Bottom Line: Redefining the future of fraud prevention starts by turning trust into an accelerator across every aspect of customer lifecycles, basing transactions on identity trust that leads to less friction and improved customer experiences.
Start By Turning Trust Into A Sales & Customer Experience Accelerator
AI and machine learning are proving to be very effective at finding anomalies in transactions and scoring, which are potentially the most fraudulent. Any suspicious transaction attempt leads to more work for buying customers to prove they are trustworthy. For banks, e-commerce sites, financial institutes, restaurants, retailers and many other online businesses, this regularly causes them to lose customers when a legitimate purchase is being made, and trusted customer is asked to verify their identity. Or worse, a false positive that turns away a good customer all together damages both that experience and brand reputation.
There’s a better way to solve the dilemma of deciding which transactions to accept or not. And it needs to start with finding a new way to establish identity trust so businesses can deliver better user experiences. Kount’s approach of using their Real-Time Identity Trust Network to calculate Identity Trust Levels in milliseconds reduces friction, blocks fraud, and delivers an improved user experience. Kount is capitalizing on their database that includes more than a decade of trust and fraud signals built across industries, geographies, and 32 billion annual interactions, combined with expertise in AI and machine learning to turn trust into a sales and customer experience multiplier.
How Real-Time AI Linking Leads To Real-Time Identity Trust Decisions
Design In Identity Trust So It’s The Foundation of Customer Experience
From an engineering and product design standpoint, the majority of fraud prevention providers are looking to make incremental gains in risk scoring to improve customer experiences. None, with the exception of Kount, are looking at the problem from a completely different perspective, which is how to quantify and scale identity trust. Kount’s engineering, product development, and product management teams are concentrating on how to use their AI and machine learning expertise to quantify real-time identity trust scores that drive better customer experiences across the spectrum of trust. The graphic below illustrates how Kount defines more personalized user experiences, which is indispensable in turning trust into an accelerator.
An Overview of Kount’s Technology Stack
Realize Trust Is the Most Powerful Revenue Multiplier There Is
Based on my conversations with several fraud prevention providers, they all agree that trust is the most powerful accelerator there is to reducing false positives, friction in transactions, and improving customer experiences. They all agree trust is the most powerful revenue multiplier they can deliver to their customers, helping them reduce fraud and increase sales. The challenge they all face is quantifying identity trust across the wide spectrum of transactions their customers need to fulfill every day.
Kount has taken a unique approach to identity trust that puts the customer at the center of the transactions, not just their transactions’ risk score. By capitalizing on the insights gained from their Identity Trust Global Network, Kount can use AI and machine learning algorithms to deliver personalized responses to transaction requests in milliseconds. Using both unsupervised and supervised machine learning algorithms and techniques, Kount can learn from every customer interaction, gaining new insights into how to fine-tune identity trust for every customer’s transaction.
In choosing to go in the direction of identity trust in its product strategy, Kount put user experiences at the core of their platform strategy. By combining adaptive fraud protection, personalized user experience, and advanced analytics, Kount can create a continuously learning system with the goal of fine-tuning identity trust for every transaction their customers receive. The following graphic explains their approach for bringing identity trust into the center of their platform:
Putting Customers & Their Experiences First Is Integral To Succeeding With Identity Trust
Improving customer experiences needs to be the cornerstone that drives all fraud prevention product and services road maps in 2020 and beyond. And while all fraud prevention providers are looking at how to reduce friction and improve customer experiences with fraud scoring AI-based techniques, their architectures and approaches aren’t going in the direction of identity trust. Kount’s approach is, and it’s noteworthy because it puts customer experiences at the center of their platform. How to redefine the future of fraud prevention needs to start by turning trust into a sales and customer experience accelerator, followed by designing in identity trust. Hence, it’s the foundation of all customer experiences. By combining the power of networked data and adaptive AI and machine learning, more digital businesses can turn trust into a revenue and customer experience multiplier.
Worldwide spending on information security and risk management systems will reach $131B in 2020, increasing to $174B in 2022 approximately $50B will be dedicated to protecting the endpoint according to Gartner’s latest Information Security and Risk Management forecast.
AI, Machine Learning And The Race To Improve Cybersecurity
The majority of Information Security teams’ cybersecurity analysts are overwhelmed today analyzing security logs, thwarting breach attempts, investigating potential fraud incidents and more. 69% of senior executives believe AI and machine learning are necessary to respond to cyberattacks according to the Capgemini study, Reinventing Cybersecurity with Artificial Intelligence. The following graphic compares the percentage of organizations by industry who are relying on AI to improve their cybersecurity. 80% of telecommunications executives believe their organization would not be able to respond to cyberattacks without AI, with the average being 69% of all enterprises across seven industries.
The bottom line is all organizations have an urgent need to improve endpoint security and resilience, protect privileged access credentials, reduce fraudulent transactions, and secure every mobile device applying Zero Trust principles. Many are relying on AI and machine learning to determine if login and resource requests are legitimate or not based on past behavioral and system use patterns. Several of the top ten companies to watch take into account a diverse series of indicators to determine if a login attempt, transaction, or system resource request is legitimate or not. They’re able to assign a single score to a specific event and predict if it’s legitimate or not. Kount’sOmniscore is an example of how AI and ML are providing fraud analysts with insights needed to reduce false positives and improve customer buying experiences while thwarting fraud.
The following are the top ten cybersecurity companies to watch in 2020:
Absolute – Absolute serves as the industry benchmark for endpoint resilience, visibility and control. Embedded in over a half-billion devices, the company enables more than 12,000 customers with self-healing endpoint security, always-connected visibility into their devices, data, users, and applications – whether endpoints are on or off the corporate network – and the ultimate level of control and confidence required for the modern enterprise.
To thwart attackers, organizations continue to layer on security controls — Gartner estimates that more than $174B will be spent on security by 2022, and of that approximately $50B will be dedicated protecting the endpoint. Absolute’s Endpoint Security Trends Report finds that in spite of the astronomical investments being made, 100 percent of endpoint controls eventually fail and more than one in three endpoints are unprotected at any given time. All of this has IT and security administrators grappling with increasing complexity and risk levels, while also facing mounting pressure to ensure endpoint controls maintain integrity, availability and functionality at all times, and deliver their intended value.
Organizations need complete visibility and real-time insights in order to pinpoint the dark endpoints, identify what’s broken and where gaps exist, as well as respond and take action quickly. Absolute mitigates this universal law of security decay and empowers organizations to build an enterprise security approach that is intelligent, adaptive and self-healing. Rather than perpetuating a false sense of security, Absolute provides a single source of truth and the diamond image of resilience for endpoints.
Centrify – Centrify is redefining the legacy approach to Privileged Access Management (PAM) with an Identity-Centric approach based on Zero Trust principles. Centrify’s 15-year history began in Active Directory (AD) bridging, and it was the first vendor to join UNIX and Linux systems with Active Directory, allowing for easy management of privileged identities across a heterogeneous environment. It then extended these capabilities to systems being hosted in IaaS environments like AWS and Microsoft Azure, and offered the industry’s first PAM-as-a-Service, which continues to be the only offering in the market with a true multi-tenant, cloud architecture. Applying its deep expertise in infrastructure allowed Centrify to redefine the legacy approach to PAM and introduce a server’s capability to self-defend against cyber threats across the ever-expanding modern enterprise infrastructure.
Centrify Identity-Centric PAM establishes a root of trust for critical enterprise resources, and then grants least privilege access by verifying who is requesting access, the context of the request, and the risk of the access environment. By implementing least privilege access, Centrify minimizes the attack surface, improves audit and compliance visibility, and reduces risk, complexity, and costs for the modern, hybrid enterprise. Over half of the Fortune 100, the world’s largest financial institutions, intelligence agencies, and critical infrastructure companies, all trust Centrify to stop the leading cause of breaches – privileged credential abuse.
Research firm Gartner predicts that by 2021, approximately 75% of large enterprises will utilize privileged access management products, up from approximately 50% in 2018 in their Forecast Analysis: Information Security and Risk Management, Worldwide, 4Q18 Update published March 29, 2019 (client access reqd). This is not surprising, considering that according to an estimate by Forrester Research, 80% of today’s breaches are caused by weak, default, stolen, or otherwise compromised privileged credentials.
Deep Instinct – Deep Instinct applies artificial intelligence’s deep learning to cybersecurity. Leveraging deep learning’s predictive capabilities, Deep Instinct’s on-device solution protects against zero-day threats and APT attacks with unmatched accuracy. Deep Instinct safeguards the enterprise’s endpoints and/or any mobile devices against any threat, on any infrastructure, whether or not connected to the network or to the Internet. By applying deep learning technology to cybersecurity, enterprises can now gain unmatched protection against unknown and evasive cyber-attacks from any source. Deep Instinct brings a completely new approach to cybersecurity enabling cyber-attacks to be identified and blocked in real-time before any harm can occur. Deep Instinct USA is headquartered in San Francisco, CA and Deep Instinct Israel is headquartered in Tel Aviv, Israel.
Infoblox – Infoblox empowers organizations to bring next-level simplicity, security, reliability and automation to traditional networks and digital transformations, such as SD-WAN, hybrid cloud and IoT. Combining next-level simplicity, security, reliability, and automation, Infoblox can cut manual tasks by 70% and make organizations’ threat analysts 3x more productive.
While their history is in DDI devices, they are succeeding in providing DDI and network security services on an as-a-service (-aaS) basis. Their BloxOne DDI application, built on their BloxOne cloud-native platform, helps enable IT professionals to manage their networks, whether they’re based on on-prem, cloud-based, or hybrid architectures. BloxOne Threat Defense application leverages the data provided by DDI to monitor network traffic, proactively identify threats, and quickly inform security systems and network managers of breaches, working with the existing security stack to identify and mitigate security threats quickly, automatically, and more efficiently. The BloxOne platform provides a secure, integrated platform for centralizing the management of identity data and services across the network. A recognized industry leader, Infoblox has a 52% market share in the DDI networking market comprised of 8,000 customers, including 59% of the Fortune 1000 and 58% of the Forbes 2000.
Kount – Kount’s award-winning, AI-driven fraud prevention empowers digital businesses, online merchants, and payment service providers around the world to protect against payments fraud, new account creation fraud, and account takeover. With Kount, businesses approve more good orders, uncover new revenue streams, improve customer experience, and dramatically improve their bottom line all while minimizing fraud management cost and losses. Through Kount’s global network and proprietary technologies in AI and machine learning, combined with flexible policy management, companies frustrate online criminals and bad actors driving them away from their site, their marketplace, and off their network. Kount’s continuously adaptive platform provides certainty for businesses at every digital interaction. Kount’s advances in both proprietary techniques and patented technology include mobile fraud detection, advanced artificial intelligence, multi-layer device fingerprinting, IP proxy detection and geo-location, transaction and custom scoring, global order linking, business intelligence reporting, comprehensive order management, as well as professional and managed services. Kount protects over 6,500 brands today.
Mimecast – Mimecast improves the way companies manage confidential, mission-critical business communication and data. The company’s mission is to reduce the risks users face from email, and support in reducing the cost and complexity of protecting users by moving the workload to the cloud. The company develops proprietary cloud architecture to deliver comprehensive email security, service continuity, and archiving in a single subscription service. Its goal is to make it easier for people to protect a business in today’s fast-changing security and risk environment. The company expanded its technology portfolio in 2019 through a pair of acquisitions, buying data migration technology provider Simply Migrate to help customers and prospects move to the cloud more quickly, reliably, and inexpensively. Mimecast also purchased email security startup DMARC Analyzer to reduce the time, effort, and cost associated with stopping domain spoofing attacks. Mimecast acquired Segasec earlier this month, a leading provider of digital threat protection. With the acquisition of Segasec, Mimecast can provide brand exploit protection, using machine learning to identify potential hackers at the earliest stages of an attack. The solution also is engineered to provide a way to actively monitor, manage, block, and take down phishing scams or impersonation attempts on the Web.
MobileIron – A long-time leader in mobile management solutions, MobileIron is widely recognized by Chief Information Security Officers, CIOs and senior management teams as the de facto standard for unified endpoint management (UEM), mobile application management (MAM), BYOD security, and zero sign-on (ZSO). The company’s UEM platform is strengthened by MobileIron Threat Defense and MobileIron’s Access solution, which allows for zero sign-on authentication. Forrester observes in their latest Wave on Zero Trust eXtended Ecosystem Platform Providers, Q4 2019that “MobileIron’s recently released authenticator, which enables passwordless authentication to cloud services, is a must for future-state Zero Trust enterprises and speaks to its innovation in this space.” The Wave also illustrates that MobileIron is the most noteworthy vendor as their approach to Zero Trust begins with the device and scales across mobile infrastructures. MobileIron’s product suite also includes a federated policy engine that enables administrators to control and better command the myriad of devices and endpoints that enterprises rely on today. Forrester sees MobileIron as having excellent integration at the platform level, a key determinant of how effective they will be in providing support to enterprises pursuing Zero Trust Security strategies in the future.
One Identity – One Identity is differentiating its Identity Manager identity analytics and risk scoring capabilities with greater integration via its connected system modules. The goal of these modules is to provide customers with more flexibility in defining reports that include application-specific content. Identity Manager also has over 30 direct provisioning connectors included in the base package, with good platform coverage, including strong Microsoft and Office 365 support. Additional premium connectors are charged separately. One Identity also has a separate cloud-architected SaaS solution called One Identity Starling. One of Starling’s greatest benefits is its design that allows for it to be used not only by Identity Manager clients, but also by clients of other IGA solutions as a simplified approach to obtain SaaS-based identity analytics, risk intelligence, and cloud provisioning. One Identity and its approach is trusted by customers worldwide, where more than 7,500 organizations worldwide depend on One Identity solutions to manage more than 125 million identities, enhancing their agility and efficiency while securing access to their systems and data – on-prem, cloud, or hybrid.
SECURITI.ai – SECURITI.ai is the leader in AI-Powered PrivacyOps, that helps automate all major functions needed for privacy compliance in one place. It enables enterprises to give rights to people on their data, be responsible custodians of people’s data, comply with global privacy regulations like CCPA, and bolster their brands.
The AI-Powered PrivacyOps platform is a full-stack solution that operationalizes and simplifies privacy compliance using robotic automation and a natural language interface. These include a Personal Data Graph Builder, Robotic Automation for Data Subject Requests, Secure Data Request Portal, Consent Lifecycle Manager, Third-Party Privacy Assessment, Third-Party Privacy Ratings, Privacy Assessment Automation and Breach Management. SECURITI.ai is also featured in the Consent Management section of Bessemer’s Data Privacy Stack shown below and available in Bessemer Venture Partner’s recent publication How data privacy engineering will prevent future data oil spills (10 pp., PDF, no opt-in).
Transmit Security – The Transmit Security Platform provides a solution for managing identity across applications while maintaining security and usability. As criminal threats evolve, online authentication has become reactive and less effective. Many organizations have taken on multiple point solutions to try to stay ahead, deploying new authenticators, risk engines, and fraud tools. In the process, the customer experience has suffered. And with an increasingly complex environment, many enterprises struggle with the ability to rapidly innovate to provide customers with an omnichannel experience that enables them to stay ahead of emerging threats.
The survey’s results are noteworthy because they reflect how AI and machine learning-based fraud prevention techniques are helping retailers, financial services, insurance, and restaurants to reduce false positives that, in turn, reduces friction for their customers. All industries are in an arms race with fraudsters, many of whom are using machine learning to thwart fraud prevention systems. There are a series of fraud prevention providers countering fraud and helping industries stay ahead. A leader in this field is Kount, with its Omniscore that provides digital businesses with what they need to fight fraud while providing the best possible customer experience.
The following are the key insights from the Javelin Strategy and Research report published this month:
Retailers, financial institutions, restaurants, and insurance companies need to invest in fraud mitigation at the same rate as new product innovation, with retail and banking leading the way. Restaurants and insurance are lagging in their adoption of fraud mitigation techniques and, as a result, tend to experience more fraud. The insurance industry has a friendly fraud problem that is hard to catch. Over half of the financial institutions interviewed, 52% plan to invest in additional technologies to secure existing accounts, and 46% plan to invest in better identity-verification measures. Based on the survey, banks appear to be early adopters of AI and machine learning for fraud prevention. The study makes an excellent point that banking via virtual assistants is still nascent and constrained by the lack of information sharing within the ecosystem, which restricts authentication measures to PINs and passwords.
57% of all businesses are adding new products and services as their leading digital innovation strategy in 2020, followed by refining the user experience (55%) and expanding their digital strategy teams. Comparing priorities for digital innovation across the four industries reflects how each is approaching their omnichannel strategy. The banking industry places the highest priority on improving the security of existing user accounts at 52% of financial institutions surveyed. Improving security is the highest priority in banking today, according to the survey results shown below. This further validates how advanced banking and financial institutions are in their use of AI and machine learning for fraud prevention.
Digital businesses plan to improve their omnichannel strategies by improving their website, mobile app, and online catalog customer experiences across all channels in addition to better integration between digital and physical services is how. 40% of respondents are actively investing in improving the integration between digital and physical services. That’s an essential step for ensuring a consistently excellent user experience across websites, product catalogs, buy online and pick up in-store, and consistent user experiences across all digital and physical channels.
69% of all digital businesses interviewed are planning to make additional fraud investments this year. Banking and financial institutions dominate the four industries surveyed in the plans for additional fraud investment. 82% of consumer banks are planning to invest in additional fraud detection technologies. Insurers are least likely to invest in fraud detection technologies in 2020. The study notes that this can be attributed to insurers’ unique challenges with first-party fraud or fraud committed by legitimate policyholders, which is poorly addressed by many mainstream fraud controls.
Using AI-based scoring techniques to detect stolen credit card data being used online or in mobile apps, dominates financial institutions’ priorities today. 34% of financial institutions cite their top fraud threat being the use of stolen credit card data used online or in mobile apps. 18% say account takeovers are their most important area to reduce fraud. Financial institutions lead all others in fraud technology investments to thwart fraud, with managing digital fraud risk being the highest priority of all compared to the three other industries represented in the survey.
52% of all financial institutions say that improving the security of existing user accounts leads all digital investment priorities in 2020. What’s significant about this finding is that it outpaces adding new digital products and services and improving identity verification of new users. This is another factor that contributes to financial institutions’ leadership role in relying on AI and machine learning to improve fraud detection and deterrence.