<img height="1" width="1" alt="" style="display:none" src="https://www.facebook.com/tr?id=799187456795375&amp;ev=PixelInitialized">

Why is the Email Address Your Secret Weapon for Fraud Prevention?

March 15, 2021
By Lizzie Hoffman

EmailFraudPrevention

Recently, Phil Davis, TowerData's CBO, sat down for a quick fireside chat with a good friend and expert in fraud prevention for FinTech, Tim Li, CEO/Founder of Alchemy, a private labeled lending software company that powers BNPL, FinTechs and Banks worldwide. Here's what they had to say about email and why it's the secret weapon for fraud prevention.

Phil Davis (PD): So I'll get right to the point – why is email such a powerful data point for fraud prevention strategies?

Tim Li (TL): We live and die with email, day to day basis communications in personal life + business. Because of this, your email is almost your nickname. If you're like me, you can have an email for 20 years and use it for hundreds of thousands of activities leaving breadcrumbs of data everywhere. This is how your email becomes associated with you + your identity. It's a new identifier, essentially, or your pseudo-PII, for those of us in the finance field. 

PD: You mentioned "breadcrumbs". For those of us in email marketing, these translate to contact fields, but which breadcrumbs or fields are important to the  fraud prevention algorithms?

TL: I personally think you have to start with "born-on dates". These are dates when was the first time the universe has seen the email. If you think of credit risk management, your credibility is somewhat based on the first time credit bureaus have seen you. This born-on date in email establishes your digital identity.

Put yourself in the shoes of a financial institution – If someone creates an email address yesterday then applies for a credit card or loan today, it's typically a red flag, and for good reason. The born-on date is generally a great initial signifier for credibility both in finance and the digital space.

PD: Okay, but some folks may create multiple emails at one point to make their born-on date look older, and, therefore, it's easier to commit fraud. So what other fields are key to analyze?

TL: Right, fraudsters are smart, letting their email addresses age. So this is where usage comes into play! There are two primary definitions of usage:

  • how widely is the email used (multiple locations)
  • how frequently is the email used in a recent time period
These are also known as popularity and velocity, respectively. I.E. is the email used in multiple places and how frequently was it used in a recent period of time (30 days, 60 days, 90 days, etc).

These activity points, in addition to born-on date, are key components that allow you to triangulate the legitimacy of an email. Say the email is old, but you see a spike in recent activity – this can be a good sign or bad sign, but either way it's a signal to look a little closer.

PD: While these fields themselves are great analysis points, what about the email address itself? Its construction, syntax, etc - what are you looking for there to determine legitimacy?

TL: Here we're looking at a couple of pieces:

  1. The handle (before the @ symbol): It's impossible to get single name emails in this day and age, so you have to make a longer email handle to get an email address. Fraudsters are doing the same thing. If it doesn't look right at a glance, this gut instinct is typically right!
  2. Numbers and letters: Additional data science regarding percentages of numbers vs. letters in a handle (higher numbers typically indicate fraud), can be performed to weed out fraud. But you can also use linguistics (vowels vs. consonants) if you feel confident and have the data to back up your decisions.
  3. Domains: These are a huge piece of the puzzle, but luckily it's easy to use a service to validate the email address, specifically the domain. TowerData has a service to help with this, right?

PD: Right, we've built services to help determine both these activity levels and validate emails. We try to eliminate the heavy lift for clients looking to feed their algorithms. With our Email Activity Metrics service, we've built fields to determine:

  • Velocity: Tracks the relative activity of an email address.
  • Popularity: Measures the number of different sources from which an email was sent.
  • Longevity: Represents the relative age of the email.
  • Date First Seen: Denotes the date that TowerData first encountered the email address.

We've also identified an opener field to associate activity in addition to velocity scores. By adding in Email Validation, we look at the domains (active, good, bad) and we analyze the syntax of the email to see if the rules are applied. Our corresponding codes can be added to algorithms to prevent fraud.

But I'd like to shift from the data points to Identity for a moment. So how do you get better associations tied to the email address to make sure you're comfortable working with the individual. Where does Identity come into play?

TL: Like I mentioned before, triangulation is key - lots of data on the email itself is great, but what if we pair that email to your name + postal address? Have these all been seen together ever in the universe, and, if so, how often? If yes and frequently, it's a good indicator it's legitimate. If not or it's infrequent, you might want to look into it further. 

PD: Exactly, so once you've identified fraudulent email addresses or high risk emails, what do you do?

TL: Let's also consider the speed of things happening today: you can perform high risk transactions over the phone and virtually instantly today. Now, once you have your hands on this info, traditionally we'll put them into a waterfall.

This is where you'll eliminate the 30% that are easy to identify as fraud with email validation and activity metrics, and then you'll work with the 70% where you'll need to contact the credit bureau or other agencies to determine who the individual is. Understand, though, this second step is more costly, but this waterfall strategy works every time and saves a lot of money at the end of the day.

PD: So what we provide with Email Activity Metrics and Validation is the most reasonably priced option as a first step, then you can move onto the more costly initiatives that require a little more care and digging on your part.

But putting on my marketer hat, next, I want great leads to come in and convert for a great ROI. I have to toss the trash, but where do I find the value in the remaining email?

TL: For acquisition, it typically breaks down like this:

  • 30% of traffic becomes a customer
  • 30% is trash
  • 30% is engaged non-converters

You don't want to burn your ISPs by sending to fraudulent emails, so use the technology available to see how active that last 30% (the non-converted but good prospects) are behaving using the Email Activity Metrics fields. Then, you can use marketing strategies to bring them back into your active marketing segments.

And for your customers, you want to send out strategic campaigns based on activity, but be sure to cater to their device preference, time preference, etc. It's all about careful planning, testing and adjusting.

PD: That makes a lot of sense! Our affiliate mailers, who are high-volume emailers, love Open Data because it allows them to see inbox activity and wipe out those who aren't active, and it really works to save their ISPs since they're such high volume senders. 

I think another opportunity is getting early stage email data right away so you can immediately recognize if you're getting bad leads from an affiliate source or advertising source. This way you can report it, avoid being charged for it and weed out an affiliate or advertiser sending you the junk. 

TL: Exactly. Many of our customers buy from lead generators, and you don't have time to analyze everything, nor do you have time to do a full blown credit pull on every single individual. You want to see off-hand these key data fields and implement a waterfall strategy from the get-go.

PD: We touched on it before, but let's dive in now – what's changed from 5 years ago and what will change going forward?

TL: Well, 5 years ago we had the iPhone 6 and 7, now we have iPhone 12, coming up on 13 with 5G. Things are speeding up at a faster rate, so lenders and even retailers have less time to determine legitimacy of an individual submitting payment activities.

It's also easier now for people to apply to literally anything, and when you have 700 milliseconds or less to react to a request (credit application or payment), a tool like Email Validation is great to have on-hand to quickly figure out the strategies you need to deal with for those precious 2-3 minutes of decision time. You have to make critical decisions higher up in the funnel now!


 

To learn more about any of the services mentioned in this conversation, reach out to our team to set up a call!

call-iconContact Us to Learn More

Share Your Comments