MPC Interviews Dan DeMichele of Kount, an Equifax Company
Please state your name, title, company, and email address to provide to prospective partners and customers interested in receiving more information.
Dan DeMichele, Chief Product Officer, Kount, an Equifax Company, news@kount.com.
How are you different than other brands in your space?
Kount was one of the first trust and safety providers to enter the market. With over a decade more data than our competitors, we have the ability to create solutions that more accurately detect fraud with much more agility.
Kount had already been known for the first data device collector and proxy piercing patents. Now as part of Equifax, we have a number of patents specializing in fraud prevention technology, including the first device fingerprinting patent – and we own and control our entire technical stack. With our combined patented technologies and extensive experience in data science, we are able to provide a wide array of solutions that allows our clients to consolidate vendors and decrease their cost of ownership and maintenance of multiple point products. Kount was also the first in the market to leverage artificial intelligence in the evaluation of fraudulent transactions – we have been doing AI since before it was cool. Equifax has about 70 approved AI patents supporting areas such as AI neurodecision technology (NDT) and explainable AI.
A key differentiator is how multidimensional our data is. We’re evaluating and contextualizing hundreds of different data points for each interaction. We then consume those data points across our Digital Identity Global Network, comprised of hundreds of global companies in different industries, different geographies and of different sizes. Our model, which includes shared relationships with over 50 payment processors and leading financial institutions, allows us to ingest all the unique data from those organizations, further growing the breadth and depth of the data available within our Digital Identity Global Network. We then make that data available in real-time for accurate transaction decision making.
How would you describe your value proposition to prospective customers and channel partners?
Robust Set of Proprietary Data
As an Equifax owned entity with nearly two decades of transactional monitoring, Kount is able to provide a robust and proprietary set of digital and physical data. Meanwhile, other vendors have had to build out their solutions using data they buy from third parties. So when an event transpires, their technology has to compare it to different silos of data. The trouble with this approach is that segmented data leaves gaps and having data on multiple different records means the technology is conducting an apples-to-oranges comparison.
Rather than buying third party data (which may become stale/dated by the time it’s processed) and trying to piece it together, Kount relies on its diverse and current data network. This helps businesses leveraging Kount technology to more accurately spot anomalies — which means they can more accurately stop fraud.
Advanced AI and ML Policies
Kount’s advanced AI and ML-driven policies provide a unique market advantage. Our supervised machine learning is in a constant state of optimization, therefore it gets better and better over time.
That means businesses can have a fully functioning solution on day one. And as the ML gets to know a business — the needs and threats — it will self optimize to become a fully customized solution. If desired, Kount also enables businesses with the flexibility to react and fine-tune policies to meet certain thresholds.
With other platforms, the business has to do all the work required to get the machine learning ready to perform adequately. The business will have to manually train the models, label the data, build the feedback loop, and so much more.
Once that time-consuming, error-prone, manual process is complete, it will take months for the machine learning to ramp up and become valuable to the business.
What recent challenges have your company’s leadership faced and how did you overcome them?
Equifax, a global data, analytics, and technology company, acquired Kount in 2021, as well as Midigator, a technology platform for dispute response automation and chargeback analysis in 2022. With every technology acquisition comes several challenges, each different in nature.
Consolidation of the many solutions at our disposal and leveraging the massive amounts of data throughout the Equifax network creates a significant challenge, but it is also a main source of our innovation and differentiation. We continue to invest in our technology and product teams to continue to innovate and drive success for our customers.
Over the last 12 months, we have made several enhancements to our solutions. These include building out a connection that integrates Kount Command transactional data with Midigator chargeback representments tool. This enables merchants to more effectively challenge disputes and comply with the new Compelling Evidence 3.0 requirements from Visa. The full suite of capabilities that we now offer has allowed us to “complete the swing” in a complete fraud prevention offering which covers the end-to-end customer journey.
What recent milestone have you achieved and why is it significant?
The acquisition of Midigator in 2022 enhanced the Digital Solutions at Equifax team’s ability to offer complete end-to-end coverage of the customer journey. Bringing pre-authorization and post-authorization solutions from Equifax, Kount and Midigator together into a cohesive solution offering is helping our customers reduce the number of vendors needed to solve their fraud needs.
Over the last 12-18 months, we created Kount 360, which is built on the Equifax Cloud, to promote more innovation and growth using the new data at our fingertips. Internationally, our global team is focused on key regions—offering the same accessibility to our products wherever possible. Additionally, we just announced our complete white label and SSO solution for chargeback management, which will allow our PSP (Payment Service Provider) and Merchant Acquirer customers to have a robust solution to help more effectively manage disputes and chargebacks all within their existing merchant portal.
What near-term opportunities will 2024 present to you and your team?
We are constantly expanding the depth and predictiveness of our data to help our customers innovate faster and create more effective insights into the people and communities they serve – and 2024 is going to be a milestone year for the development of identity and fraud solutions on the Equifax Cloud™.
The Equifax Cloud is a top-tier global technology and security infrastructure that sets Equifax apart. Backed by a multi-year $1.5+ billion investment, the Equifax Cloud is one of the largest Cloud initiatives ever undertaken in our industry and has changed nearly every facet of our infrastructure. With this Cloud transformation we have created an agile new foundation to develop solutions that are faster, more reliable, more powerful, and more secure than ever before. The Kount 360 platform will be fully developed and housed on the Equifax Cloud.
The successful use of AI requires deep, accurate, and high-quality data. Central to the Equifax Cloud is our custom data fabric — an adaptable structure that unifies our proprietary differentiated data (from over 100 siloed data sources) while also enabling us to manage that data in keeping with regulatory requirements. Data fabric offers the ability to ingest and analyze data at scale and enhance the keying and linking of our data assets for rapid delivery of the Kount 360 identity and fraud prevention offerings.
What’s a key trend for your industry in 2024, and why do you think it’s important?
AI-driven Fraud Will Significantly Impact Businesses in 2024
With the rise of (Generative) AI, fraudsters are using tools like ChatGPT to craft messages resulting in more attacks and higher success rates. For example, the State of Phishing Report 2023 links ChatGPT to a 1265% rise in phishing emails.
Additionally, a recent report by Sapio Research and Deep Instinct revealed that 85% of cybersecurity leaders say recent bot attacks on their digital properties were powered by AI.
There are three primary ways fraudsters are using AI tools: automated high velocity bot attacks, social engineering and phishing attacks, and impersonation attacks (or deep fakes).
In a nutshell, AI is being used for digital fraud by disguising bots and other vectors to look like humans to circumvent and flank security systems – rapidly, at scale, and at very little cost.
High Velocity Bot Attacks
Fraudsters now use AI to rapidly automate and perform attacks on websites that are hard to detect and sophisticated enough to bypass traditional security mechanisms. Machine learning algorithms can now analyze how security systems detect and respond to threats, enabling attackers to evade and exploit blind spots. Fraudsters can also use AI to exponentially accelerate the speed, volume, and diversification of tactics within their attacks at very little cost. For example, these high velocity attacks can be used to:
- Overwhelm a website to shut it down with a DoS (Denial of Service)
- Create trojan horse attacks to distract while simultaneously launching a secondary attacks to breach and steal sensitive information, install ransomware, or completely takeover a website
- Deploy sneaker bots to purchase items or tickets in high demand and limited quantities, then used for unauthorized resell at very high margins (fleecing)
Social Engineering and Automated Phishing
AI chatbots can engage in social engineering and information phishing attacks that convince unsuspecting targets to share personal, account, or financial information. For example, a customer service chatbot on a fake bank website can appear human and be used to manipulate victims into sharing info like a social security number, date of birth, address, phone, and more.
Consumers and account holders can receive messages that look like they’re coming from a business or a bank that contain malicious attachments, malware, or links to fake websites designed to steal login credentials, card information, and loyalty rewards.
Impersonation Attacks (or Deep Fakes)
Fraudsters are now able to use AI to disguise their attacks better, looking less like an automated bot and more like an actual human, at high velocity and little cost. They can also fool people on digital platforms using voice cloning and deep fake image technology to make it appear that an individual or entity is saying something they didn’t – this can be spreading misinformation, requesting access to accounts, or asking for sensitive information.
Impersonation attacks are evolving wherein fraudsters are not just impersonating highly visible identities – by mirroring relatives, colleagues, etc. fraudsters have the ability to appear more ‘real’ and defraud just about anyone. This allows them to exploit stolen data from the dark web, and when paired with social media photos, they can create fake IDs and masks that can bypass face ID systems.
Lastly, online banking has provided scammers with new opportunities to create fraudulent accounts using someone else’s name and AI-generated likeness to take out loans and never pay them back. This can result in synthetic ID fraud, where the impact is the fraudster doesn’t intend to pay back AND there is no actual person for the business to collect from.
