Proactive Detection

What It Is, 6 Benefits, & Best Practices

Click on the bookmark to view chapters of this webpage

Subscribe to our newsletter!

Please fill out the form below:

Click on the bookmark to view chapters of this webpage

A 2016 Carnegie Mellon study demonstrated that bank customers were likely to leave their bank after experiencing a fraud event (especially of $500 or more), even though in all cases, the banks expediently dealt with the fraudulent issue, and reimbursed the customers in full with no losses. The bank itself was not responsible for committing the fraud, yet the customers still held them responsible by closing their accounts, and moving on.

Similarly, when customers lose trust in a platform they are using, feel they are at risk of fraud, experience fraud themselves, or hear of data breaches and other security risks - even ones that didn’t personally affect them - they lose interest in continuing to use the platform.

It doesn’t matter if the platform is a bank, a food delivery service, a ticket sales website, or anything in between; if fraud occurs on the platform and users feel at risk, they’re unlikely to stay and much more likely to switch to a competitor. The solution: utilizing proactive detection.

Book a Demo

What is Proactive Detection?

Proactive detection is the process of constantly searching for threats such as fraud or suspicious behavior on a platform using a tech stack able to identify the threats. Proactive threat detection aims to identify these risks before they result in significant losses or substantial harm to a platform and its users.

Taking a proactive approach means that users are more likely to stay on the platform because they are less likely to experience a risk or threat to their personal information, finances, safety, or any other risk the platform has the potential to pose.

Waiting to deal with fraud that has already occurred significantly increases the risk of financial losses to the organization, as well as the risk of losing customer loyalty. Though a reactive fraud response process may do everything in its power to assuage the fears of a customer, reimburse them, even credit them with something to make up for the experience itself, waiting to respond to fraud rather than proactively prevent it may be too little too late.

6 Benefits of Proactive Fraud Detection

When it comes to Trust and Safety, users believing that they are safe while on a platform is a critical component to increasing customer retention rates and decreasing user churn. It also costs companies less in the long-run to proactively deal with risks to Trust and Safety rather than reactively respond to them.

These are the primary benefits of implementing proactive anomaly detection:

1. Automatically identify problems

By evaluating the risks in the industry and the primary threats a customer may experience while on the platform, clear markers can be established to look for potential issues and respond to them immediately.

Example: Banks are responsible for protecting a customer’s deposited cash. Bank A has proactive rules in place that prevent New Account Fraud from occurring, and immediately flags new accounts being opened in the same name as an existing customer, while Bank B does not.

Bank A can automatically identify the issue, and take action to prevent it, while a customer that experiences New Account Fraud while using Bank B is likely to close their account and open one with Bank A, even if they are reimbursed for their losses immediately.

2. Built-in prevention rules can automatically take action quickly

A proactive detection system can automatically prevent an event from occurring if it deems an event suspicious or fraudulent. The platform empowers teams to create rules with automatic responses to help block suspicious events before they can happen.

Example: A marketplace platform requires user logins and allows customers to save payment information to easily make purchases in the future without re-entering their payment information. Someone tries to log in to the account from a completely different IP address, in a different country, at a different time of day than is typical of the user. The platform could automatically block the attempted sign-in, or require the user to verify the sign-in through an automated email.

3. Reduced risk of customer churn

If unsafe activities are common on a platform, and the company does little to mitigate the risk of these things occurring while using the platform, users are unlikely to stay.

If a platform can identify threats to its users before they take place and the user experiences actual losses, the likelihood they will stay on that platform (rather than move to a competitor) is significantly increased.

Example: Users are unlikely to feel safe using a ride-sharing company that allows new drivers to onboard immediately (same-day) without any identity verification, while a competing ride-sharing platform that requires identity verification and has an enhanced due diligence onboarding process for new drivers is much more likely to retain its users long-term.

4. Faster responses and quicker problem analysis

A proactive alert system means a platform can respond to an issue before a customer even becomes aware of it. A clear-cut set of rules and automatic responses to follow once a threat is detected means analysts or customer service representatives can deal with an issue and make a customer aware before they find out on their own.

Providing the customer with an immediate overview of what the suspicion was and what was done to prevent it is much more appreciated by a customer than finding out days later that something has happened, and having to try to solve the issue on their own.


The proactive approach: A credit card company detects a fraudulent purchase, immediately reverses the charges, automatically sends out a new credit card (with updated numbers), and then calls a customer to inform them of what happened, explains how they solved the problem, and offers assistance with making payments until the new card arrives.

The reactive approach: A customer is doing a monthly review of their credit card statement, sees 10 purchases from three weeks ago all in the span of one day that they didn’t make, has to call their credit card company and wait on hold, then must answer a series of questions about whether or not they made each purchase in their statement, and then must wait weeks to receive a new card with no means of making purchases in the interim.

It’s obvious which experience a customer would prefer.

5. Saving on internal resources and financial costs

Proactive detection requires rules to exist that inherently automate this process, as proactive fraud detection - by definition - cannot be done manually. This reduces the cost to the company overall by reducing the amount of cases that must escalate to an investigative state (manually), which saves analysts time they can dedicate to other issues, or may even reduce the number of analysts needed.

The reactive approach requires refunding money to customers, incentivizing them with reasons not to leave (credits, promotions, incentives to spend money on the platform in the future, etc.). Proactive fraud detection rules can reduce false positive rates and lower the investigative time needed from compliance or fraud analysts.

Example: An eCommerce platform allowing users to make purchases without re-verifying aspects of the payment methods could offer the opportunity for fraudulent purchases or account takeover to occur. This then requires a complaint ticketing system to be managed internally, customer service representatives to listen to the issue and escalate it, funds to be reimbursed to users, and - depending on company policies - additional credits or incentives to be offered to discourage users from leaving. All of these stages require financial cost, and manual employee labor.

6. Increased adherence to applicable regulations

Automated rules and clear-cut compliance processes are the best way to ensure a platform is compliant with all applicable regulations based on the areas the platform operates in. This can be especially difficult to navigate for platforms that operate in multiple countries or regions around the world.

Example: A bank that is regulated by any governing body (the SEC for example), must investigate any suspicious activity that could be fraudulent, file SAR reports, and ensure they are following every aspect of an ever-changing regulatory system.

Automated rules based on compliance checklists go a long way to reducing the risk of failing to adhere to regulations, which can also result in massive fines, especially for Fintech platforms.

That covers the reasons why proactive threat detection is so important. Now let’s cover how to implement it.

Proactive Fraud Detection Procedures in 5 Easy Steps

The path to building a proactive detection system will vary greatly depending on the industry, type of platform, country of business operations, and so on. But ultimately, the process can be completed by following this general process:

1. Understand the niche and identify potential threats

Each industry is unique, and as a result, poses unique threats. The first step is critically assessing the industry, as well as the opportunities the platform offers for fraud. It is difficult to see how a platform will be used for fraud when that isn’t its purpose, so a Compliance Officer, Director of Risk Assessment, or a Trust & Safety Director are indispensable at this stage.

Here are some examples of potential threats that are common in many industries:

2. Establish events to track in the platform

Once the risks have been identified, create a series of events that might occur that offer opportunities for fraudulent activities within the platform. This might include things like irregular logins, irregular purchases, suspicious activities, and so on. These events must be established in the system so that once data is collected and put into it, these events would become known if they occur.

The reverse must also be considered: when is an event not suspicious, and how does the system account for this? For example, what exactly is a suspicious login? Does it have to occur on another IP address? In another country? Between 2 a.m. and 5 a.m. in the customer’s time zone? Do all of these need to be true for this to be suspicious?

The events should offer clear answers to all of these questions.

3. Build rules around the events

Now that the events are firmly established, what rules can exist to automatically and proactively deal with these issues? For example, is the rule that a suspicious login is automatically blocked and the user cannot access their account for 24 hours? Or should the rule be more lenient and allow a user to check their email to verify the login?

All events must have rules in place that automatically deal with the suspicious activity to be proactively dealing with the threat. There may still be some cases where manual intervention is needed - especially for Financial Institutions or companies that are strictly regulated. If this is the case, the rules should clearly indicate when a suspicious activity is escalated to a manual review.

4. Implement a tech stack to gather and analyze data

Once the event tracking and rules implementation is clear, choose a tool or build a tech stack that can collect the data needed to monitor the events, automatically respond to suspicious activity using the rules, and help remove as much need for manual review or after-the-fact fraud response as possible.

5. Iterate your process to account for new threats

Once the system is up and running, ensure constant (this should be daily if possible, or at least weekly) reviews of all suspicious activity on the platform. This will allow the system to continuously evolve to detect suspicious activities better as more data becomes available, and ensures new emerging threats are dealt with just as expediently.

Download Operating System Product Guide

Stop Fraud and Bad Behavior Before it Happens

Organizations can suffer significant reputational damage in the event of fraud attacks like data breaches, widespread account takeover, and AML compliance failures. Frankly, users are less likely to choose - or stick with - a company that hasn’t done enough to prevent fraudulent and other malicious behavior.

It’s critical that organizations take preventative measures to actually stop bad behavior from occurring, rather than simply address it after the fact. Proactive detection is one of the few tools that empowers organizations to actually prevent fraud before it happens.

Use data monitoring that lets you analyze not just transactions, but other user activity to identify risks you’d otherwise miss. Analyze logins, account changes, and more to gain insights into user behavior that could signal when fraud is about to occur; giving your team the chance to stop it.

Find out how Unit21 can help you get proactive about your fraud detection efforts, allowing you to shift to fraud prevention strategies.

Schedule a demo today to learn how Unit21 can help your team proactively fight fraud and other bad behavior on your marketplace.