2017 was a year of major data breaches that exposed the sensitive personal information of hundreds of millions of consumers to hackers. Much of that data is now available for sale to fraudsters on the dark Web. That's the backdrop for ecommerce companies heading into 2018, as they try and figure out how to distinguish real customers from bad actors and good transactions from fraud attacks.
It is predicted by many that use of the Social Security number (SSN) as a unique personal identifier will finally die in 2018. This is not used regularly by ecommerce companies, but it is important to acknowledge...as a sign of the times. SSNs were never intended to be used as they are today. In fact, early Social Security cards had "not for identification" printed right on them.
In the absence of a true national ID system in the U.S., the SSN was adopted by banks and lenders as an identity verification tool. In the wake of recent breaches, the Trump Administration (like the Obama Administration before it) has asked federal agencies to explore ways to implement a more secure, dedicated identification system.
With the SSNs of hundreds of millions of consumers out in the wild, lenders are looking to alternative sources, like non-personally identifiable information (non-PII) data to more effectively approve new accounts and loans.
As for ecommerce, how will their efforts to verify the identities of individual customers change in the coming year? Here are some predictions.
1. Big data and machine learning will become essential fraud-fighting weapons. With the reliability of any single piece of customer data now in question, ecommerce companies will need high-quality data comprised of many different attributes.
In 2018 we will see more widespread adoption of machine learning to analyze the relationships between data elements across millions of transactions, identifying patterns that are consistent among good customers and also signals that indicate fraud. This will be essential in fast-moving markets like digital commerce and online lending.
2. Online businesses will bring fraud fighting in-house. Most ecommerce enterprises rely on rules-only decisioning platforms that decide whether to reject, accept or review online orders. Rather than relying on third-party vendors to supply this intelligence, many larger online businesses will evolve and deploy their own machine learning fraud detection systems in 2018. They'll rely less on specific rules and utilize models that suit their unique vertical and continuously learn as their business evolves.
3. Cross border ecommerce will grow (and so will the risk of fraud). The U.S. may be the world's second largest ecommerce market, but is nearly doubled by that of China. Combined, the size of the remaining top 10 ecommerce markets is also larger than the U.S.
Looking ahead, the ecommerce growth rate in markets like the Asia-Pacific region is expected to be twice that of the U.S. It's understandable, then, that many ecommerce companies will see a tremendous opportunity for expansion into global markets. With that opportunity, however, comes a higher risk of fraud. By some estimates, the risk of ecommerce fraud is 1.5 times greater outside the U.S., where standard identity verification techniques are often complicated by poor or inconsistent data.
4. Blockchain for identity will get real, at least for some transactions. Unless you've been living on a desert island somewhere for the past couple of years, you've probably heard about blockchain. Originally developed as a way to enable secure transactions between buyers and sellers of cryptocurrencies like Bitcoin without requiring a centralized financial institution to act as a go-between, blockchain is increasingly seen as a possible future for identity verification. It might even be used to create the elusive, un-hackable digital identity verification system we've all been hoping for. Blockchain may not become mainstream in 2018, but it very well could move from prototype to a functioning (if limited in reach) identity system for high-value financial transactions and health-related data.
If these predictions don't actually become reality in 2018, what will definitely happen, however, is that ecommerce companies will continue to devote considerable resources to fighting fraud and verifying their customers' identities.
Hacks and breaches won't slow down; consumer data will continue to be compromised and misused by fraudsters. The companies that excel at identity verification--that can minimize friction and reduce the rate at which they deny or delay transactions from good customers--will ultimately develop a robust lifetime value of that relationship.
About the Author
Tom Donlea is Vice President of Global Marketing and leads the global marketing efforts of Whitepages Pro, the definitive identity verification data provider for risk management in banking and online lending worldwide. With over 10 years of online payments and risk experience, Tom previously was the founding Executive Director of the Merchant Risk Council.