Collaboration and Anonymization in Fraud Prevention: Vlad Branin, Director of Product, Global Business Operations at Gett
I’ve been in the payments and fraud industry for a long time now. I’ve seen firsthand how the many diverse players in the field have reacted and adapted to changes in technology, globalization, customer behaviors and consumer demands.
There’s one lesson I’ve learned that touches everything about payments. It sounds simple, but it’s more subtle than people realize.
Everything is interconnected.
If you try to explain the payments world to someone from outside it, you lose them almost at once. The sheer number of organizations involved behind the scenes when all you want to do is buy a $20 shirt online is complex and astonishing. How do we do it? It’s all about collaboration.
Collaboration is crucial. More than that, if it’s done right, collaboration turns that interconnected reality from vulnerability into a true asset.
I’ve seen over and over again the value of collaboration, from streamlining customer experience, speeding up payments, to stopping fraud. And our industry is good at it, sharing experiences at conferences, ideas at meetups, and blacklists and best practices on forums.
Still, though, we need better collaborative efforts, particularly in fraud prevention. We’re fighting the same enemies and we’re far stronger together than working in silo. We have tremendous overlap of both good customers and fraudulent users; by working together, we can make sure the first group sail through account setup and checkout, and the second group are stopped cold.
Many companies talk about having a “network effect”, but do they really have it? And to what extent is that even possible, without sharing more data than seems reasonable or safe?
It’s this last question which leads to the frustration of the gaps where collaboration isn’t possible.
A lot of the dead ends come from a refusal to share data.
I sympathize. Of course I don’t want to share my users’ data. I wouldn’t even consider it for a second. Can you imagine trying to tell your executives that you wanted to share? They’d laugh you out of the office.
They’d also be right to do so; we’re responsible for protecting user data. No one minds sharing blacklists, sure, but when it comes to good users, their data is something they’ve entrusted to us. It’s our job to look after it. And nowadays there are regulations like GDPR and so on which try to make sure that we do.
Collaboration is valuable, but not at the expense of exposing data. It’s only very recently that I’ve come to understand that what that really means is that deep, direct, meaningful collaboration is only possible with anonymization.
I want to be clear here that I’m talking about true anonymization, where you can’t reidentify the data. We’ve seen over and over again how supposedly “anonymous” but really pseudo-anonymous efforts are too weak to rely on.
In one study, researchers found that they could correctly re-identify 99.98% of individuals in anonymized data sets with just 15 demographic attributes. In another, looking at credit card metadata, just four random pieces of information were enough to re-identify 90% of the shoppers as unique individuals.
I certainly wouldn’t share my users’ data with those sorts of risks. This weak pseudo-anonymity would never work for the kind of meaningful collaboration I’m talking about.
True anonymization is what made me excited about Identiq. Actually, at first I thought Identiq’s idea was completely impossible. I thought it was too good to be true.
It was only later, when they took me through the cryptography and technology behind it, that I realized it was what I’d been wanting for years and given up hope of seeing: real anonymization, efficient enough to be useful - that could enable meaningful, valuable collaboration on a data level without ever sharing any user data.
As soon as I understood the anonymization aspect properly, I was hooked. For me, that’s the magic part of Identiq’s network. It’s what makes everything else possible. It’s like a combination of network effect and anonymization - something which should provide a very high level of confidence for business decision makers, when it comes to trust.
For me, I see Identiq as only the start of a new paradigm of potential in payments and in fraud prevention. In payments, everything is interconnected.
If different organizations can start to really work together - on the data level - now that anonymization is finally possible, then a whole new level of improvements and innovations open up as well.
Anonymization sounds like a dry, technical sort of thing. But if you’re in payments or fraud prevention, it’s actually enormously exciting once you understand what it means. It’s the collaboration we all value so highly - on a much deeper and more impactful level.
I’m very interested to see where anonymization takes us next, now that it’s here.
Looking forward to collaborating with you all,
Vlad has been in the fraud and payments industry for more than 15 years now, and has worked in numerous areas of the payments process, from banking to processors, local and global acquirers, payment gateways, and merchant in-house. His breadth of experience makes him a powerful voice, particularly during a time when things change so quickly.
This blog post is part of our Fighting Fraud on the Front Lines series, bringing the expertise and experience of veteran fraud fighters to a wider audience. Identiq is all about collaboration, and we firmly believe that the more we pool our knowledge (though not our data!) the stronger we become as an industry.
Do you have something burning to share with the community? Or do you know someone who has a lot of fraud prevention wisdom to share? Reach out to us!