An Idahoan in Guatemala? A Tale of Two Device Strategies
We at NeuroID know the power of behavioral analytics—after all, we pioneered its use in fraud prevention. But it’s just one part of a robust suite of tools in a complex tech stack . Fraud teams are building fortresses: they need strong foundations, solid rock walls, impenetrable moats, and other cohesive layers of defense that work together to keep out marauding fraudsters.
As fraudulent attacks become more sophisticated, behavioral signals can make everything you’ve built more powerful—they are the next evolution in the fight against fraud. This is especially true when combining behavior with device. If device is your castle, then behavior is your ability to see beyond the ramparts and determine if the approaching pilgrims are attackers or friendly visitors (customers).
What’s That Idaho Phone Doing in Guatemala?
Device data is inarguably a vital part of fraud defense. It provides that digital rap sheet: device history, fingerprint,locations, and usage patterns. But, relying solely on device data has major limitations. Trusted devices can be stolen, and fraudsters can mimic legitimate device behaviors—especially with the rapid rise in synthetic fraud and genAI. This makes it difficult to decision solely on device information, and forces the creation of ineffective rule strategies, limiting efficiency and an organization’s ability to grow
Let’s look at an example. A customer’s device pings from Guatemala. Data shows its device “rap sheet” is clean, but that device is usually based in Idaho. If you’re like one of the hundreds of fraud fighters I’ve talked to this year, you likely have rules that would decline or review that customer: a known low-risk device in a new, high-risk location. The risk of it being stolen is too great, and you have no other trusted data to look to for decisioning on that signal.
Now, let’s add behavior. A customer’s device pings from Guatemala. Data shows its device “rap sheet” is clean, but it’s usually based in Idaho. Because you have behavioral analytics, you can see not just the where of the device, but the how of the user interacting. You can tell the user is inputting their data in a low-risk pattern. Instead of being declined, your traveling Idaho-customer can proceed, because your behavioral signals give you that trust. You get vital insights into a known low-risk device, in a new, high-risk location, being used by a genuine customer.
Nuanced Rules for a Complex World
An Idahoan in Guatemala is just one example. We can cascade that nuance through any of your set device rules. Another example—TOR networks. Most organizations block TOR because it is impossible to decipher, even with the best proxy piercing technology. With NeuroID, you can keep your TOR rules in place, but if a TOR user shows trustworthy behavior, you’ll know that they’re likely just privacy-conscious customers—you can let them through. And the flip-side applies: if their behavior seems risky, they’re probably fraudsters, and you can continue to decline them.
Creating a device-centric fraud prevention strategy takes time and optimization; adding behavioral signals makes it much stronger, acting like a primer to your current approach, without a full system overhaul. This is no rip-and-replace, this is enhance-and-expand for more dynamic decisions.
Fraudsters today almost have cleaner identities than normal people. Traditional resources don’t go as far as they used to. NeuroID lets us dig deeper where we couldn’t see before to find what’s really going on.
Kaylee Sandberg, Fraud Manager, Grasshopper Bank
From Nigeria to Paris, Behavior Knows No Borders
Adding behavior allows for more nuanced decisions. It enhances fraud detection and reduces false positives, ultimately improving both fraud numbers and customer experience. It also opens up new opportunities.
One customer I worked with was hoping to expand into Nigeria—the largest economy in Africa, which has started being called “the world’s most exciting continent” in terms of digital development opportunities. We went rule-by-rule to decide how to adjust rules that previously fully declined activity from devices in Nigeria, due to the high-fraud risk. Behavior added nuance to fast-track genuine users across global rule sets that spanned various LOBs. In the end, new behavioral signals had a direct impact on every single rule, enhancing the ability for this customer to capture details they could not have seen before. We ended up overriding over 85% of defined rules, eliminating reviews almost 100% of the time, and seeing fraud faster over 90% of the time.* Adding behavior to their rules was minimal in effort, and massive in reward.
Now, not only was Nigeria unlocked for growth prospects, but we were also able to drill down into EU-based rules around country delineation. Most rule sets for device technologies say, if we see a single device in more than X countries in a X hour period, reject it outright. But the world is getting smaller, and travel is getting faster. I’ve gone from the U.S. to the Netherlands to Paris in 16 hours on a business trip before, (and I’m not even based in the EU, where travel across three countries is much easier). If my bank saw that pattern on my device, without behavior they would likely send me to an auto-decline without even an option for review. I’d be stuck in Paris, unable to access any funds (true story that happened to me!)
And it’s not just about location, think of almost any rule combination you have in place, behavior will likely apply there too. Another easy example is in the gaming industry, where rule sets are usually focused on low-dollar deposits where bonus abuse is common. The strategy of blocking or reviewing those customers is accepted, as that is where most fraud is seen, but it causes a huge amount of friction for good customers and time for the review teams. By applying behavioral analytics, genuine users can be swiftly approved, while suspicious behavior leads to reviews, significantly reducing the review burden.
Combining Device and Behavior for Enhanced Fraud Detection
NeuroID’s device-plus-behavior approach leverages the synergy between device data and behavioral analytics to create the most accurate, streamlined, and robust fraud detection available. We give you more dynamic decisions that work with your already established rule-based systems.
This dual approach not only enhances the accuracy of fraud detection but also makes the system more adaptable and resilient against evolving threats. Our behavior and device approach ensures that our customers’ fraud fortresses are built on a solid foundation and that they have the ability to see beyond their walls—to a horizon of secure growth!
Want to learn more? Sign up for a demo, and I’ll show you the power of device and behavior in action.
*These results are emblematic of one customer; we don’t promise similar results for all. But we can show you the power of behavior in your specific ecosystem anytime.
