At first glance, it might seem like fraud prevention and privacy have little in common. Fraud prevention is about stopping fraudsters from abusing and stealing from a business, while privacy protects business and consumer data, and ensures the company is compliant with relevant regulations.
In some ways, the two departments even have competing priorities: Fraud fighters gather as much information as possible about the customers who come to their site, in order to make good decisions about which users and transactions are legitimate, and which are fraudulent. Privacy professionals, on the other hand, prefer to limit the amount of personal data held.
Beyond that, the traditional system of data enrichment, on which fraud prevention teams usually rely, involves sharing users’ personal data with third party data brokers, in exchange for learning more about the user. Privacy professionals, of course, aim to reduce instances of data sharing wherever possible.
But now, the old order has turned on its head.
Enter Privacy Enhancing Computation
Gartner declared 2021 the year that Privacy Enhancing Computation becomes a Top Strategic Tech Trend – in other words, a trend all companies should start exploring both to reinvent current processes, and to stay ahead of competitors.
Privacy Enhancing Computation is a branch of cryptography and mathematics which enables people to leverage data without ever sharing it. In the case of fraud prevention, what that means is that companies can work together to pool trust in good users, without ever sharing any personal user information. It’s a win for fraud prevention teams – and also for privacy.
The result of Privacy Enhancing Computation is sometimes called providerless technology – because it enables companies to collaborate directly, without needing third party providers in the middle. And since no sensitive data is being shared, companies working this way can even leverage details which used to be out of bounds, like credit card numbers.
In the context of fraud prevention, say you currently use multiple third parties to enrich your user data – maybe one company for more information about device intelligence, another for email addresses, another for phone numbers, another for IPs and so on. You share personal user info with all of these providers.
With providerless technology, you can shift to working with one network of other e-commerce or payments sites, apps, marketplaces etc. – fresher and more reliable results, with no personal user information shared.
Identifying the Good Guys First
Providerless technology means that fraud prevention teams can finally identify good customers with confidence every time – even their very first visit to the site or app. The question you ask a providerless network is not “How suspicious does this user look?” but rather “Have you seen this identity before?”
If many companies on the network recognize and trust the user, then your site can too, even if you’ve never seen them before. It’s a pool of trust you can draw on whenever you need.
On the other hand if some of the details don’t match up to what’s been seen before, or are totally new to the entire network – well, some judicious friction might be wise.
The fraud prevention team then has far more time to spend on the “grey area” cases, which merit further investigation – while good users get a fantastic frictionless experience every time.
Privacy As a Fraud Prevention Gamechanger
What makes this powerful providerless technology possible is the privacy element. Without it, attempts to work together can only be very limited, such as shared decline lists which fall out of date so quickly. It’s the privacy aspect, ensuring that no personal user data is ever shared with anyone on the network or the network itself, that makes real collaboration possible – as in solutions like Identiq‘s anonymous identity validation network.
It’s no wonder that Gartner chose Privacy Enhancing Computation as a key strategic trend this year. The possibilities are huge – and tremendously exciting – for privacy professionals, fraud fighters, and ultimately every level of an organization.
