Fraud Prevention in Payments: Through the User Journey - Ofer Golan, Wix
Payments on the Front Lines: Louise Garratt, Senior Payments Manager at easyJet
Louise Garratt is the Senior Payments Manager at easyJet, and has been working in the world of digital payments for nearly 10 years. Her depth of experience covers the gamut of the payments industry, from digital experience to alternative payments to chargebacks, refunds, and much more.
Louise works closely with fraud prevention and customer experience departments, ensuring that the efforts of the payments department serve the needs of the company and its customers. That’s crucial at a company like easyJet, where the aim of optimal customer experience is at the heart of every department’s strategy.
As a result of all this experience and awareness, Louise has a broad and incisive understanding of where the payments and fraud prevention industries are at - and where they’re going. We were delighted to have the chance to sit down with her virtually and discuss her insights on recent trends, the changes wrought by COVID-19 and which developments to keep an eye on, going forward.
This interview is part of our Fighting Fraud on the Front Lines series to enable fraud and payments professionals everywhere to benefit from the knowledge and experience of leaders in the field - especially at a time when in-person meetups are rare and challenging. Louise, coming from the hard-hit travel industry, has particularly timely points to share.
Thanks for joining us, Louise! We were especially excited to be able to talk to you given your wide experience of payments in different industries. What would you say is the main thing you’ve learned from that diverse experience?
There’s one thing which really stands out to me from all of those experiences and industries, actually, and that’s something that was apparent to me way back ten years or so ago, when I was working at Virgin, and I’ve seen how true it is everywhere I’ve worked since as well and that’s the people element.
People underestimate the personal side of things. While it’s important to focus on the work that needs to get done every day, it’s also important to make good contacts and build a strong network.
You can never have too many good contacts - you never know what remarkable opportunity for collaboration might appear. You never know what bizarre or arcane piece of knowledge you might suddenly need.
One of the most common email subject lines I use has got to be “Random question” - when I’m emailing someone to ask about something not directly related to anything we usually do together or talk about. It’s often even something that isn’t an obvious part of my job at all but the answers that come back are usually insightful and turn out to be not so random after all!
Collaboration is also key - working together, with experts inside your own company and with people outside your company but from related industries, is invaluable. I’ve seen that especially in fraud prevention, with the various airline fraud forums that work together against their common enemy, but you also see that in payments as well. Collaboration to get sensible, impactful regulations passed, or to move deadlines if they’re impractical, or to open things up so everyone benefits.
The network you build this way is invaluable; when you can ask an expert about practically anything, you can put such a rich tapestry together about what’s really out there which helps to create a grounded, actionable, successful strategy.
In a role with so much responsibility, having confidence in your strategy must be incredibly important to you?
Oh, absolutely. A broad understanding of the company’s goals is crucial - what do we want to achieve as a company? And from there, how can my department help achieve those goals? For that, you need to know the facts as they really are, from all directions.
That’s what got me interested in fraud prevention, in the first place - because you can’t make the right decisions for payments, if you’re not taking fraud into account. The key is the balance between sales and fraud, ensuring that our customers have a great experience but we’re keeping the bad guys out too! Accuracy is key and a strong fraud team is a great asset to any organisation.
My role as payments manager is very much a matrix role working across the business to ensure that my payments strategy enables the commercial team to meet their objectives, whilst ensuring that it doesn’t bring in additional risk for our fraud team. It really is a consultative role, particularly now that payments gets so much attention from the executive level, and it’s vital to be confident in your strategy.
Sometimes, as well, you’ll want to know about a new project belonging to a different department very early on. If you’ve invested in your network within the company, you will. Either you’ll want to be able to build it into your own strategy for the department - so that you’ll have more payments options available, for example, to support a new sales initiative - or you might want to be able to push back before things get too close to launch, if what’s being suggested isn’t practical from what you know as the Subject Matter Expert in payments.
Doesn’t that sometimes make you the bad guy in the room?
Yes - that’s the occupational hazard of being an SME in a company, really. But that’s where the relationship-building aspect comes in again; if you’ve built good relationships with other departments, and you approach everything from the perspective of wanting what’s best for the company as a whole, and our customers, you find people are more on side than you’d think.
It’s partly that they understand your side better, and why you’re saying what you’re saying - but it’s also partly that if you’ve really learned from them, you’ll be basing your opinion on real scenarios. I’ve picked up so much technical knowledge over the years, for example, and it means that I’m able to relate to the audience I’m talking to whether it’s our IT teams or commercial teams, or even our PCI compliance teams. For me to be successful in my role it’s important that I demonstrate a high level of understanding of these areas, which in turn helps me to build those relationships.
That’s good to hear, and I’m sure will be reassuring to other professionals wondering how best to give bad news. Fraud prevention professionals often get cast as naysayers in organizations, after all. Any other advice, for that?
Education. You can’t expect other departments to know what you do, and they don’t usually have enough time to feel justified in finding out. You need to educate other people in your organization about the issues in your area of expertise that they need to know. It’s valuable for them, and long-term it’ll be valuable for you, too.
Commercials teams tend to be focused on “sales” or “revenue” without fully realising that if the transaction is fraudulent or we receive a chargeback, that sale is not revenue, and they may not have made that connection. Fraud and payments are very niche areas and unless you work in them you don’t naturally think about a sale not resulting in money in the bank at the end of the day.
Being able to demonstrate that you want the business to succeed just as much as the commercial teams do really helps to build those bridges, and change the perception of the fraud teams from naysayers to “revenue protectors”!
What are the main things that you’ve seen change during the COVID-19 crisis?
Well, the biggest, for payments, has been the volume of refunds. I know that’s most obvious in travel, but it’s happening to companies in all kinds of industries. Even if your business hasn’t had to cancel anything or put products or events on hold, your customers’ situation has changed. Sometimes purchases which made sense in February stopped making sense by April. Or, if you couldn’t supply something fast enough, it stopped being relevant. Everyone is dealing with refunds now, on a scale we’ve never seen before. Of course they were always a factor, but now they’re front and center.
I think that’s nudging a real shift in mindset, actually. It’s something I’ve always been conscious off having started my career in refunds, that if you’re going to add a new form of payment or accept a new currency for sales, you need to be able to refund those transactions. You need to think through the whole payments cycle and its possibilities, anytime you want to change processes or add new technologies or products.
The other thing that’s become very apparent over the last 12 weeks is just how important the relationship you have with your third-party providers has become. In payments, and I know in other industries as well, there often isn’t that much difference between one organization providing a necessary service and another. But what can be very different - and make a huge difference - is how good the relationship you have with that provider is. An area that’s often undervalued is good account management skills!
You mean the relationship you have with your account manager at an acquirer, or a processor, or a fraud prevention vendor?
Exactly. It’s not just about the actual service they’re providing, it’s their attitude. Do they understand your needs? Do they care? Will they try to adapt and make changes for you, specifically, if something shifts unexpectedly? Third parties who manage that, you’ll remember, long after this crisis is past. Those who didn’t - might not have your loyalty when the dust has settled.
Ultimately, however complex and intricate the payments ecosystem has become, we’re all in it together. That’s even more true for fraud prevention; you’re in it against the criminals. We need to be able to work through challenges together. Collaboration is key.
A support phone number just doesn’t cut it anymore. You need honest conversations, and real help. That was something that has always been important, but now it’s essential.
Do you think those kinds of positive relationships are common?
It varies tremendously. But I’ll tell you - payments and fraud prevention are very inter-connected types of industries. We all talk to each other. In fact, we have to talk to each other, to keep up to date with best practices and new trends and make sure that what we’re seeing isn’t just in our company. So if you have a bad experience, you’ll share that. But good relationships are shared, too.
As a third party you need to be realistic about this and invest in your account management teams, because every department is having to take a hard look at their budget right now and if challenged to choose between providers it’ll be the ones who have demonstrated that depth of understanding of my business and support during difficult times that will put one provider above another.
I do feel very fortunate to be in an industry like this, where the professionals are so open to collaboration and keen to work together and share knowledge and experiences to help one another.
We’re in such a fascinating period right now. Back when I was starting we were just starting to look at e-wallets, which was a different way of looking at things - and now we’re exploring the possibilities of open banking, which is a real radical shift. Direct payments, not relying on cards.
It’s the same with fraud prevention - when I started getting interested in it, things were more basic, but now when you really get into the fraud mindset you start seeing how sophisticated and developed the fraudster ecosystem has become, with tools and collaboration and division of labor. As a result new approaches are developing, with things like Identiq’s network concept - and so it goes on.
If you had to pick 3 things that have changed the most in payments and online fraud in the last 5 years, what would they be?
Let me think… It’s so strange to think about, because the last five years have been transformative. It’s been like a gathering wave of change. When I first started in the industry, things were still being done with physical pieces of paper, being faxed! Of course digitizing was the first change I made. And now there’s such momentum for this process of opening up, and new possibilities, new collaborations. There are a few trends that stand out.
- Greater access to information - there’s just so much more to harness when you’re making decisions now. I’m thinking of fraud prevention, of course, with new solutions like Identiq making collaboration possible to a totally new level. But also elsewhere in the payments chain - think of how much more we can know about the chargebacks process, now, sometimes even before it’s officially filed. Even 5 years ago we didn’t have this rich landscape of information sources. It makes every decision so much more informed.
- Regulations that are pushing changes. Think of PSD2 and SCA. In my opinion this is long overdue, to be honest - both in terms of functionality and privacy and in the push to make experience seamless as well as safe. Of course there are challenges in terms of timeline and implementation and so on, but it’s a notable and important direction.
- Open banking - it’s the first brand new form of payment in decades. E-wallets were a great enhancement, and for sure adapting to mobile is crucial, but basically they’re a different form of card payment. Whereas with open banking, you genuinely have the option to take payments, as a business, completely differently. It’s really exciting - the benefits for consumers, the simplicity, the lack of pending funds. Not to mention the applications for gaps that now exist, like the gig economy or anywhere direct debit just isn’t ideal.
- Digital identity - I know you said 3, but I can’t leave this one out. I think we’re really starting to see a move away from traditional passports or licenses or utility bills, to a fresh evaluation of what’s unique to me to identify me reliably? How can we make that easier? Ideally you want it almost invisible, no friction, but secure. Without punishing everyone for a few dubious actors.
What’s the one thing all payments pros and fraud fighters need to know, regardless of industry?
That fraudsters are career fraudsters, it’s their full-time job. Some are really passionate about it - “nothing will stop me”. You can hear it when ex-criminals talk about their days on the “dark side” - they sound like the most enthusiastic salesperson you’ve ever met. They’re so focused on the job, on getting the win that nothing will stop them.
Typically, serious fraudsters are highly intelligent individuals who have worked out that they can make way more money dishonestly, and after all what’s the harm? It’s a faceless crime!
Then on the other hand you also get absurd stories where you can’t believe how brazen people are - those are generally what’s euphemistically called “friendly fraud.” I remember one case where it was a husband and wife who’d gone on vacation together. They’d actually gone - there were photos on social media and everything! But afterwards, the husband denied the charges. They’d been made on his card, but by his wife, using her maiden name. I remember my jaw dropping when we realized what was going on. So don’t underestimate that side of people either!
One piece of advice, for someone just starting out in fraud prevention or payments?
Be a sponge! Ask questions, ask for resources, read books, read online, go to conferences, attend webinars. The ecosystem is complex, and there are a lot of basics you need to understand in order to really start building up your knowledge in these areas. But most importantly don’t be afraid to ask! Fraud and Payment professionals all started out somewhere and we’re more than happy to share our knowledge with new entrants.
When I first started out, it was like a curtain was lifting for me. I suddenly understood how transactions and processes I had taken for granted all my life actually worked. I was fascinated, and the more I learned the more I was drawn in. It’s an incredibly rewarding, satisfying industry to be in, at a very exciting time - as long as you’re always willing to learn and keep asking questions!
This blog post is part of our Fighting Fraud on the Front Lines series, bringing the expertise and experience of veteran fraud fighters to a wider audience. Identiq is all about collaboration, and we firmly believe that the more we pool our knowledge (though not our data!) the stronger we become as an industry.
Do you have something burning to share with the community? Or do you know someone who has a lot of fraud prevention wisdom to share? Reach out to us!
What’s a Rich Text element?
The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.
Static and dynamic content editing
A rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!
How to customize formatting for each rich text
Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.
Identiq is SOC2 Type II Certified - and Constantly Committed to More Than Compliance
Fraudology Podcast: Karisse Hendrick Discusses the Holy Grail of Fraud Prevention