Fraud is a multi-headed beast, capable of taking on a variety of different forms to inflict real and lasting damage to your business and users.
Identity theft, account creation fraud, marketplace fraud, account takeover fraud (ATO), and synthetic fraud are just a few examples; each works slightly differently and takes advantage of slightly different mechanisms or vulnerabilities in order to thrive.
Automated fraud detection techniques, such as link analysis, device fingerprinting and browser fingerprinting, and various forms of automated identity verification can all lead to faster, easier, and less resource-intensive fraud detection compared to manual methods. They’re faster than manual review, remove a lot of human error from the verification process, and make it possible for small and big businesses alike to scale their fraud and compliance efforts while minimizing labor costs.
In other words, automation is an incredibly powerful tool. But this doesn’t mean it does not have limitations.
While it may be possible to completely automate your business’s fraud detection processes, it shouldn’t necessarily be your goal to do so. In many cases, the best path forward is actually to embrace partial automation.
Below, we highlight the opportunities that become available when you decide to augment your automations with robust manual review capabilities, and offer guidance you can use as you begin thinking about your business’s fraud detection capabilities.
Why 100% automation may not help you reach your goals
In order to take advantage of the benefits offered by automation, you need to leverage automation properly — or else you may run into some issues.
The primary issues? A potential reduction in accuracy and conversions caused by false positives and false negatives, respectively.
A false positive refers to a situation in which a bad actor passes an identity check and is allowed to open an account or complete an action or transaction even though they aren’t who they say they are. False positives lower your accuracy rates, damage customer trust in your business, and may even lead to regulatory action against your business.
Completely automating your fraud detection efforts makes you vulnerable to spoofing techniques that are specifically designed to fool automated systems, such as deepfakes and face masks.
A false negative, on the other hand, refers to a situation in which an individual fails an identity check even though they are being truthful about their identity — preventing them from opening an account or leveraging the services they are trying to use. False negatives can lower your conversion rates and may even drive potential users into the arms of your competitors.
When you completely automate your fraud detection efforts, you may see an increase in false negatives, especially when that automation is paired with strict or rigid logic and rules. Innocent errors, such as a blurry photo, poor lighting, or a finger blocking a camera (or important piece of data in a scanned ID) can all trigger a false negative in such a scenario, leading to frustrating customer experiences that impact conversion and lead to lost business revenue.
With these limitations in mind, most businesses can build a more resilient fraud detection system by pairing automation with manual review.
How including manual review can enhance your automations
Manual review and automatic fraud detection are complementary to one another — each method has slightly different strengths and weaknesses. By pairing both together — instead of striving for a system that is either 100% manual or 100% automated — it’s possible to build a robust fraud detection infrastructure for your business.
Below are some of the ways adding manual review into the mix can help.
1. Increase edge case conversion and reduce unnecessary auto-declines.
When businesses embrace a fraud detection strategy that is 100% automated, it can potentially result in very strict, rigid, and unforgiving logic that is designed to filter out the maximum amount of fraud (or potential fraud) possible. After all, it’s better to be safe than sorry, right?
But overly-rigid rules often can’t account for user error and other scenarios that might flag a good actor as a bad actor. This means a legitimate user who takes a blurry photo of their ID or who captures a photo in a low-light environment (among so many other possibilities) as they make their way through your verification flow could be auto-declined — frustrating the user and decreasing your conversion rates.
By comparison, imagine a verification flow in which questionable submissions are flagged for manual review instead of being auto-declined. Through this manual review process, a member of your fraud team might ask the user to resubmit a photo or follow up with additional documentation — giving them a second attempt to convert.
Sure, this might add time to the verification process and frustrate some users, but it’s a vastly better experience than being wrongfully rejected with no explanation as to why. It also offers your users the opportunity to interact with a member of your team, who can answer questions and clarify any confusion the user might have.
The result? Fewer false negatives, higher conversions, and a better user experience.
2. Increase accuracy rates and catch more fraud.
As mentioned above, automated fraud detection can be very effective. But computer vision, however impressive it may be, has not yet matched the capabilities of the human eye — and that means that there are some fraud patterns that the human eye is better suited at identifying.
The good news is that layering a manual review, conducted by a human being, on top of any automated efforts can give you higher assurance and understanding of emergent fraud trends, helping you identify hard-to-catch patterns.
How this works in practice would depend largely on your preferences and the size of your team. If your business operates within a high-risk market or a highly regulated industry, and you do not see high volumes, you might decide that all verifications need a final manual review before signoff. Alternatively, you might choose to leverage manual review only in cases where your automated processes detect certain high-risk signals.
3. Identify emerging fraud patterns more quickly.
Automated fraud detection is only as good as the underlying logic and rules that guide it. It’s this logic — and the patterns that inform this logic — that allow your automated efforts to identify bad actors and questionable users.
Of course, fraud patterns are not static. They are constantly evolving as fraudsters take advantage of new technologies and vulnerabilities, develop new techniques, and simply become more difficult to detect.
While automated systems can pick up on these emerging patterns, it typically takes a large amount of data for them to be able to do so. A manual review team, by comparison, can help you pick up on additional patterns more quickly — which allows you to update your risk signals and, subsequently, the logic and rules guiding your automations.
4. Leverage collaboration across your team.
When fraud detection is fully automated, there is little room for nuance, which makes complex identity cases difficult to identify. And because they often go unnoticed, they become a missed learning opportunity for your fraud team and your organization as a whole.
When manual review is layered on top of automated fraud detection, it increases the chances that you’ll be able to identify these more nuanced cases. Individuals that come across new edge cases can collaborate with teammates to come to a more accurate result, and then document and share those findings with new and existing team members.
Increased collaboration leads to an increase in understanding — understanding that can be used to identify new fraud patterns (as noted above) and feed back into your automations for more accurate results.
5. Get started faster.
An effective automated fraud detection system takes time and expertise to build. Workflows and verification flows must be considered; logic must be established; and rules must be written to guide the system.
In most cases, this logic and these rules must be adjusted and refined over time until they are operating at peak performance — and even then, additional refinements will likely be necessary as new fraud patterns are identified (as discussed above).
Incorporating manual review into your fraud detection processes allows you to get started sooner — before all the kinks have been worked out of your automation efforts. Likewise, it empowers your team to offer suggestions, based on their own experience and observations, that can be used to optimize your automations.
In most cases, 100% automation shouldn’t be the goal
Here at Persona, we often see businesses looking to completely automate their fraud detection processes. And it’s understandable: with high volumes of inquiries coming in and not enough resources to handle them, full automation is tempting.
But as discussed above, while automation offers a number of benefits such as greater speed and lower labor costs, full automation can bring unintended consequences. With this in mind, most businesses will find that their best path forward is to supplement automation by layering manual review on top of their automation efforts.
Persona’s manual review tool, Cases, is built to help you manage outlier identity cases, empowering your team to take a second look and investigate any exceptions detected by your automated processes.
Our philosophy is that conducting a manual review is best meant for complex cases, so we’ll work with you to automate as much as possible while optimizing for accurate decision-making for situations where human decision-making is necessary.
Interested in learning more? Get a demo today.