E-Commerce Breeds Predators
In our digital world where shopping, social and financial transactions (including investments, insurance, and banking) occur online, E-commerce has become a breeding ground for the worst kind of predators and thieves.
Like in the movie, “Night of the Living Dead,” they just keep coming, attracted by the opportunity to exploit privacy weaknesses in how customers are identified and protected by the companies that serve them.
We all are sensitive to social media predators when it comes to our children and ensuring that we keep these monsters away.
But how do the companies that serve you and support your social media activity ensure cybersecurity and privacy?
Let’s start with what they are dealing with when it comes to the threats that confront us all:
Criminals can anonymously hack and steal your identity – including sensitive information such as social security numbers, passwords and other personal information about your background.
This is done by gaining illegal access to company systems from anywhere on the planet.
There are many companies with platforms supporting systems these thieves can exploit by hunting for access points that aren’t well protected or are easy to defeat.
Once they have some basic information they can pretend that they are you – and many other people.
They can empty bank accounts, order goods and have them shipped to bogus addresses with your credit card.
In addition, they can collect other sensitive personal information to further evolve their knowledge and access well beyond where they started.
There can also be malicious insiders that steal information from the inside of these large-scale organizations to sell or exploit for their own gain.
Typical e-commerce security and identity access management systems are driven by rules-based customer authentication methods to manage access control, identity verification and governance.
But criminals are smart and creative. Unlike the slow-moving zombies in Night of the Living Dead, these criminals learn fast.
Cybercriminals are constantly changing approaches and practices, emboldened by their remote locations and electronic anonymity.
There’s no need to break into your physical home to steal your money. Instead, they are capable of breaking into your digital home and expand the scope of who and what they are stealing.
Spotting Emerging Criminal Behavior is the Key to Preventing the Threat
Catching these monsters before they get into your digital world is key, and relies on constantly spotting suspicious unusual behavior.
In order to do this well, machines need to be able to monitor and track enormous amounts of activity to ensure they can see what the criminals are up to in terms of newly learned methods for stealing your identity and hacking your accounts.
In the fraud detection business, it’s common knowledge that passwords create the single greatest threat to identity theft.
Why? Because once you get your hands on a person’s password, you can gain access into any system.
Passwords make theft easy.
Think about how many passwords you use and the typical approach most people take, which is to have some variation of a common theme.
Once a criminal has identity information on you, they can run many variations of passwords to gain access – and more access to more accounts more easily.
That truly is scary!
To effectively block these monsters from getting to their customers, organizations are adding different forms of authentication beyond passwords and double authentication passcodes sent to a second device you registered.
Think about how easy it could be for a criminal to register their device as your device and get this code once they have your password.
Today, biometrics such as facial and voice recognition through a device, social media data, or behavioral information are all being added as additional layers of security.
But how is this information monitored?
AI Helps….When It’s Not a Black Box
This is where artificial intelligence plays a valuable role. AI can look for and predict potential identity theft attempts.
However, there is a scary feature about AI itself and that is that it is a black box.
Machine learning algorithms can flag a potential security breach or suspicious activity, but they can’t tell you why.
With constantly changing criminal behavior, it’s impossible to train the machines on what is “normal” vs. “suspicious” or “you” vs. an “imposter” and adapt and change rapidly based on new anomalous events.
Explainable AI Reveals New Patterns of Criminal Behavior
But, like the criminals themselves, there is an evolving area of AI that is here to help, and that is called Explainable AI (XAI).
Explainable AI can reveal what the machine is seeing that is bad, suspicious, or not you.
It can ingest vast amounts of data and tell the business why it’s predicting something is unusual or anomalous.
It can see emerging new patterns of criminal behavior and provide the underlying basis for why it is detecting a hacking threat.
In our constantly changing digital world, this is the new weapon against the criminals; providing a frictionless customer experience at little risk to you.
And this should scare the criminals! Why? Below are a few reasons:
- XAI is able to show how a criminal breached an account – the pathway that they took to overcome different cybersecurity obstacles and stop it from happening again.
- XAI can explain an anomaly – what is a first time occurrence – and explain why its different than any other transaction or event.
- XAI can explain why someone pretending to be you is behaving differently than you.
Perhaps it was how this person hesitated on inputting personal data much longer than you do for example.
A business can see this and decide if this is a red flag or not.
- XAI can look at multiple factors occurring together and reveal what the combination of factors are that contribute to a predicted risk vs. any single factor on its own.
- XAI can reveal why one unusual anomalous threat looks just like another, and help speed up the source of the threat based on this commonality.
These are just a few ways explainable AI changes the game when it comes to privacy and securing the safety of your digital existence from the criminal monsters that try to invade it.
You’ll love our newsletter! Sign up here.
About the Author
Dave Irwin is CMO of simMachines, and a 25-year industry veteran with extensive expertise in data and analytics-driven marketing and advertising spanning traditional CRM, digital and addressable TV and online video.