Securing Internet Transactions

Goal: Reduce Fraudulent Transactions to as Close to Zero as Possible

Parts of this Application Note are based on the Gartner Case Study “VeriSign Outsmarts Fraud with Old-Fashioned Intelligence” by Avivah Litah, 02 July 2002,  document number CS-16-9978 .

Today combating fraud is a fact of life for all businesses. Some businesses ignore the problem, hoping it will just go away and some businesses face the problem head-on, completely taking control and becoming leaders in combating fraud. VeriSign, Inc. (Nasdaq: VRSN), the leading provider of digital trust services that enable businesses and consumers to engage in commerce and communications with confidence, is one of these leaders. VeriSign’s registrar unit, formerly known as Network Solutions, serves as the gateway for establishing an online identity and web presence and operates the definitive database of over 27.3 million Web addresses in .com, .net, .org, .tv, .cc. and .ws. Originally VeriSign only accepted checks and money orders for web address payments. If a check bounced, VeriSign simply revoked the domain name.

However, in 2001, the Internet Corporation for Assigned Names and Numbers (ICANN) issued a mandate requiring all registrars to have “reasonable assurance” of payment for web addresses, such as with a credit card. People well-versed in credit card fraud could simply use a stolen credit card to purchase one or more domain names. These domain names were then used to promote disreputable activities such as money laundering, child pornography, or illegal immigration and terrorism. When VeriSign’s registrar unit, discovered they were losing more than 19 percent of their domain name sales to fraud, they knew they had to quickly resolve this problem.

According to the Gartner report, VeriSign’s challenge was to ascertain how to screen out suspicious transactions and hold them for further investigation, while accepting good transactions from reputable parties. In addition, VeriSign needed to maintain ease-of-registration with legitimate customers to prevent them from migrating to other registrars.

Ori Eisen, a fraud specialist, began by auditing VeriSign’s 10 million payment and chargeback database and VeriSign’s internal payment processes. He used WizSoft’s WizWhy software to look for patterns of fraudulent activity and to determine which rules could quickly filter out suspicious records.

Today, Eisen fine-tunes VeriSign’s business rules by examining VeriSign’s fraud results and payment data reports on a daily basis. With WizWhy’s data mining capability, coupled with internal proprietary work, VeriSign has been able to eliminate almost all fraudulent transactions and significantly reduce the following costs, fees and losses – direct fraud costs, customer service call volume and associated costs, chargeback handling costs, bank fees, lost sales opportunities, and credit card company penalty fees – thereby achieving even greater savings.

By successfully applying WizWhy and other intelligent analysis and processes, VeriSign cut domain name sales fraud by more than 90 percent in just three months!