Sam Bouso is CEO and founder of Precognitive, a fraud prevention provider that combines device intelligence, advanced behavioral analytics and machine learning to help fight online fraud.
Bouso has over 13 years of experience in building anti-fraud technology and firmly believes that ‘password protection’ is outdated, championing the need for more advanced fraud defenses. He created Precognitive in 2016 with the vision of revolutionizing fraud prevention and detection solutions.
Infosecurity recently spoke with Bouso to learn more about Precognitve’s offering, discuss the state of the current fraud landscape and explore what the future of fraud prevention might have in store.
What is Precognitive and what does the company offer?
Precognitive is an enterprise cybercrime prevention platform that services businesses spanning several key industries, including banking, FinTech, travel, insurance, entertainment and retail e-commerce. For the companies it serves, it is revolutionizing the way they fight online fraud and protect their customer accounts.
Unlike most fraud protection companies that provide point solutions, Precognitive offers a modular suite of products which includes device intelligence, behavioral analytics, behavioral biometrics, a rules engine and machine learning.
The loosely coupled technology stack allows businesses to mitigate online fraud, account takeover, bot attacks, and even detect user deception in processes such as online account applications.
What is the current state of play of fraud threats and risks?
Exposure points for businesses continue to grow and morph. Existing technologies have been outpaced by criminal syndicates. We are seeing a decay in efficiency of first and second generation solutions as techniques used by fraud rings mature and become more sophisticated, leaving many businesses vulnerable, especially large enterprises.
The data relied on by many for verification purposes is more readily available on black markets than ever before. The barrier of entry for fraudsters continues to get lower, and more sophisticated groups are turning to automation, allowing them to perpetrate attacks at a stifling pace.
Businesses have become proficient at stopping novice fraudsters and criminals, but there is a growing risk from sophisticated outfits that has gone unaddressed. Many businesses don’t realize the increased risk until they encounter one of these sophisticated groups and incur substantial losses. Overall, fraud is better managed, but the run-away train scenarios are more common and punishing in nature when they occur.
How would you rate the general standard of fraud prevention strategies and solutions?
The current strategies employed in fraud prevention have remained rather static with a few exceptional entrants into the market. The biggest challenge we see is a rise in false positives.
A vast majority of the strategies we see employed rely on assessment of data supplied by the user. With data breaches becoming a bit of an epidemic, the personally identifiable information many solutions rely on can now be easily acquired by bad actors.
As a result, we’ve seen existing strategies and solutions respond by tightening thresholds around the fraud strategies. Inadvertently, they have in turn increased their false positives and are impacting legitimate consumers.
How must fraud prevention/detection evolve to defend against evolving fraud techniques?
Companies need to be educated on next-generation security technologies that evolve at a faster rate than fraudsters. Next-generation fraud prevention solutions aim to provide security without introducing friction to the user experience. An example of friction is a false positive, which is the phrase used to describe the flagging of an innocent customer’s purchase journey as fraud. It’s important to keep in mind that false positives, and other friction-causing security mistakes, can also impact a company’s bottom line.
Moving forward, companies will need to combine security technologies that traditionally live under multiple domains – online fraud prevention, cybersecurity and artificial intelligence – to create ‘full fraud stack’ solutions to mitigate complex attacks that are becoming commonplace for companies.