iOS 15 Email Obfuscation & Fraud Detection - Ekata, a Mastercard Company

Effect of Apple’s Obfuscated Email in iOS 15 on Fraud Detection

By

|

Introduction
In September, Apple released iOS 15 and along with the update came the “Hide My Email” feature. With this release, iOS and Mac users with a paid iCloud Plus subscription can quickly generate unique email addresses when they’re creating a new account on a website to obfuscate their original iCloud email address. Here at Ekata, respecting the individual rights of our data subjects is always top of mind.

We applaud and share Apple’s commitment to improving privacy. Here’s more about what the update means for businesses and fraud detection.

What did Apple change?
When iOS 13 was released, users were able to obfuscate their email with the “@privaterelay.appleid.com” email domain with some limitations. In iOS 15, obfuscated email is now more easily accessible through iCloud Plus subscription, and emails are no longer routed through the “@privaterelay.appleid.com” domain but part of “@icloud.com”.

Does it affect Ekata Identity Network and Risk Scores?
Since day one, our data science team has been actively monitoring the feature and its impact on our model. Like other constantly changing variables within the identity verification and fraud prevention space, our model is updated to adjust to new identity patterns and fraud behaviors. If we detect a change in our model because of obfuscated emails, we will alter our models to ensure the most accurate predictions possible.

Ekata uses a combination of Ekata Identity Graph and Ekata Identity Network data to derive hundreds of risk signals by looking at identity element behaviors and identity element relationships to calculate a score that is resilient to obfuscation and fraud manipulation. After monitoring and conducting experiments since the release, our model’s predictiveness using a combination of Identity Risk Score and Network Score, even when an email has never been seen before, could still determine risk based on four identity elements: name, address, phone, and IP.

What does this mean for you?
As shown in the analysis, the predictiveness of Ekata score did not change. Previously risky identities stayed risky, and the same for non-risky identities. However, this does mean an adjustment to the risk score threshold is required for @icloud.com accounts. In addition to a customer’s current rules, they need to create a separate rule that uses different risk thresholds based on email domains to mitigate the effect brought by Apple. By doing so, the customer can still achieve a pre-iOS 15 fraud detection rate without negatively impacting good customers who utilize Apple’s “Hide My Email”. As more iCloud users adopt obfuscated email, we are committed to continuously monitoring and evaluating our model to provide the most accurate score.

Conclusion
For businesses using a rule-based fraud solution that relies on email to name matching, email first seen, or other email-related features, this is a strong reminder that it is time to start considering alternatives. Consider incorporating Ekata Identity and Network Scores into your fraud-combating solution, since it uses five identity elements – name, phone, IP, email, and address collectively, offsetting the challenges of independently missing or obfuscated digital elements.

Ekata’s scores are powered by the Identity Network to deliver patterns in real-time and a team of data scientists that constantly monitors changes. Our risk model remains the best solution in combating fraud and avoiding future features that might obfuscate fraudulent behaviors.

To learn more about how Ekata can help identify your good customers and stop fraud, contact Ekata today.


Mastercard Identity Avatar

About the Author

Related content