Periodically I'm asked "What's your false positive rate for device recognition?" In the world of fraud prevention, it's a question that deserves a clear answer.
But the question itself is imprecise for two important reasons: Fraudsters, more often than not, span multiple devices. And so do legitimate users.
Therefore, what's necessary is a recognition approach that not only includes device recognition, but also leverages other "vectors" enabling one to maintain continuity and, most notably, the recognition of threat-based, risky, and suspicious behavior.
False Positive: A transaction that was denied, but is discovered to be legitimate when auditing the accuracy of reviewed and denied transactions.
A contributor to transactions that were flagged as "false positive" is what's called a device "over-tie." When speaking of quantifying recognition accuracy, the more precise nomenclature to use is over-tie and under-tie.
An example of over-tie is when a legitimate device is paired with one that's suspicious, resulting in a denied transaction that was actually legitimate.
We refer to this as the relative aggressiveness of the recognition service. To give customers more choices, iovation offers seven different aggressiveness profiles, spanning the entire spectrum between "over-tie" and "under-tie."
In general, iovation's device recognition tends to be less aggressive to ensure that transaction false positives are not inadvertently triggered. In some industries, however, there's a need to fine-tune the recognition service to an aggressiveness setting that more specifically matches the observed fraudster behavior.
For instance, iovation's recognition service is not solely dependent upon device attributes when making a recognition determination. Many other vectors are accounted for in tandem, including location, suspicious or evasive behavior, reputation, and so on.
This enables our subscribers to achieve and maintain a level of continuity across devices this is unmatched in the industry.