The old adage ‘Information is Power’ continues to permeate much of our thinking on digital risk management.
That’s because, when it comes to understanding the intent of a digital user, the more we know, and the more context we have, the better our decisions can be. It seems an obvious hypothesis, but the reality of continuously profiling the actions of someone as they transact online, and then using that context to make better trust and risk decisions, is no simple task.
Digital Risk Started with Digital Interactions
First generation fraud and risk solutions have traditionally relied on an API call to transfer information from a point-in-time digital interaction back to a decision engine to risk assess. The challenge with this model is that it is not continuous: risk assessments are either based on siloed events, or they rely on collating a series of individual interactions. All this requires long integrations and a high level of front/back-end development resource. Adding new journeys requires further internal investment, as well as time to prioritize and stand-up IT resources.
Fraudsters Cracked the Impersonation Game
What this siloed approach has amounted to, is that we are inadvertently facilitating the fraudster’s art of trickery and impersonation. Either they mimic customer identity or behavior at a moment in time, for example at login. Or they revel in the gaps that are created as pieces of information about a user are stitched together by risk decision engines.
Digital businesses need a better way to continually profile online journeys, collate data from the complete interaction, and risk assess this against information relating to devices, behavior, identity, session and content. This approach could provide far better context to an account takeover attempt, that, for example starts with a bot attack testing stolen credentials, follows with the fraudster using those credentials to take over good user accounts, that is then followed by a fraudulent marketplace listing, beneficiary set-up, or payment attempt.
Journeys not Interactions
Darwinium profiling is based on the concept of journeys not point-in-time interactions. This is delivered through a reverse proxy that sits at the network Edge, profiling traffic, rather than individual webpages. This can be facilitated via an integration with your CDN, or via an NGINX plugin or ingress.
1. What do we actually mean by a journey? A journey is the profiling of a full web session, from the moment a user lands on a site, to the moment they navigate away by closing or switching tabs. This means that businesses can holistically risk assess a digital user based on information from their entire web journey, across multiple actions, pages, and inputs. Journeys are made up of multiple steps.
2. What is a step? A step is a developer process point where a Darwinium policy can run. This includes digital profiling and end-user input data collection/mapping, behavioral biometrics, page injection, rule/model execution, Darwinium API or a third-party API call-out. By configuring the customer journey via steps and dependencies, businesses can benefit from a logical and dynamic sequence mapping of the customer journey.
Businesses can holistically assess user intent, from the packet to the person, without the additional integration effort of adding tags to individual web pages. It also removes the requirement to continuously add new tags for additional use cases / journeys.
With a reverse proxy, tags can be injected dynamically, with the ability to extract data from the request and the response. This means that intelligence can be gleaned from multiple points in a customer journey.
It also allows Darwinium to run decisioning between the input and output streams, so a risky event can be redirected or blocked before it even hits the business’s website.
Conjoining insights from multiple steps into an overall decision means that the context of a full web session can be used to make more accurate trust and risk decisions, as well as deciding at each step within the journey whether a transaction can proceed without interruption or further step-up.
Why is this Approach Better than What has Gone Before?
At its simplest, understanding the context of a complete customer journey gives businesses more data to better understand the true intent of their customers. This means:
- Good user behavior can be baselined for their historical web sessions, reducing the likelihood of being blocked for “unusual” but not high-risk behavior. An example might be a customer making a high-value purchase, but from the same device, IP and location that they usually use.
- Trusted behavioral patterns can be effectively cohort-modelled to reduce the number of good customers that are stepped-up, even if they are new to a particular business.
- Anomalies can be identified at multiple steps in a digital interaction, rather than just at the point of decisioning, or when an API call is made. If the user is properly baselined to their prior behavior, anomalies are easy to identify as something that has changed.
- Interventions can be made in real time, and on a per user basis, at any step in a customer journey.
Key features of Darwinium Journey Management
- Create a journey upfront based on multiple steps in a digital interaction
- Add / delete / reorder steps
- Use Darwinium dependencies which can vastly improve processing times so they ‘Run-When-Ready’
- Configure input and output parameters defined by a step template
- View the source of a step (subject to required permissions)
- Copy a step and rename it / modify its source
- Create step workflows (and, or, if, then, else etc)
- Leverage journey flags (error, warning, information)
- Make API calls to Darwinium to supply additional data or to retrieve Darwinium digital information
- Implement tailored decision actions anywhere in the journey (block transaction, error message, contact us etc)
- Integrate 3rd party service anywhere in the journey (e.g., SMS one-time passcode)
The Next Frontier
Analyzing user intent, using journeys rather than point in time interactions, removes integration effort, speeds time to market and allows businesses to make changes to fraud and security strategies on the fly. Ultimately, this benefits not only your customers, but your bottom line. At the same time, trust and risk decisions are made with complete information across entire customer interactions, meaning risk strategies benefit customers and not adversaries.