Paul Stanley, ReD: "When it comes to fraud prevention, cross-industry collaboration is key"

Paul has more than 20 years’ payments experience - with HSBC, LINK Interchange Network Ltd, NCR Corporation and at First Data, where he led the company’s financial services business for EMEA and Asia. Paul was founder and CEO of Moneybox plc, which deployed a network of convenience ATMs across Europe and was floated on London’s AIM market in 2004. During his career, Paul has provided consultancy services to financial institutions, payments businesses, venture capitalists, government agencies and charities.

ReD is a specialist payment fraud prevention provider. The company serves customers from multiple sectors and across six continents, from offices in Argentina, Australia, China, Dubai, France, South Africa, Uk and the US.

ReD is unique among fraud prevention providers because the company delivers solutions across the payments value chain. Why is this important to ReD as a company, and to the different audiences you serve?

Paul Stanley: ReD provides fraud solutions to issuers, processors, switches, acquirers, PSPs and directly to merchants in 192 countries. This gives us a unique perspective on the patterns of fraud across the entire value chain and in almost every nation state, as fraudsters do not respect national boundaries. By seeing data from across the entire market, ReD can gain access to valuable insights into the way fraudsters operate and how they exploit weaknesses in the ecosystem.

These insights are used to enhance our multi-faceted approach to building fraud prevention solutions. It allows us to learn from all parts of the market and transfer that knowledge proactively elsewhere in the value chain or the world. It also drives our active engagement with PSPs, to deliver integrated fraud and payment solutions to merchants in many markets.

Is ReD seeing increased interest in cross-industry collaboration? If so, from which part of the value chain - and why?

Paul Stanley: Merchants and issuers are starting to recognize the value of collaboration. The importance of such an approach is enhanced by a number of factors, including the potential changes associated with the introduction of EMV in the US. Based on the experience of other markets, the introduction of EMV causes a migration of fraud into the e-commerce space. Merchants will want to protect themselves ahead of this change and some will explore the use of techniques such as 3D Secure, which result in a liability shift. Issuing banks that had previously charged-back a majority of fraud to the merchant will then face absorbing the cost of some of that fraud. By sharing information between merchants and issuers in real-time, we can help the issuers squeeze fraud out of their portfolios and help merchants have more insight on which orders to process.

What are the main concerns people express about collaboration and how does ReD respond to them?

Paul Stanley: From my point of view, mature organizations and sectors realize that fraud prevention is not a competitive issue and everyone can benefit from a degree of collaboration. There are some fiercely competitive and nascent markets that have yet to arrive at this conclusion. A response to this would be to demonstrate the benefits of collaboration through reference to successful case studies, to ensure that data privacy issues are properly addressed in line with the jurisdictional requirements of the various markets, and to assure merchants that we will never compromise their competitive position by sharing sensitive commercial data with their competitors.

What are the impediments, in your opinion, which may hinder cross-industry collaboration?

Paul Stanley: Jurisdictional differences around data use and data privacy mean that we are not on a level playing field around the world. There are legitimate concerns around data privacy, individual liberty and commercial confidentiality that need to be respected and dealt with in any system that involves collaboration. However, in most jurisdictions, it is possible to structure these arrangements in a way that satisfies regulators and protects the interests of consumers.

How are fraudsters changing their behaviour and how does collaboration help to counter these new fraud trends?

Paul Stanley: We are seeing increasing evidence of organized and well-coordinated attacks. Fraudsters are becoming increasingly competent from a technical point of view. All parts of the industry need to work together if we are to mount an equally strong and coordinated defence.

Online fraud offers a relatively high return to risk, therefore it is not surprising that ecommerce attracts a higher degree of criminal activity. ReD constantly invests in solutions and aggregating third-party services to help merchants, processors and banks stay one step ahead.

When it comes to fraud prevention, information is key. Could a collaborative approach between merchants, issuers, acquirers, processors and service providers be a step forward in better tackling fraud?

Paul Stanley: Sharing appropriate information undoubtedly provides deeper insight and creates the opportunity to respond to threats more quickly. For example, issuers can benefit from knowing that a merchant has declined a transaction due to suspected fraud, even if the issuer has authorized the transaction. In addition, we may receive intelligence after we have approved an order, which causes us to re-evaluate the validity of a card that has been used in prior transactions. Collaboration allows us to go back to a merchant after an event, and advise them to stop shipping, reverse a transaction or deny an online service based on the latest intelligence across the entire ecosystem.

Current legislation does not quite encourage cross-industry collaboration. From your point of view, what would be the best approach policy makers should adopt in order to enable parties to detect and manage fraud effectively?
Paul Stanley: Cybercrime is rising quickly in most of the world’s developed economies and regulators need to get to grips with the threat that this represents to the economy. It is our responsibility to help educate the regulators and legislators on:

• The nature and quantum of the crime problem
• The impact of the crime
• The range of responses to that crime
• The quantifiable benefits of collaboration
• The steps that can be taken to ensure that privacy is respected and that competition is not undermined

Generally, regulators are open to this dialogue and eager to learn more about our industry and the threats that we face. Ultimately, the regulator needs to tread a careful path between preserving the rights to privacy and liberty that we all expect, and enabling collaboration between public and private bodies to legitimately target the activities of organized criminals, terrorist groups and opportunistic fraudsters. The answer may well be different in different countries, depending on culture, history and the judicial model or legal system. There is no prescriptive approach to solving this problem and I would encourage the continuation of a constructive dialogue between the industry and regulators around the world.