Hey look – a customer is showing up at your company’s online web site. They took a look at the company’s catalog. Now they are placing an order. Are they a real customer? Are they a bot? Will they ever actually pay you? As the person with the CIO job it is your responsibility to evaluate your online customers. In order to make this happen, you are going to have to come up with a new type of metric that will allow you to determine if your customer can be trusted.
How To Spot The Bad Guys
The challenge that the person with the CIO job is facing is that there can be over 16,000 online “signals” that have to be evaluated in order to determine if you are dealing with a real customer or a bot. The goal is to understand the importance of information technology and use all of the available online information about a person in order to create the online equivalent of a credit score. This score is designed to indicate just how trustworthy a person is.
The ability to distinguish between good customers, bots, and risky humans requires a great deal of data. In the age in which we are living, people are becoming more and more concerned about their privacy. What this means is that when a CIO starts to use software tools in order to evaluate the trustworthiness of potential customers, they need to make sure that they are not overstepping what the law allows them to do. Of special interest are the European Union’s General Data Protection Regulation (GPDR) rules regarding a company’s inability to store customer’s data that can be used to identify real human beings unless they explicitly give their permission to do so.
CIOs also have to deal with the challenge of trying to determine how tightly to set their fraud-detection software. If the software is not stringent enough in detecting fraudulent behavior they will let bad people through. However, if the software is dialed up to high, then they’ll end up locking out legitimate customers. The goal is to have the software that is being used be good at distinguishing between both “good” and “bad” customers.
Red Flags That May Indicate You Have Bad Guys
When a CIO is implementing software to detect when they are dealing with people who mean harm to their company, what should they be looking for? As with all such things in life, the answer is “it depends”. It turns out that there are a number of different things that can indicate that a company is dealing with someone who means to do them harm.
- Is the account new? Often the bad guys will set up a new account and attempt to use it to make purchases from a company.
- Does the email contain a number of digits at the end of the address? When fake emails are being automatically generated, it is easiest to just end the email address in a number that can be easily incremented to make the next email address.
- Is the customer coming from a part of the world where a lot of hackers are located such as Russia, China, or Eastern Europe? This can be a big deal especially if you don’t normally sell to people who are located there.
- Is the customer coming to you from an anonymous network? In order to hide their tracks, sometimes fake customers disguise where they are coming from.
- Is the customer shopping at an odd time of day? Bots don’t know what time it is and they shop all the time while real people get tired and go to bed.
- Is the customer using a credit card that has multiple chargebacks? This may indicate that the person has been conducting frauds with other vendors.
What All Of This Means For You
What company wouldn’t want to have more customers? Just about every company has gone online in order to attempt to get more people to be aware of their products and, with a little luck, make more sales. However, it turns out that there are a lot of bad people and bad automated robots out there that will take advantage of a company’s online offers if they are given a chance. What this means for CIOs is that they are responsible for creating systems that will act as barriers that will keep the bad guys out.
In order to determine if someone who is visiting your website is a good customer or a bad bot, over 16,000 different online pieces of information can be analyzed. There are challenges in doing this. There are privacy concerns about how much information on an individual can be stored by a company. Companies need to be especially aware of limitations that have been put in place by the European Union’s GPDR. In order to have software fraud detection tools work correctly, CIOs need to decide how tightly they want to calibrate the software. Too tightly and they can lock out valid customers and too loosely they can let the bad guys in. There are a number of different red flags that CIOs need to be aware of that can indicate when they are dealing with someone who might not be who they say that they are.
In the old days, employees could look at a customer and make a determination if they were are real customer or not. In our new modern age where we may never meet the people who buy our products, CIOs need to step in and help their companies distinguish between fraudsters and real customers. This is an evolving area and so CIOs need to carefully monitor who is coming to their websites and make sure that they continue to develop the tools that will allow them to tell the good guys from the bad guys.
– Dr. Jim Anderson
Blue Elephant Consulting –
Your Source For Real World IT Department Leadership Skills™
Question For You: Do CIOs have an obligation to tell customers that they will be calculating a truth score for them?
Click here to get automatic updates when The Accidental Successful CIO Blog is updated.
P.S.: Free subscriptions to The Accidental Successful CIO Newsletter are now available. Learn what you need to know to do the job. Subscribe now: Click Here!
What We’ll Be Talking About Next Time
Let’s face it, the robots are taking over. All people with the CIO job are aware of the advances that have been made in robotic technology over the past few years. It goes almost without saying that CIOs have spent the past few years looking at how their company does things with an eye to finding places where robots, who represent the importance of information technology, could be used to do things quicker, more accurately, and at a lower cost. Given that we’ve already made this investment, you wouldn’t think that there would be a situation where a CIO would take a step back and decide to not deploy robots, do you? Well guess what, it’s happening.