fraudsters will have increased access to people’s private data — especially if governments and agencies fail to create strong, trusted identity management solutions and merchants use fraud prevention systems based solely on machine learning. The result will likely be increased identity theft, followed by an increase in account takeovers. The number of companies facing this challenge is rising, and, in my opinion, it’s a difficult challenge to overcome.
Shared intelligence is another approach that could become important in fraud detection. This strategy lets payment platforms and banks share real-time information on specific patterns and fraud trends to reduce their effectiveness rate.
Q: What do you wish your customers knew about e-commerce fraud?
Antonio: Merchants sometimes struggle with deciding whether to suspend a high-value order. That’s completely understandable. These transactions represent high profits for them, so it’s an important decision. Because these merchants aren’t seeing — or dealing with — fraud patterns on a daily basis, they may not understand which patterns or metrics present in specific transactions are important and which ones aren’t.
So sometimes, the client decides to process a high-risk, high-value transaction that we had suspended. Then within months or days, this transaction ends up returning as a chargeback, confirming our suspicions. The client then better understands the reasons for our initial decision.
Q: What three things should merchants do today to reduce their risk of fraud and false declines?
Antonio: Here are the three things I’d encourage merchants to do right now:
- Use machine learning algorithms and rules to fight fraud, but also incorporate manual reviewers in their fraud detection processes. I think this is one of the most important and necessary steps to reduce the risk of fraud and the number of false declines.
- Save all the transactional data they’ve accrued — no matter how old it is. Merchants should then share this data with their fraud detection solution. Doing so gives the solution a better view of the fraud patterns the merchant has experienced, and it also gives the positive history data, which is very useful for the analysis.
- Follow the suggestions of their fraud prevention solution. It sounds logical enough, but sometimes merchants decide to process orders that were previously suspended by their fraud solution. This not only generates a fraudulent transaction, but it also increases the chance of future fraud attacks at the hands of criminals. Fraudsters are constantly looking for the most susceptible merchants, and they share this information among themselves.
Processing suspended orders could also ultimately increase false declines. Some fraud solutions dramatically reduce approval rates when a merchant experiences massive attacks, and the increased skepticism about the legitimacy of transactions can result in good transactions being declined.
If you’re interested in learning more about why companies around the world rely on ClearSale to reduce fraud and false declines while increasing sales, revenue and customer satisfaction, contact us today. We’ll be happy to show you how our unique combination of big data analytics, statistical intelligence, human capital and innovative technologies can work for you.