At the Gartner Security & Risk Management Summit in National Harbor, Maryland, Avivah Litan, vice president and distinguished analyst at Gartner, asks Tomer Barel, Chief Risk Officer at PayPal, to share his three essential trends for innovating risk management and fraud detection solutions.
Managing risk is tied to customer confidence and trust in the brand and company,” Barel says. “I view myself as the chief trust officer at PayPal.” He earns that trust by “futureproofing” PayPal’s risk operation. At his core, is a belief that trust isn’t just about keeping the bad guys out, but enabling the good guys to do commerce anywhere and across any device.
#2. Business outcomes
Effective risk management must be tied to business outcomes. Noting that he is accountable for KPIs and actual losses to the company, Barel suggests that this makes him more effective in his role.
#3. Match human intelligence with big data
PayPal invests in state of the art data analytics techniques; however, big data algorithms have not yet reached a level of accuracy without human intelligence, according to Barel. “What we’ve found over the years, is that if your goal is to get to a high level of accuracy, then you must complement what machines do with people who understand how other people behave and translate these human insights into code,” he says. “And anyone who wants to manage risk with accuracy has to do that.”
Barel describes a scenario where a U.S. customer conducts a transaction in Thailand. Human intelligence is necessary to instruct machines to spot an earlier travel-related transaction, say for a Thai resort or activity at her home state airport, to identify the transaction as low risk. “We need an analyst to translate that type of information into code,” Barel says. “Machines can’t do that yet.”
When it comes to mobile, Barel shares that mobile devices generate a real opportunity to increase the accuracy of risk management because of location data and the one-to-one association of a device to a person. However, most PayPal transactions are conducted on PCs and laptops. The security and risk community has work to do in making consumers realize that mobile devices are secure for financial transactions, he suggests.