Wired-In webinar: AI in Payments – Security and User Experience

AI in Payments: Balancing Security with User Experience

 In our most recent Wired-In webinar, SEON’s CEO, Tamas Kadar, explored the powerful intersection of AI and payments. Tamas assessed AI’s ripple effects on the present and future of fraud prevention while highlighting challenges and opportunities to achieve transformative change:

  • An overview of the main fraud challenges facing the payments sector today
  • Why traditional fraud prevention solutions have been ill-suited to dealing with the intricate demands of modern payments
  • How AI solutions can be leveraged to establish robust and secure payment systems that don’t negatively impact the customer experience
  • What the future of fraud prevention in the payments sector may look like

Webinar transcript

Reece Baggott – Digital Marketing Lead at NorthRow: Hello everyone and welcome to the latest instatement of Wired-In. I’m your host today, Reece, the Digital Marketing Lead here at NorthRow, a big thank you to everyone who has joined today.

Reece: The session is going to be hosted alongside the fraud fighters SEON, as we welcome their founder and CEO, Tamas Kadar, who will be addressing the topic of AI in Payments, which we will touch on more in a second.

Reece: Before we jump into a bit more about Tamas and a bit more about the session at hand, I’d like to bring some awareness to who NorthRow are, and what we do.

Reece: So, Tamas, if you don’t mind putting the slide forward, please.

Reece: Awesome! So, essentially, NorthRow provides a compliance platform that covers KYC, KYB and ID&V, and this helps you to make decisions faster, onboard clients in seconds, help you comply with the ever changing legislation. So, if those issues resonate with you, head over to our website, and we can go from there.

Reece: Next one then please, Tamas.

Reece: Awesome. So, just a few housekeeping elements for today’s session. You’ll see on the panel on your right on side which you can move this about wherever you see fit on the screen.

Reece: But for audio, you can switch between dialling for your phone and dialling through your laptop or device. If you have any issues, we will have an attendee on the line that we are able to help, so you use the comments section.

Reece: For questions, please submit any in the Q&A panel as well, so it’s labelled questions. We’ll be able to forward these onto SEON’s team, and Tamas, be able to get in touch later on.

Reece: The session is also being recorded, so it will live on the NorthRow events website, but it will also be live with SEON as well and we’ll also send out an email copy of the recording.

Reece: So, Tamas, just one more for me, please.

Reece: Perfect. So, a bit about our special guest today, Tamas is the founder and CEO of SEON. He started the company with his co-founder, when it was those students in university, and built it from scratch. A graduate of the elite Corvinus University, he studied Deep Info Comms, where he saw first-hand how fraudsters and hackers looked to get around security measures.

Reece: He has been featured in Forbes’ ‘Hottest Young Startups in Europe’ and is a regular startup pitch winner. He’s a true tech enthusiast’s product visionary for creating a fraud-free world and has recently been included in the elite Forbes 30 Under 30 Europe list as the face of the technology list.

Reece: So, Tamas without further ado, the floor is yours.

Tamas Kadar – SEON’s CEO: Thank you so much, Reece, for having me on this webinar. Pleasure to be here, and I would like to begin with, is just an overview of the main fraud challenges on a business, in the payments sector today.

Tamas: It can range from customers using stolen cards, which can lead to chargeback fraud, and as well as stolen passports, which can lead to account takeover attacks.

Tamas: As bad as we’re seeing an increased volume of money mule scams when they’re using stolen or synthetic identities to create drop back accounts and as far as this can lead to money laundering, which is another issue, and this is part of the broader landscape of anti-money laundering projects.

Tamas: So, the last two points will be a card testing, which is, since the very beginning, very frequent form or process, to try and see if the card numbers, which they have access to are walleted or not, and they can use multiple ways of charging for small amounts, the cars, and see whether they are live or not.

Tamas: And, of course, this leads to for a business, the need of being compliant with the regulatory bodies.

Tamas: Following the traces of incoming and outgoing money flows, looking at sanction list, crime list, and, as well as, the velocity of money movements, is all part of the regulatory scheme, which has been rolled out over the last 10 to 15 years.

Tamas: And the increase of digital banks, this is the forefront of the new challenges, moving on.

Tamas: But I would like to show here how the new upcoming, fraud prevention solutions have dealt with the new form of digital payments.

Tamas: So, in the very early days, most of these fraud prevention solutions were mainly focused on, this is the transaction phase.

Tamas: This was coming after the normal onboarding/KYC procedure, and also it’s part of the broader customer due diligence initiative. So what SEON has built, and what I think every online business should take care of, is tracking the customer from the first earliest access point in their system.

Tamas: This starts from onboarding registration, but even a step before my customer lands on your website or app, is when you have to begin your investigation, and then every action, every step of the customer’s journey, are a very important part of the behaviour.

Tamas: The more data as an online business you have, the better decisions you can make.

Tamas: And for fraud prevention solutions, for example, what we have built at SEON is designed to stop fraud as early as possible in the customer journey.

Tamas: So, whenever a customer lands and opens an account. You have hundreds of data points to consider for your risk assessment, whether you should allow your customer to be part of your customer base or whether you should implement some way of friction. You can delay specific verification steps up to the customer becomes actually quite suspicious or when they hit some of the AML thresholds given their activity.

Tamas: And this is also connected to detecting the money laundering activities, which are, as I mentioned before, are becoming increasingly challenging to detect.

Tamas: And as well as working with the regulator bodies are an ever evolving landscape and the dynamics are also quite fluid.

Tamas: So, when I mentioned the wide range of data points that you can use to assess risk, the very first step is to look at your customer’s digital footprint.

Tamas: So that’s what we have been providing to most of our customers at SEON to see that the customer is using a brand new or disposable e-mail address or are using any form of proxies such as VPNs, and it’s not just the device itself.

Tamas: It can be used to see who is using the same browser or device, and as well as, we can pinpoint, whether the customer is using any form of emulation, virtual machines, or assist pieces profile, a lot of activity is around automation, lead attacks.

Tamas: So processes are increasingly investing in creating boats and skinning their operation. Their aim and goal is to have the highest possible monetary value created by the least amount of effort and activity. So that’s the goal in a short summary.

Tamas: And, basically, when the customer is in and based on the initial assessment during onboarding, the way how a platform should work is, as I mentioned, if you can collect in your database, or if you can also send these authentication related points.

Tamas: Such as login details change, as well as if you’re a digital wallet, you know, deposits video walls.

Tamas: Every time, when you are able to assess risk, is a good point to store user information, and activity more in depth.

Tamas: So, then, you can build the best possible models, or lets your social providers also tap into those data points and train the model, which are a vital part of machine learning.

Tamas: And, as well as, you can only make as good rules if you are roughly the rule based system as the data you have access to.

Tamas: So, we’re capable of monitoring all these activities, and then utilising machine learning in order to provide rule recommendations, And these rule recommendations can be supervised by a human, so our customers can always override and, and rule out some of the rules, if they don’t like it.

Tamas: But we always have backup statistics, given the conversion metrics results, so you can see how many transactions you would block if you were to turn on any of these rules as well you can see how many of the fraudulent transactions you would block. So, that’s very important.

Tamas: Every time you create a rule or change some part of the decision making logic, when you classify the users and the activity into, you know, approving or denying those attempts and customers.

Tamas: You have to make sure that the rules you have in place, the algorithm is actually working with the least amount of false positives, and that’s where, and then it can get really challenging.

Tamas: And then, the idea is really just to try to balance customer experience and as well as friction.

Tamas: I think many of the new upcoming online leaders in this segment are trying to enable this so-called dynamic friction when you delay those friction for verification points, such as ID verification or phone or e-mail based verification, when it’s ultimately necessary. So the best is to, friction feel invisible type of risk assessment – which is also part of SEON’s core services.

Tamas: And then based on this friction fee, score or class that the system recommends, then you can enable other type of verifications just for those customers, who really seem suspicious based on their behaviour or attempts as well as the complete profile.

Tamas: And then the point is to try to combine machine learning and human made decisions.

Tamas: So, still what we see from the market is, many of the fraud and the risk and compliance teams are a bit worried about decisions made fully by automation and AI.

Tamas: So, there, there is always a need of a human element in the process when someone actually views those transactions and also reclassify them if necessary to enable the training model to then make better decisions based on the feedback loop.

Tamas: Moving onto the next slide, when I mentioned AI and Lightbox Machine Learning. This is actually one of the fastest and most efficient methods of detecting fraudulent risk behaviour. This can lead to reduced manual times.

Tamas: If your decision making algorithm is powered by AI and continuously learning from decisions made by humans, then you can augment the best of the two worlds using AI and human made decisions.

Tamas: And, also, this can provide you just better predictions on larger datasets, if you have the right labels, which, then will enable the best possible training dataset, and then can lead to a more efficient operation within your fraud risk and compliance team, which can lead to more cost effective approach.

Tamas: And then, but I mentioned whitebox machine learning, this is just a way to provide explainable human readable rules, suggestions.

Tamas: Many of the providers out there are actually providing blackbox type of decisions, where you don’t really understand the specific science or the specific factors, and how much they weighed into the decision.

Tamas: So, when we have designed our own platform, we always keep in mind that a human should be able to eventually make a decision and overrule whatever the AI system would recommend.

Tamas: And this is why we believe that white box is such an important element of it.

Tamas: And then, I mentioned fiction fee, user experience, this is super important as a user experience is one of the key selling points from many online businesses out there that they don’t want to increase churn,given all these friction points, you could do identification for every new customer, and you should, if there is a regulatory requirements.

Tamas: But in many cases, that’s actually not the point, like, to try to say, of course.

Tamas: But identification on its own is actually not bulletproof, because many fraudsters can buy stolen identities, stolen ID scans, and then as well as it’s quite expensive.

Tamas: Social providers for identification can charge up to one or even two US dollars for every check. And it’s a friction free and onboarding process,so this can lead to churn. So, that’s why friction free visible risk assessment comes into play and actually lets you only do identification when it’s ultimately a must have.

Tamas: And then, I mentioned fine-tuning machine learning models, is the basis of the foundation, of making the best possible decisions. Unless you have the right training datasets, you will have a very rigid rule based engine.

Tamas: So, what we try to enable our customers is every cluster and group of fraudsters will be the basis of these rule recommendations.

Tamas: And the system can actually provide you insights of what new rules you should turn on, or what rules you should change, and what parameters are currently increasing your false positive ratios.

Tamas: And, and when you have all these elements in place, then your team can actually focus on the most effective type of activities.

Tamas: For example, you know, making sure that the customers you’re labelling are actually really, the right answer, really, fraudsters are not and as well as, connecting the systems.

Tamas: Making sure that decisions made by your vendor, or also the different kinds of proactive heads up, you hear from your card issuers and networks are actually reflecting on your model.

Tamas: We have created a platform which actually retrains its model on a continuous basis, which actually flacks on the decision accuracy, which is quite high.

Tamas: So if you retrain your model only on a daily basis, then all those transaction tools that fall into the last 24 hours before the training are actually only the ones he was captured, if there is anything that comes after and before the next training period, then you lose out on the efficiency.

Tamas: and you lose out on those new insights and patterns that you could actually leverage to make it, to make sure that you have to be most accurate, real-time. algorithm in place, and then, when we look at the future of fraud prevention for payments.

Tamas: We always suggest to our clients that they should layer multiple comprehensive solutions. They should consider the whole digital footprint, which includes the email for an IP device.

Tamas: Of course, if they actually use identification and also those data points which can come from the vendor or your own solution, can lead to having the wide range of data points. As I mentioned in the very beginning, you can only make good decisions with the data you have access to.

Tamas: So, it’s super important to make sure you capture every single behaviour point as well as the application points, would be a step where you assess risk, and then factor in all these wide ranging data points.

Tamas: Our solution can provide thousands of these data points, but as well as international platforms. So we can provide the best possible decisions, and we have seen that experienced fraudsters are also creating businesses.

Tamas: So they tried to just make as much money as, as much monetary gain as possible, a shorter amount of time. And we have seen an increased number of both attacks, which are fueled by the new upcoming ways of automation.

Tamas: Are you using headless browsers or scripts to actually automate the actions in a web application or in a normal mobile application. And then it’s very hard to detect those types of attempts unless you have some type of behaviour analysis.

Tamas: And then in order to prevent those types of attacks, you also have to invest in automation and different tools that can help to detect these specific patterns. But, as well as, you know, processes are easily adopting these new types of tools, including AI, like GBT and large language models. So, they can be used to scale up their operation to the infinite. 

Tamas: And then this is where the whole subject gets really challenging. So, machine learning can be the solution to fight machine learning such as AI based solutions.

Tamas: And I believe that the best tools out there are actually starting from the very early access point to a platform.

Tamas: So onboarding, it’s not just transaction monitoring with existing customers. That’s also super important for AML and detecting account takeover attacks.

Tamas: But as well as, you know, the first step when the customers are filling out an onboarding form, letting the only business know about their e-mail address and phone number.

Tamas: This is a must have step during the customer journey, and you have a chance, at this point to actually collect all these wide ranging data points, later can be useful to detect more fraudulent attempts on your own platform.

Tamas: And essentially, if I boil down the whole picture into one single step, and I would say that as an online business -the most important rule is that you actually have the highest amount of true positives in the lowest amount of false positives. So in order to do that, without having the right data set in place, having the right labels, and, you know, without training your models to make the best possible decisions, it will probably be an uphill battle.

Tamas: If you are just considering onboarding, or if you are just considering ongoing monitoring, then you are missing specific pieces of the whole customer journey. So, you have to look at the whole picture. You have to look at every step of the customer. And then, when we grow up with large businesses like Rebel, Lloyds and Wise you see that they have their own data science teams so that they have access to this data. So, we try to lead them to leverage, or data points, and then use, our model, as well.

Tamas: So, this way, you can co-host the model with those teams, and this can lead us to having an ultimate, similar to that type of solution, where they leverage additional data points to leverage their own data, but decision is actually the, based on the combination of the two algorithms they have in place, and also what we provide to them as suggestions.

Tamas: And the question is like, whether to buy or build. And I believe that when you have access to extra data points, which are usually very hard to get, and you, as an online business, might not be your core.

Tamas: The objective is to actually collect data about an email or phone or device, then it makes sense to use some of the points solutions. But then it can lead to kind of like a hard effect when you have to build a middleware, and use multiple vendors. So I see also increasing need of all in vendors, because most of the online businesses out there are trying to consolidate their key stack. What we try to enable at SEON is to tick all the boxes of the needs of every single compliance team by building a platform, which can serve them as an AI driven solution and also as a system of record.

Tamas: So don’t have to turn to multiple vendors or switch steps once they are operating as normal. And I hope this gives some of the viewers a better picture of what should be the balance of customer journey and how you can make the best possible decisions. And for the next step. I would like to open up for questions here.

Reece: Perfect. Thank you so much, Tamas. I mean, all the avenues discussed they were brilliant. But, just starting with questions, if you do have any questions, please leave them in the panel below. Again, well, forward them over to the team at SEON, and they’ll get back in touch with you, I’m sure of it.

Reece: I certainly wanted to start with the most common types of fraud that you SEON users experience on the daily and encounter.

Reece: So, we touched on there a wide range, and how machine learning is really integrating new techniques for fraudsters to kind of target people. But what are the most common ones you’ve seen for users?

Tamas: Yeah, I would say that every specific fraudulent attack is created by using stolen identities, So this is called also identity theft.

Tamas: So again, when we talk about payment fraud, which is, the real symptom is, is a chargeback than usually done by stolen credit card numbers because it, which is also a form of identity theft.

Tamas: So, the most common types of fraud is, really either stolen or synthetic identities are being used to authorise transactions or open fraudulent accounts.

Tamas: And I just see more ways are being introduced by fraudsters to collect the stolen identity pieces that stay with fake websites, fake e-commerce sites.

Tamas: They can acts like a real e-commerce retailer where customers will think that there’s a great deal out there, they enter their credit card information and it’s already stolen at that point.

Tamas: So making sure that the site is genuine, you have good reviews somewhere on the internet is super important, as well as, I saw cases where, you know, fake job postings were used by fraudsters to collect real IDs, and passport scans of customers and then these scans and passports were used to open up accounts.

Tamas: So, I think everyone who is online should be on alert all times to make sure that actually don’t fall as a victim for any of these attempts.

Reece: Definitely. definitely, I was speaking to Alex Wood, who is big in the counter fraud profession, and you may know, and he was touching almost on, you mentioned, as well today, how AI and Machine Learning can create a fraud strategy from start to finish.

Reece: From creating the perfect APP pitch, mule accounts, right up to the finish and doing this simultaneously thousands of times to target people. From this kind of a question is: what for what types of fraud are becoming more prevalent due to AI?

Tamas: Yeah, of course. So, we have seen other cases of specific AI powered attacks.

Tamas: So this can be, for example, where deep fakes can be used to to seem like you know as a company’s CFO when asked to urgently wire our funds to a so-called drop or mule account.

Tamas: And as well as, you know, in the romance fraud type of attempts, which are also type of social engineering attacks, the conversation which can be automated by large language models, can have forced us to scale up their operations to two levels we have never seen before. So just imagine, if you think that you are talking to a human on a dating app, that it can be really just be GBT paste script, where you actually are talking to an AI, not a real person.

Tamas: And this way, this fraudsters can have, like, you know, thousands of, ongoing, part of that conversations were in, then they would try to push their victims to wire out funds, or, you know, click on the link and enter some personal details. So just the way how these phishing and social engineering attempts are around the same way with GBT based AI models. The, possibilities are infinite, for fraudsters.

Tamas: So that’s why it’s super important to us a fight back with AI based systems which can real-time predict the risk levels from from those attempts.

Tamas: So even if you, as you know, on a fraud or risk analysts working for our business, which is not even in having a charge back problem, you might have a problem with fake accounts being used to actually leverage your customer base, you know, runs scams, extort money, etcetera. So, it’s, you know, fraudsters are not only targeting e-commerce sites or, as well as, digital banks are targeting every possible place where there are social interactions.

Tamas: Because, this is where you can actually utilise human to human, like conversations, but, also, if you run, you run an AI based campaign, then you are actually, you know, making, making some, some attempt to try to have as white cast as possible.

Tamas: So, I would say that, you know, AI is just changing the world, and although it’s happening, the whole fraud community, to make more money in a shorter period of time.

Reece: Yeah, that was a great kind of explanation on things, especially as well around romance scams and not just the loss of money, but the impacts of mental health side of things and and how about draws into the business as well that they’re working for, so that was brilliant.

Reece: And then just the roundup, the final question and just kind of wanted to know a bit more about digital profiling and what that is.

Tamas: Yeah, sure. So, digital profiling for us is to collect all the publicly accessible data points based on your customers’ digital footprint, real-time have all this data in place, and basically, when I mentioned, you know, the data points, customers are entering an onboarding form, such as e-mail address or phone number, or even address, and their device and IP, you can have thousands of additional data points. You can see whether your customers are using a new email address, or trying to hide behind a proxy, or using a malicious device. And when you have this data at your fingerprint, then you can analyse the data.

Tamas: And then increase your decision making algorithm, you can provide a more friction free way of authentication for your own customers. I think it’s a crucial tool for fraud prevention, it can have inconsistencies in user activities, which can then lead to indication of fraudulent behaviour. I think it’s a type of a new way of enabling this so-called dynamic, friction based customer journey where you can actually delay those friction for verification methods to the latest point.

Tamas: And also, you can save a lot of money by not doing form verification for every new customer, if the risk level is really low.

Reece: Amazing, that was a great overview of three questions there and if you do think of anything after the recording, please do drop Tamas a message on LinkedIn, as well.

Reece: I’m sure we’ll be happy to connect, and speak with everyone who’s attended, but that kind of rounds at the Q&A segment of this, if you don’t mind forwarding it forward one please, Tamas.

Reece: So, that kind of brings us onto our next Wired-In webinar, which is going to look into the state complaints, 2024, we did a massive research report, interviewing over 120 Compliance Professionals, and we’re going to look to share these insights with our Chief Product Officer, and Head of Customer Success here with NorthRow. So keep an eye out for these emails, we’re going to be looking to host that next month. And then one more forward, please, Tamas.

Reece: Fantastic. So let’s just a big thank you to Tamas and everyone at SEON who’s helped make this happen. I hope everyone found that really insightful. Please do check out SEON for all the fraud needs, and that kind of brings everything to a close and a big thank you again. So thank you everyone for joining.

Tamas: Thank you so much.

Blog call to action - demo
Comments are closed.