Fighting Online Fraud - Email Intelligence

One of the most fundamental information to collect for eCommerce is email address. With an email address, you can recapture any information you don’t have, continue a relationship, confirm any purchases and reset a password.

An email address is oftentimes the first thing we register for when we start our journey on the Internet. An email address is often our primary channel of communication and our first record of identity online, tracing our internet activity and contributing to our digital footprint.

A DMA Insight study found that 91% of email users have the same email address for at least three years. Since an email address is so commonplace and a unique identifier, it makes for an excellent data point for identification checks, especially for a 2FA (Two Factor Authentication) or other point of corroboration.

Email Analytics

Just as important though, email addresses are a useful risk assessment factor; email addresses provide a rich history to offer analytics for combating fraud, frictionless onboarding and driving revenue. Some elements of email addresses to examine include:

  • Is the address connected with fraud?
  • Is the email created in a high-risk country?
  • Does the name of the email owner match who is using it?
  • Does the email match the IP data?
  • Does the IP address associated with the email have a history of fraud?

Another factor that can help flag potential fraud is whether or not the email address was tumbled. In this scenario, the fraudster uses the same email address but tags them differently, creating the illusion of different email addresses. For example and (or anything after the +) are the same email address, but unless accounted for that, many systems would consider them unique.

Another fraud flag is multiple email addresses from a particular domain. If you’re getting multiple different users from one small, unknown domain, perhaps they aren’t unique users, but rather one person setting up multiple emails.

Besides the data elements associated with an email, there is the history of use, which can also point out:

  • How long has the email been in use
  • How active the account is
  • Transaction behavior

Email Intelligence

With all these potential fraud flags available, it makes sense to analyze the email addresses of your customers, especially since you are already collecting it. Plus, the data handling requirements are not as restrictive as an email address is not considered PII (Personally Identifiable Information).

Since the fraud check occurs in the background, customers don’t experience delays or friction, decreasing the chance of cart or sign up abandonment.

Trulioo’s GlobalGateway has real-time email intelligence as a data check option to verify/validate/flag emails for our clients. Providing coverage for over five billion email addresses means frictionless approval of more transactions, with only the highest risk sent to manual review. Real-time email intelligence offers an opportunity to increase profits by reducing fraud, lowering manual review costs and boosting acceptance rates.