We’ve already predicted that 2021 will be a year of tremendous digital transformation for African companies. Unfortunately, this also means a rise in online risk and cybercrime.
Today, we’re going to take a look at a particularly effective fraud prevention method: device fingerprinting, to see how African startups, financial institutions and online stores could use it to reduce their fraud rates.
Understanding Device Fingerprinting
Anyone who accesses the web needs to do it with an Internet connection and device. There is a ton of data associated with the configuration of software and hardware you use.
In fraud prevention, the more information you have about a user, the better. The goal of device fingerprinting is therefore to extract as much information as possible from a connection, without slowing down the user journey.
Detecting Suspicious Behaviour
Fraudsters attack websites for a number of reasons, but the techniques always follow the same method. They can’t just try multiple passwords from the same device, otherwise, their IP gets blacklisted.
This is a list of the options they have:
- Clear their browser cache to remove cookies
- Change web browser (for example going from Google Chrome to Safari)
- Use the incognito or private mode on their browsers
When they’ve exhausted these solutions, they need to look at advanced tools such as:
- Virtual machines: designed to replicate the configurations of different devices every time you start the program
- Fraudulent tools: there is a whole cottage industry of tools designed especially for fraud, such as FraudFox r MultiLogin.
- Advanced emulators and browsers: more programs that can make it look like you are connecting to a website from a different computer or smartphone.
Luckily for companies, a good device fingerprinting solution will be able to tell when any of these attempts are in happening.
Collecting As Much Information As Possible
As previously mentioned, the ultimate goal is to collect as much genuine information about your users as possible. All the device data is a good place to start, and it’s even more powerful when you can combine it with IP addresses, and email or phone number data enrichment. This is particularly true in markets like Africa, where traditional credit data might be scarce.
But when it comes to device fingerprinting only, here’s what you can get:
- Information about the device screen size and resolution
- Which operating system is being used
- The time zone for the browser
- And much more…
The best device fingerprinting tools can give you up to 500 parameters.
Creating Risk Scores to Reduce Fraud
But what do you do when all that information has been collected? It’s time to feed it into a prevention engine, or to let a risk team look at it manually.
When it’s fed into a fraud prevention engine, you can automatically allow users who don’t raise suspicion and block the ones who appear to have bad intentions. With risk scores, it’s even easier to get a number that lets you rate how risky a user appears on your website.
The ultimate goal? To grow your business with complete peace of mind. Device fingerprinting is a great tool to reduce chargeback rates, block users with fake IDs and protect your users’ accounts.