Cross-border Is the New Normal

Posted on by Alisdair Faulkner

It's no secret digital consumers increasingly purchase goods and services via cross-border transactions. Digital commerce has essentially created a global economy without borders. In fact, according to Nielsen’s Global Connected Commerce Report, in February 2016, 57 percent of the respondents made a cross-border e-commerce purchase in the past six months. Recognizing this trend, businesses are crafting strategies to make cross-border commerce more efficient and customer-centric. However, it is critical for businesses to also keep cybersecurity top-of-mind.

international commerceWhile cross-border transactions present new revenue opportunities for businesses, they also present new targets for cybercrime attacks. The Nielsen report found that the 2015 holiday shopping season saw an increase in cross-border fraud attempts. The proliferation of cross-border shopping and money transfers is causing financial institutions, e-commerce merchants and other businesses to preemptively invest in a digital-first, cross-border security strategy.

Given the increase in cross-border commerce, businesses should implement the following strategies to protect their customers without disrupting their user experience.

Understand users’ full digital identities

Businesses need new ways of assessing digital identities to detect when personal information and devices are being used illegitimately based on historical norms. By understanding how digital identities—which include a combination of a user’s actions, devices, accounts, locations and more—are used across websites, businesses can identify anomalies, such as multiple shipping addresses for one account or suspicious devices being used to complete a transaction. For example, in today’s cross-border commerce world, a fraudster might gain access to U.S. credit card credentials, place an order and have it delivered to a different location, or multiple locations the customer has not used as a shipping address before. By understanding the user’s full digital identity, businesses will know to flag a transaction such as this one as fraudulent.

Leverage global shared intelligence

To proactively prevent cyber threats, organizations need to look beyond their own walls to share actionable threat intelligence about compromised identities and devices. Sharing anonymized, cross-border intelligence will ultimately enable businesses to easily identify fraudsters and better protect cross-border transactions. With every data breach, all businesses operating online face the aftermath, as pieces of a user’s digital identity can be used repeatedly for continued attacks. By sharing threat information across a global network, businesses can ensure suspicious transactions and activities are blocked without adding friction for authentic and returning customers.

Maintain compliance

One of the biggest challenges these businesses face when expanding to new geographies or accepting transactions from new geographies is maintaining compliance. For example, the U.S. Office of Foreign Assets Control (OFAC) has regulations in place that prohibit business transactions with embargoed or restricted countries or assets. To maintain compliance, businesses must know the true location of their customers and transactions, which becomes increasingly challenging for banks and e-commerce merchants in particular. This is because customers frequently disguise their locations in an effort to maintain privacy and protect personal data, among other reasons. At the same time, cybercriminals spoof their locations to avoid detection when attempting fraudulent activity.

Most companies use outdated technologies such as IP addresses to detect a transaction’s true location, which can put them at risk of violating regulations such as those set by OFAC. Instead, businesses need advanced technology that can detect when users are spoofing their true locations, saving businesses from compliance fines and accurately differentiating between trusted customers and fraudsters. 

In the coming years, consumers will increasingly engage in cross-border commerce and the trend shows no signs of slowing down. By accurately assessing digital identities, working with fellow businesses using global shared intelligence and understanding compliance, businesses can capitalize on cross-border commerce while maintaining a positive user experience. 

Alisdair Faulkner

Chief Product Officer, ThreatMetrix


risk management identity management & governance

Blogs posted to the website are intended for educational purposes only and do not replace independent professional judgment.  Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA® Conference, RSA Security LLC or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.

Share With Your Community