Senior Director, Fraud and Identity, Seeks to Improve Customer Experience While Reducing Risks
By Roy Urrico
Finopotamus presents InfoSec People Profiles, a series spotlighting individuals working in information security, cybersecurity and information governance to protect data and transactions at credit unions and other financial institutions.
Chris Schnieper, senior director, fraud and identity at Atlanta-based LexisNexis Risk Solutions, has spent the majority of his career in “the risk space,” not strictly on traditional cybersecurity protections, such as penetration testing, but more around fraud prevention controls, such as identity verification and authentication.
“Today it is almost impossible to disambiguate those two separate disciplines,” Schnieper told Finopotamus.
How consumers want to interact with their trusted brands, and how organizations choose to deliver those capabilities, inextricably ties cybersecurity and fraud controls together, he explained.
LexisNexis Risk Solutions provides data and technology solutions from data services to fraud protection algorithms for a wide range of industries including financial services, insurance, healthcare and government. Those solutions require balancing customer experience with security and control.
Technological Sophistication Changed the Game
Schnieper attended college and graduate school mostly in Pennsylvania, receiving a Bachelor of Arts at Albright College (Reading, Pa.), Master of Business Administration from Saint Joseph's University (Philadelphia) and a Master of Arts from Villanova University (Villanova, Pa.). He also added a Doctor of Business Administration, Information Technology and Finance, from Golden Gate University’s Edward S. Ageno School of Business in San Francisco.
“I was chatting with some of my friends and colleagues from back in college. A few of us ended up in the cybersecurity/fraud control space. The one thing we all said as we grew into this area, if we were 20 years old today, we probably could not take the same path just simply because of the sophistication of what you have today versus what you had 20-25 years ago. It is just a completely different, environment,” recalled Schnieper. He added, “When I was out of school, we were building our own PCs. That was just a kind of the cool thing to do. Today it has become so sophisticated, even I do not build my own PCs anymore.”
Added Schnieper: “When I started, back in those days we called it electronic banking, which would be things like internet banking, ATMs, (and) anything that had an electronic element to it.”
Schnieper explained the experimentation that took place early on with the internet, and with different systems, networks, connections, and program capabilities together, changed the game. “You almost have to have a degree or you have some type of formal training. Maybe not college, but some sort of technical training in terms of how to code, understanding systems and hardware, where do different types of vulnerabilities exist? And then how would you close those vulnerabilities vis-a-vis, the experience you try to deliver for your clients. It is definitely a different world.”
Balancing Customer Experience and Security
As Schnieper’s professional growth path took him into consulting, building and integrating large systems, he slowly gravitated toward the system risk and the controls needed to ensure the safety and convenience of the consumers’ frictionless experience for items such as checking a credit card balance or reward points, or transferring money.
Meanwhile consumers also want financial service providers to demonstrate they are keeping funds safe. “A lot of times organizations market around frictionless. it is really not frictionless. It is really being in tune with your customers and understanding their needs for convenience and safety, and to provide that back and forth. That is something since probably the very early part of my career that I have focused on.”
“With LexisNexis Risk Solution, we pay a lot of attention to what's that marginal utility of different capabilities vis-a-vis the consumer experience,” Schnieper said. “Am I logging in or changing data? Am I making a payment or withdrawing funds? Each one of those has unique characteristics to it, and each organization has their own characteristics to that journey.” Schnieper noted it is about understanding the nuances of those different businesses. “It is very important and it is certainly very rewarding for me when I interact with our clients to help drive that great experience for their consumers.”
Working with Market Planning and Product Development
As the senior director in fraud and identity at LexisNexis Risk Solutions, Schnieper works with market planning and product development roadmaps.
“We help with the SMEs (subject matter experts) and the fraud and identity space,” said Schnieper, which, he added, mainly centers on authentication as well as product or technology innovation. “If we are creating a new capability, I will help shepherd that and think through the different type of nuances that we need. I also work as a subject matter expert. I do client webinars where I will discuss either fraud trends or what we see as things happening in the near future.”
Schnieper also works internally with the LexisNexis Risk Solutions' product development team helping to shape the direction of product roadmaps, market pricing, and the total portfolio of capabilities. “It is a fantastic role. I enjoy getting up every day and working with all of my colleagues,” he said. “We all feel we have a noble cause in terms of helping our clients to protect their end consumers, their end clients.”
Assessing Direct Threats to Financial Services
While Schnieper’s role requires dealing with a variety of industries, issues related to financial services occupies more than 60% of his time. That includes providing identity protection and fraud controls. “So, things like having algorithms that look for fraudulent behavior, and then (providing) authentication. We also provide capabilities in the financial crime and compliance space.”
From a financial institution perspective, Schnieper breaks down threats into two groupings: direct and indirect. “Direct would be actual fraud schemes that are worrisome,” he said.
“So definitely one would be scams.” He suggested what makes scams so unique today is they are faceless threats delivered via text, app, website or phone call. They also possess “the ability to cobble together different pieces of data or create the sense of urgency, whether it's a romance scheme or a long lost relative in need of support or whatever it is.”
Another direct threat is collusive rings where professional organizations target credit unions and other financial institutions. “They're able to create larger groups of either fake identities, what we call synthetic IDs, where they manufacture an identity out of thin air or by taking a number of different pieces of (personally identifiable information) and putting them together,” said Schnieper.
He also noted that another increasing danger area is in-person fraud. “What's interesting is the number of my clients, both credit unions and mid-size and large financial institutions, have said that they have seen an increase where somebody shows up at the branch, or at their financial center, and then tries to do some type of check fraud or maybe a wire fraud.”
Indirect and Other Threats
On the indirect front, Schnieper looks less at the schemes themselves and more from a capability perspective. “There are still some organizations that probably can't pivot as quickly as they should to novel fraud vectors.” That involves having the preparation to react to different fraud routes with a risk-based multi-layered approach to fraud and identity.”
He added these center on delivering workflows specific to the customer journey, such as onboarding, logging into accounts or maintaining payments “Getting the right capability to the right point in their customer journey. So that you can deliver a great experience while protecting the transaction.” He sees not having that nimbleness to react as an indirect risk to organizations.
One new potential threat that Schnieper thinks warrants attention is artificial intelligence content products like ChatGPT. Not just because they can create content, he explained, but they can also create (programming) code. “That capability in the wrong hands could mean that there's a higher level of automation of fraud and cybersecurity risk.”
Another concern he holds is quantum computing, which uses quantum physics to solve problems too complex for conventional computing. “If that's something that would become more mainstream quantum computing could be a fairly significant risk to organizations in the future,” he added.
Protecting from Fraud Threats
Schnieper explained LexisNexis Risk Solutions provides credit, data, collections, small business risk analytics and platforms. LexisNexis Risk Solutions also uses a proprietary linking technology in combination with an identifier, LexID, to resolve, match and manage information for more than 276 million U.S. consumer identities. “We're able to take a number of different data sources, and then under a permissible purpose, we can then combine those.”
“It’s clear that fraud has become more complex with various risks occurring simultaneously,” said Schnieper. “To minimize fraud, organizations can no longer rely on manual processes or point solutions to reduce fraud, manual reviews and costs.”
Schnieper believes firms using a multi-layered solutions approach that integrates identity verification and authentication within digital consumer experience can lower their cost and volume of successful fraud. "This approach improves identity verification and fraud detection effectiveness and lowers friction for trusted consumers.