Ryan Christoffersen of Emailage, a LexisNexis Risk Solutions Company, recently spoke with NORA TV about detecting and outsmarting fraud, especially in e-commerce, and how email is the global passport businesses can use to detect and prevent fraud events. The transcript below features their conversation and has been edited for clarity and brevity.
Julie: Hi, I’m Julie and I’m proud to be a member of the NORA Advisory Council. Now I’m here today with Nora TV. Welcome to another industry partner session.
We’d like to welcome Ryan Christoffersen from Emailage today to NORA, and can you tell us a little bit about yourself?
Ryan: Hi, Julie and NORA. Thank you for the invitation. Great to meet you today. My background is in risk and compliance, previously in banking and finance. Since I’ve joined the company that sort of compliance and risk aspect has moved into retail and online e-commerce. Which is my role within Emailage here in Australia, New Zealand is to manage the operations locally for the business.
Julie: Fantastic. So now a lot of our audience may not have heard of Emailage. So can you tell us a little bit more about background and what you do?
Ryan: I’ll be glad to. So Emailage, we’re in the business of working together as a as an industry, as a network to fight or outsmart fraud.
And I guess the together piece I’m representing there is really the sharing of knowledge globally within e-commerce and beyond e-commerce into banking, finance and travel, many other industries where fraud exists. That’s that together aspect. And as far as outsmarting fraud, that’s about using science, data science, machine learning techniques to make it more difficult for the fraudsters to navigate and commit those crimes to e-commerce and cause those chargebacks and things like that.
But Emailage, we were founded on the concept of, when you look at an online transaction, there’s not a lot of data or detail behind that email address. No one in the market, back when we were founded, could provide any intelligence on who is this person behind the email. Do they really own their credit card they’re using? Do they really own that identity? They’re using to apply for that personal loan or whatever it might be.
So Emailage built a consortium, a global data consortium, cutting across many different segments to build intelligence on email addresses. Because when you think about email addresses, you could make an argument that they are our digital passport. We all have one. We’ve had one now for five, 10, 15, 20 years. That’s a huge amount of transactional and behavioral history that’s linked to that email address.
Whereas fraudsters can create brand new ones. We know they do. They’re free. They’re disposable. They can create many instantly. These have got no substance. And that’s where we can start to see the difference between a good customer and a risky customer at a very high level.
Julie: Yeah, that’s fascinating because I haven’t heard of fraud being looked at in that way before. Hooking it back to everyone’s unique identifier.
Ryan: Exactly, it’s the global unique identifier. There’s not many. There’s a lot of ways you can reduce fraud and manage risk in a transaction. You know, wanting to understand, does this person who’s using his credit card, do they truly own it? Is it theirs? The best fraud strategies will have a layered approach. So, they won’t rely on one signal. They’ll make it as difficult as they can for the fraudster whilst also managing customer experience because fraud controls are important. But you don’t want to sacrifice the customer experience, which is probably more important, you know, to reduce one or two percent of your fraud. So, it’s super important you get that balance right. And that’s where Emailage does come into play because we’re able to identify positive customer behavior linked to that email address. All of this happens behind the scenes. So, there’s no impact on the consumer.
Julie: And probably a question that might be on the tip of people’s tongues is data and privacy. How do you get around that with also looking at people’s unique?
Ryan: Yeah. So, we deal in PII Data, email addresses, IP addresses, name, phone number, address, all these sorts of data inputs. We’re fully compliant with Australian data privacy principles, with GDPR, with all the other data regulation data privacy regulation I should say around the world where we operate. Data processes in Australia, encrypted methods of transit and storage, all those sorts of things. It’s arguably our number one priority, is the data privacy of the consumer information. If it wasn’t, we wouldn’t have a business.
Julie: Yeah. No, I’m sure you have that one down. And you’ve been in Australia for two years?
Ryan: Yes, Emailage has had an operation in Australia for two years, but we’ve been transacting in Australia for many years. Many of our clients are all around the world, including Australia. And then we’ve got many clients who are Australian. Publicly listed as IS6 retail groups to small retailers as well. Privately owned. We’ve had an operation in Australia for two years. Very much an Australian entity in that regard. Australian data processor, Australian contracts, Australian pricing, Australian data privacy laws, all those sorts of things.
Julie: And you touched on this who do you typically work with? Is it an affordable solution for the large end of town plus also small players?
Ryan: Yes, one of my big focuses is to make it affordable and easy for all customers who are experiencing fraud so I can customize commercial offering to suit. But to answer your question, generally customers will pay a per transaction fee. So, if they query the Emailage server 10 times over a month, they pay for 10 transactions. If they query it one hundred thousand times over a month. Like a big retail group would, they would pay. And the price is reflective of the volume that they’re using. That said, we do have other ways we can we can break that down to make it work for all customers.
Julie: That’s great. That’s great. One of the other key questions which I always ask when I look at solutions. How easy is it to implement?
Ryan: Certainly. So, there are two options. But there’s actually a few different options. There’s the API option which allows for automation and no touch, I suppose. There’s the web portal option. And a lot of smaller customers who don’t do big volume transactions will just log into the web portal and use it as and when they need to query. Maybe they’re doing a manual review of a transaction before they approve it. So that’s a very, I guess, cost effective way. There’s no, I guess, I.T. implementation or resources required. And lastly, we have some key partners in an e-commerce who have major fraud and payment platforms, which we’re integrated into as well. So, you can access us through a payment gateway or another fraud platform. We can access us direct or you can log into the portal.
Julie: Fantastic. Lots of different ways.
Ryan: We want to make it easy.
Julie: Can you talk to some of the successes? And what people can expect to see and I’m sure it varies different industries because I know different industries have more fraud than others.
Ryan: That’s a good question. And I can speak to some specific clients here in Australia. I can’t name them, but I can speak to the results we see in one retail group, major retail group. We see sort of fraud hit rate, which reflects accuracy, right, of around 50% and coverage of around 50% So it’s very accurate in terms of false positive rates. And it’s also covering 50 percent of the chargebacks. So that’s a significant, I guess, result for them and a significant ROI. But it does vary from business to business as well. It can vary from the data inputs we’re seeing. Some clients don’t pass the full suite. They don’t collect them all. Others do. So, there are some variations there.
Julie: Yeah. Fantastic. Thank you. Thank you so much. And is it anything else you’d like to you’d like to add in and tell the audience?
Ryan: Yeah, I guess the key message that we want to get across is to outsmart the fraudster. You know, it’s about working together, sharing of knowledge. Compliantly, of course, under data privacy, you know, sort of restrictions, I suppose. But utilizing technology and machine learning techniques to understand the anomalies and the patterns behind a transaction to determine is this person really who they say they are? Does this credit card belong to them? And the email address is a very powerful data input to be able to leverage to determine that risk level. If you think about email, we’ve all got one. We’ve had one now for a long period of time. There’s a huge amount of rich history behind our email addresses and we also see the same data inputs linked to that same email. Whenever we transact, we’re buying an airline ticket that airlines see my name, my phone number, my address. Often the same IP address. We’re all linked to the email address. So, we’re able to provide a digital footprint for that for their customers email.
Julie: That’s wonderful. Thank you so much, Ryan:. Thank you. I never thought fraud would be so interesting and important. I’m gonna have a look at look up Emailage now.
Ryan: Please do. Great talking with you. Thank you.