Building trust in the post-pandemic digital landscape

Sponsored by Telesign

The digital risks organisations face from cyber-criminals are rapidly evolving. Businesses need to act now to ensure they are able to keep themselves – and their customers – safe

The threat businesses face from fraudsters has existed as long as the internet itself, but it has ramped up significantly since the Covid-19 pandemic. A report by McKinsey suggests the pandemic accelerated digital transformation by around three to four years, as businesses and individuals found they had no choice but to interact online.

Yet many digital projects were, understandably, put together quickly, and this has left organisations vulnerable from a security perspective. “The result was that speed was prioritised,” says Seth Gilpin, Director of Product Marketing at digital identity verification firm Telesign. “Even today, user experience is still top of mind for product managers and businesses.

“That has created vulnerabilities at every stage of the customer journey. There are bad actors out there that are assessing your vulnerabilities, and eventually they are going to take advantage.” If cyber-crime were a country, it would be the third largest economy in the world, he adds, behind only the US and China.

Cyber-criminals have also evolved in their approach. An emerging challenge is fraudulent users, with around one in four accounts in some sectors estimated to be fake. “We can see this across social media and also on dating apps and in fintech,” says Gilpin. “New artificial intelligence, deep fakes and malicious bots have become so advanced that it is becoming extremely challenging for businesses to detect in real time what is genuine and what is not.”

In some cases, criminals use a mixture of real and fake information, enabling them to satisfy initial identity verification checks before going on to secure lines of credit, scam and phish legitimate users, or even spread malware. “When you assess the number of fake accounts that are created every day, it’s evident that today’s onboarding workflows aren’t able to effectively discern who is a good user, who is a fraudulent user and who is a bot,” he adds.

There are two compelling reasons why businesses should implement preventative measures that will help counter the digital threat. The first is financial. Businesses cannot afford the cost that comes from an attack.

“With global economic headwinds, there is a golden opportunity now for businesses to fight back, to get the frameworks in place so they can better protect the enterprise and their customers, and ultimately prove return on investment,” says Gilpin. “Fraud managers should start to view their work as performance-driven. There isn’t a CFO out there who would reject a proposal for a £1 million investment if it would save the business £15 million.”

The second reason is linked to the consumer impact and the company’s reputation. “It’s easier to lose a customer’s trust than it is to gain it,” adds Gilpin. “When trust is lost, as many as 85 per cent of consumers will shop around. They’re willing to leave a brand after a single incident. If their data is breached or they are spammed through direct messages, they are very likely to leave.”

The good news for organisations is that there is a solution that will allow them to deploy active risk assessment at every stage of the customer journey, from account creation and verification to signing in, completing a transaction and logging out. Telesign’s continuous trust framework uses machine learning (ML) to help businesses make informed decisions about levels of risk, meaning they can constantly evaluate interactions and transactions rather than relying on initial verification processes.

“If you have a customer who has been a good, safe, trusted user across every interaction in the past six months but something suddenly changes, like they’re trying to make a £1,000 purchase or they’re changing a password, it empowers businesses to proactively block, prevent or intervene,” explains Gilpin.

Continuous Trust™ uses phone numbers as unique digital identifiers, enabling it to verify identity and draw on historic data on what normal, safe customer behaviour looks like. It makes use of unique phone numbers from more than 60 carriers – representing over 50 per cent of global mobile users — that transit through Telesign each month.

“It will analyse phone number velocities, number attributes and more, seeing what a human’s phone number behaviour looks like versus what a bot’s might look like,” explains Gilpin. “The number of text messages you receive or your number range will look very different to that of a spammer. We also have access to carrier data, which means we can access name and address information to help strengthen verifications, and detect account takeover attacks from a recent SIM-swap.”

Vitally, the use of phone numbers – where customers’ identities have already been verified – ensures a quick and easy experience for customers. “If someone is signing up to open a new account, by using the power of the phone number, Continuous Trust can access information to verify their identity and augment know your customer (KYC) workflows,” says Gilpin. This also makes it more cost-effective for businesses, he adds, enabling them to roll the technology out globally at relatively low cost with minimal friction compared with other forms of identification verification.

Organisations need to understand they will always have to adapt to keep up with fraudsters as new apps, systems and devices emerge. “Businesses need to be very mindful and audit their customer journey, and be honest about where there are vulnerabilities,” he says. “Modern fraud defence requires a comprehensive, multi-layered stack with different vendors and data sources – likely powered by an identity orchestration system – all working together.”

Taking action now means businesses – including smaller firms – can start to address these issues before they become insurmountable. “The longer they wait, the more the industry is going to evolve and the bigger hole businesses are going to dig themselves into,” he warns. “They need to treat this as a critical business priority. It should be on every CEO’s list.”

To find out more about how Telesign can help your business take proactive steps to always know your customers, visit telesign.com.