Last week someone asked me “Udi, why should a vendor bother with protecting its customers from being defrauded?”. The question came after I presented our “end to end payments protection solution”, and the first response that came out of my mouth was “it is a way for a vendor to provide more value to the customer in the form of an additional service, in a market which pricing and quality might no longer be considered as differentiators”. I also added that from a cybersecurity perspective, a breach within the customer’s payment process could signify a broader issue with the frailty of the entire supply chain in which the vendor and the customer are part of, so that’s another reason for the vendor to be concerned with it’s customer’s payment process security.
I later pondered the question, and my answers, and realized there’s much more than just a simple display of “added value” or cybersecurity resilience involved. It’s actually the vendor’s responsibility as a human being.
Although we are a global company, working at different time zones, speaking multiple languages and using (and protecting) various currencies – we are, at the core, an Israeli company.
The only reason I’m mentioning that “nationality” tidbit is to refer to the fact that as a small country, built by Jewish immigrants from multiple continents, and home to many different cultures, beliefs and languages – we always know that our strength comes from our unity.
In fact, I see a similar mindset in the fraud space, the understanding that unity=strength, a motto I think, believe, and hope more companies would adopt.
If you’re a vendor or a service provider, which is at the receiving end of payments, it totally makes sense that in order to protect yourself from being a victim to a fraud, you’d arm yourself with the right tools to validate incoming payments (and hopefully these tools would be nsKnox’ solutions…).
But I believe it is also in your best interest to help your customer protect against similar fraud events.
Why? you may ask. It’s not my money that’s at risk. It’s not my responsibility. If my customer fails to protect themselves, that’s their problem, not mine.
But let’s look at the issue from a different angle: The vendor-customer interaction is transaction-based, but it is also an ongoing relationship. It is a business relationship, but as in any relationship when one side suffers a loss, the other side offers support, and maybe advice on how to prevent or decrease the possibility of a future loss. Businesses are being run by humans, so the relationship is between humans, and human who feel they are supported would return the favor when other humans need support. In the business world, a vendor supporting its customer in a time of crisis would gain a loyal customer who would probably stick with the vendor if the latter would experience a crisis of its own.
But there’s an even bigger issue here, and it involves the basic requirement for any relationship: trust, or, to be more precise, what happens once it is eroded.
Think back 20 years ago, when eCommerce was mostly the playground of early adopters, and the less technology-savvy crowd was just making its initial purchases online. Now imagine yourself dipping your credit card in the cold waters of the vast ocean of online stores, relieved to see your first, second and third purchase actually arriving at your doorstep, but then realizing that the fourth transaction was actually a way to get your credit card details when you discover charges on your card which unfortunately reaffirm your suspicions that you have been conned. How long would it have taken you to make another online purchase afterwards? I’m pretty sure your confidence in the online path of purchasing decreased as a result of this experience.
And this is very similar to what happens when a digital business transaction turns out to be an act of fraud – beyond the immediate effect it has on your view of the vendor, your trust in “the process” diminishes, even if just a little, and at least for the short term you’d probably reconsider every digital transaction before executing it. This more-careful approach to digital spending might lead to actually deciding that you’d rather cut back on your expenses as a way to hedge your risk, or refrain from conducting transactions with non-local vendors altogether.
Now think of the vendors which you conducted business with before “the event” – In our eCommerce nostalgia trip, eCommerce websites invested heavily in implementing safety mechanisms which would prevent a customer’s payment details from being hacked, as they understood that rebuilding trust in online transactions is a shared goal for all online stores. Getting back to our present, it is also a shared goal by the entire payments ecosystem that digital transactions would be perceived as safe, so beyond abiding by the relevant regulatory requirements to avoid being fined or even having their licenses revoked, payment processors strive to reduce the risk of fraud purely because that’s a sensible business behavior. When a vendor goes beyond protecting its interests, and invests in protecting the customer’s interest, by reducing the customer’s risk of being defrauded – it is a sensible business behavior.
After all, and I think an infamous virus recently proven to the world why this is still, and always, true – we’re all in this together.