creating a winning experience while battling online fraud
TRANSCRIPT
WEBINAR
CREATING A WINNING PLAYER EXPERIENCE WHILE
BATTLING ONLINE FRAUD
DECEMBER 2016
Eddie GlennProduct Marketing Manager, Fraud Platform & Mobile
Tommy LiebermanProduct Manager, User Experience
2
E D D I E G L E N NP R O D U C T M A R K E T I N G M A N A G E R , F R A U D P R E V E N T I O N
T O M M Y L I E B E R M A NP R O D U C T M A N A G E R , U S E R E X P E R I E N C E
AGENDA
4
n BALANCING FRAUD PREVENTION, SECURITY, USER EXPERIENCE
n DEVICE INTELLIGENCE
n DYNAMIC AUTHENTICATION
n MACHINE LEARNING FOR PREDICTING RISK AND TRUST
n CLOSING REMARKS
5
ONLINE SECURITYONLINE FRAUD
Credit card fraud
Affiliate fraud
Arbitrage
Bonus abuse
Stolen identity
Account take over
Breached credentials
Spoofing
Unauthorized access
Replay attack
YOUR CUSTOMER
6
WHAT’S YOUR USER EXPER IENCE L IKE?
ACCOUNT CREATION
Probably already pretty low-friction
But other than email, you likely know very little about
them
Do you assume new players are bots, potential
fraudsters, or your best new customer?
7
WHAT’S YOUR USER EXPER IENCE L IKE?
LOGIN
How complex are your password requirements?
Do you offer a password-less option?
What happens if a password is forgotten?
How do you protect against unauthorized logins?
How do you reward your best customers?
8
WHAT’S YOUR USER EXPER IENCE L IKE?
DEPOSITS, WITHDRAWALS,PURCHASES
Do you require additional verification or authentication?
If so, what kind?
Do you place limits/restrictions on new players?
What’s your process for dealing with high-risk players?
How do you reward your best players?
9
C O M P E T I N G N E E D S
• Less user friction overall
• Better customer experiences
• More immediate access
• Build brand loyalty
• Ensure more time spent on the site
PRODUCT & APP OWNERS
• Reduce attack surface
• Manage and minimize risk
• Stop fraud & cheating
• Leverage existing capabilities, infrastructure
• Real-time threat indicators
SECURITY & FRAUD TEAMS
10
3 WAYS TO IMPROVE CUSTOMER EXPERIENCEWHILE PROTECTING YOU & YOUR CUSTOMER
FRICTIONLESSFRAUD
PREVENTION
CUSTOMERAUTHENTICATION
PREDICTIVE TRANSACTION
INSIGHT
12
Your customer
63%world’s populationwith mobile 2015
75% (est)world’s populationwith mobile 2020
www.gsma.com/mobileeconomy/
13
D E V I C E I N T E L L I G E N C ED
EVIC
E IN
TELL
IGEN
CE
DEVICE LOCATION
DEVICE BEHAVIOR
DEVICE RISKS
DEVICE HISTORY
DEVICE REPUTATION
OPE
RA
TOR
’S B
I
USER IDENTITY
USER BEHAVIOR
USER HISTORY
USER PAYMENT INFO
This separation is useful for:
n Privacy compliance
n Incidents of breached credentials or stolen identity
n Fraud prevention collaboration across industries while obfuscating user identity
n Secondary protection for self-exclusion
A S E P A R A T E D L A Y E R O F C U S T O M E R I N T E L L I G E N C E
14
DEVICE INTELLIGENCE
Hundreds of attributescollected
‘Fingerprint’ compared to billions of previously
collected fingerprintsFrictionless to end user
‘Fingerprint’ collected in real-time
Device risk indicatorsAssociations to other devices, accounts, fraud
A DIGITAL FINGERPRINT OF THE DEVICES THAT CONNECT TO YOUR WEB AND MOBILE APPS
15
ADDRESSING FRAUD PREVENTION, SECURITY & USER EXPERIENCE
Is device authorizedfor this account?
Where is device located?
Does device have a history of fraud?
Is this a trusted or risky transaction?
How many accounts has device accessed?
Is device hiding from detection or exhibiting other risks?
FRICTIONLESS. INVISIBLE TO USER. SAFE. RELIABLE.
16
WHAT DEVICE INTELLIGENCE IS NOT
Does not use personal identifying information
Does not tie a device to a named individual
Does not prevent winnersfrom winning more
Does not track a user’s browsing history
Does not track gaming behavior or wins/losses
Does not encourage losers to spend more
17
Your view
ADVANCED DEVICEINTELLIGENCE
n iovation knows related devices and accounts
FraudReport
n If fraud is detected & confirmed, evidence is placed on the account
n Related devices and accounts become associated with the fraud stopping additional fraud attempts
DEVICE ASSOCIATIONS DO NOT REQUIRE PII
18
iovation’s view
Your view
n iovation links devices between subscribers and even different industries
FraudReportn If another iovation subscriber
confirms fraud on their account…
PERSISTENT DEVICE IDENTIFICATION & ASSOCIATIONS STOPFRAUDSTERS AS THEY MOVE BETWEEN BUSINESSES AND INDUSTRIES
ADVANCED DEVICEINTELLIGENCE
19
iovation’s view
Your view
n Then you can use this to deny transactions on accounts that are accessed by the fraudulent device Fraud
Report
THIS STOPS KNOWN FRAUDULENT DEVICES EVEN IF YOUHAVE NEVER SEEN THEM BEFORE
ADVANCED DEVICEINTELLIGENCE
21
D E V I C E I N T E L L I G E N C E C A N S T O P G A M B L I N G / G A M I N G F R A U D
D E V I C E R I S K S A N D D E V I C E B E H A V I O R R I S K S
Evasive behavior
Inaccurate geo-location
Emulator, virtual machine
Jailbroken, rooted
Used for multiple accounts
High # of transactions
Associated with past fraud
Past self-exclusion
Without added friction for your legitimate players
22
Exposing online gambling fraud.Threats are higher in gambling than anywhere else online.
BONUS ABUSE
CHIP DUMPING COLLUSION
ALL-IN-ABUSE
ARBITRAGE BETTING SELF-EXCLUSION
23
Catch players involved in fraud schemes. We reveal multiple devices accessing one or more accounts
and one device accessing multiple accounts.
Account 1
Account 2
Account 3
Account 4
25
Is this your player’s loginexperience?
Your users want a delightfulexperience…
…but with the assurance theiraccount is secure
Device-based authentication provides advanced security you need without the hassle for your players
26
D E V I C E B A S E D A U T H E N T I C A T I O NF R I C T I O N L E S S , C O N T E X T U A L A N D A D A P T I V E D E V I C E - B A S E D A U T H E N T I C A T I O N
FRICTIONLESS CONTEXTUAL ADAPTIVE
Transparent authentication
Patented device recognition
Machine learning adapts to normal
changes and deviations
Assess the risk and context of every session
React in real-time to anomalies
Understand device reputation and associations
Dynamic authentication
decisioning
Respond to different degrees
of risk
Drive step-up or other actions
DEVICE ID
GEO / IP
INTEGRITY
CONTEXT
REPUTATION
MatchLow Change
High Change
27
M U L T I F A C T O R A U T H E N T I C A T I O NB E T T E R U S E R E X P E R I E N C E E V E N F O R H I G H R I S K T R A N S A C T I O N S
Drive all authentication through one mobile experience,
with configurable options
Single-party or multi-party real time swipe
authorization
Geo-fencing and time-fencing constraints create
secure login zones
Proximity - Requires a preset Bluetooth device to be nearby
Fingerprint - Biometric scans using customer’s mobile device
Circle Code - Graphic pattern uses customer’s mobile device
PIN Codes - Authenticate using user-defined PIN codes
29
FRICTIONLESS USER EXPERIENCEWITH TRANSPARENT FRAUD PREVENTION & AUTHENTICATION
REWARD GOOD CUSTOMERS
Build brand loyalty
Grow revenue
Grow market share
30
Building Brand Loyalty
Accelerate VIP status
offers
Offerbonus chips
Accelerate deposit limit
increases
Less cumbersome
deposit procedures
while minimizing your risk
31
Machine learning with device intelligencedata can predict transaction outcomes:
• Highly risky (likely to be fraudulent)
• Highly trustworthy
23Bonline
transactions
Millions ofcombinations
analyzed
30M confirmed
fraud reports
3Bknown devices
32
PredictiveTransaction
Insight
Device Behavior & Attributes
Device transaction velocity
Evasive, rooted/jailbroken,other risk indicators
Associated with past fraud?
Account Behavior
Account transaction velocity
Associated with past fraud?
Demographic
City, ISP, geolocation
Patterns of geo-location attributes
Mismatch of location indicators
Subscriber
Subscriber and transaction timezone patterns
34
USING DEVICE INTELLIGENCE TO IMPROVE END TO END USER EXPERIENCE
Learn more about the user without adding friction
Offer trustworthy users incentives to create an
account and play
Keep out devices that are risky or associated with
past fraud.
NEW ACCOUNT CREATION
Eliminate need for passwords while
protecting against account take over
Offer trustworthy users incentives to play more
LOGIN
Offer easier & convenient payment options for
trustworthy customers
Identify high-risk customers without adding friction to
good customers
Offer low-friction multi-factor authentication to
protect the account
DEPOSITS, WITHDRAWALS,
PURCHASES
35
ONLINE SECURITYONLINE FRAUD
Credit card fraud
Affiliate fraud
Arbitrage
Bonus abuse
Stolen identity
Account take over
Breached credentials
Spoofing
Unauthorized access
Replay attack
YOUR CUSTOMER