Retail Technology Show report: Navigating evolving payment fraud with aligned tech, machine learning and co-operation

“We want a low block rate and high acceptance rate,” said John Low, Group Head of Digital Risk at Frasers Group, during an anti-fraud presentation at Retail Technology Show 2023 on 27th April. “It is achievable with machine learning (ML).” 

ML is “the best line of defence” against fraudsters, said Low, on the second day of Retail Technology Show 2023 in the payments conference stream in Theatre B.

“But you need the right technology stack overall as well. We’ve got various payment and fraud software solutions from different vendors in our stack.”

In addition, you must align your defence with acquirers, payment gateway systems, partners and so on. 

“If you’ve got high fraud – you shouldn’t! It’s not difficult to stop with modern systems,” said Low, as he admonished those with lesser anti-fraud defences than Fraser Group and encouraged them to do better by studying best practice and co-operating more actively.

This includes banks, card operators and other players in the payments ecosystem. 

False positives – sometimes emanating from banks – incorrectly block payments, and as Low candidly admitted at Retail Technology Show 2023: “Our primary goal as a retailer is of course to take revenue.”

Getting this balance right is never easy for any retailer and is always prevalent during any fraud debate. Alignment and correctly implementing systems appropriate to the end user environment are the other key defence elements.  

“The ML model we use for our Sports Direct brand is good, for instance, but it doesn’t work for all of our other brands,” said Low, citing the Fraser Group’s, Sofa.com, Flannels, House of Fraser, and other such famous UK brand names in its portfolio.

Each brand has its own anti-fraud peculiarities. “That is why we’ve 12 ML models,” explained Low, “to cater for our differing customer bases and so on”.

“Each brand specific ML model evolves and learns from itself, so it’s always changing [to combat ever changing fraud attack vectors -Ed.]. That is the beauty of ML, its continuing learning capability.”  

 The artificial intelligence (AI) inspired ML deployments at Fraser Group can spot patterns to anticipate and mitigate bad actors or quarantine suspicious transactions.

The crucial thing is to align it with the retailer’s supporting compliance checklists, integration tools, pattern-spotting behavioural software and so on, in order to best protect the firm and its customers.

Fraser Group’s ML usage is supported by 35 rules, which complement and support each other, and ensure there is always a ‘human-in-the-loop’ that is in control. The ML rules are there for: 

• Policy reasons: to ensure appropriate oversight. 

• And operational control: Occasionally you might need to nudge the ML in the right direction to mitigate emerging threats.

“If a retailer does a promotion, for instance, you can change a rule, so that the ML model expects higher volumes – and fraud attempts, perhaps in specific areas” said Maxime Colas, Director of Sales at Checkout.com, a FinTech online payment provider and fellow participant in the conference session.

A retailer might also want to set some guidelines to try to mitigate charge back liabilities from first party fraud. This is where bad actors falsely try to make out that they have made a purchase, or haven’t had an order delivered, in order to obtain refunds unjustly.

Challenging banks or card operators activating refunds without good evidence can be risky, however, and isn’t good from a customer experience (CX) point of view. “But if you do it just enough to make fraudsters go elsewhere, then it may be worth it,” said Low. 

Data centric operations  

“Data is a key tool in the fight against fraud as well,” Colas commented.

“A retailer must be able to get it from any ML models they’re using and to access data from any partners they are working with [in the banking, card, online or app world].”

Data can retrospectively be used to work out why a transaction, or a user, was blocked. This can be used to introduce learnings into the organisation and into its systems.”

“Data doesn’t just reside in the pre-payment arena. It can be post-deployed to better support policy decisions in the future, as well as operational or transactional investigations.

“You might want to do a manual review of your systems as well – no matter how much you trust your machines, in which case you’ll need good data access and control,” added Colas.

Colas went on to outline the rising threat vectors that the retail, payments and indeed connected banking sector is facing from:  

• Data breaches,

• Phishing,

• Password sharing,

• Buy now pay later (BNPL) attacks and so forth.

The anti-fraud efforts debated at Retail Technology Show this year are necessary because $206 billion worth of fraud is being predicted by Checkout.com by 2025 due to the proliferation of threats and “simply because of the present [tough] economic climate,” said Colas.  

History tells us that when there is a cost-of-living crisis, war, and a downturn then fraud levels rise. Retailers must be prepared for this. With the right technology stack and appropriate control measures, co-operation and good data oversight they can be. 

About the author

Neil Ainger is a hugely experienced freelance business and technology journalist. Further details here.