5 Digital Tools to Help Fight Identity Fraud
Businesses appear to be getting better at fighting identity fraud – overall fraud declined by 15 percent in 2018. But the fight isn’t over yet: more than 14 million U.S. consumers were still affected in the same year, amounting to nearly $15 billion in losses. As companies excel at preventing one type of fraud, fraudsters shift to another type. To keep up, businesses need to constantly adapt. Let’s explore the current landscape of identity fraud and the digital tools available to fight it.
Five common types of identity fraud
When fraudsters gain access to consumer bank or credit card accounts, they can subsequently make non-monetary changes, such as modifying personally identifiable information (PII) or requesting a new credit card. Once these requests are approved, they gain control over the victim’s account to carry out unauthorized transactions.
Synthetic ID fraud
Synthetic identities are created by merging fake and authentic information of customers. For instance, using a real Social Security Number with a fake birthdate and address. Children are often the target of synthetic fraud, since they don’t use credit and therefore don’t report such crimes. According to Symantec, synthetics IDs are often rejected from loan applications due to a lack of credit history – until one lender accepts, paving the road for future fraud.
New account fraud
According to Javelin’s study, 2018’s drop in credit card fraud was counteracted by a rise in new account fraud. New account fraud involves creating a fake account using a real victim’s name and personal information. Victims with good credit are especially prone to this kind of fraud, which combines tactics from synthetic identity and account takeover.
Medical identity fraud
Medical identity fraud occurs when someone steals a victim’s medical information to fraudulently access prescription drugs, medical services, or medical insurance coverage. In 2017, more than 27 percent of data breaches were related to healthcare. Medical fraud can be particularly difficult to detect; often, it’s first noticed when the victim receives a medical bill for a service she didn’t request.
Ghost fraud is as spooky as it sounds: a fraudster will use a deceased person’s identity to open a new line of credit or mobile phone plan. Trulioo estimates that 2.5 million Americans are affected by ghost fraud every year. Ghost fraud can also be difficult to detect; if a deceased person is in good credit standing and hasn’t had their accounts closed, transactions appear legitimate.
Harnessing digital tools to fight fraud
Fraudsters are increasingly savvy with their techniques, so businesses should all be using the latest tools to fight them – right? Unfortunately, Forrester found that over 90 percent of fraud management firms still describe knowledge-based authentication (KBA) as an effective tool for curbing ID theft. Considering how easily PII can be stolen and manipulated, companies should rely very little on KBA and static identifiers.
Over 90% of fraud management firms still describe KBA as an effective tool for curbing ID theft.
Meanwhile, to fight the rising threat of cybercrimes, financial institutions are spending up to 10 percent of their overall budget on regulatory compliance. The costs of failing to fight fraud are clear, and so is the way forward. An integrated strategy implementing online, offline, and device-based ID verification tools can help detect fraud at an early stage and beat fraudsters at their own game. Here are some of the most cutting-edge digital tools in use today:
Web authentication (WebAuthn)
A new internet protocol formed by the FIDO Alliance and the World Wide Web Consortium aims to replace the password. Users register their device (mobile or laptop) with a simple gesture like a finger tap, and thereafter can log in to registered sites without any stored (or forgotten) passwords. The best part is: WebAuthn uses public key cryptography to keep all information on the device – no third parties or servers involved.
From unlocking an iPhone to issuing government ID cards, biometrics cater to wide range of IDV requirements. Both physical (e.g. facial recognition, fingerprints) and behavioural biometrics (e.g. signature, voice) are gaining momentum in the banking industry. While recent guidelines from the Financial Action Task Force (FATF) recognize the convenience and growth of biometrics, they also warn against the permanence of biometric information and danger of that information being stolen from centralized databases.
AI and machine learning
Fraudsters getting smart? Technology can help you get smarter. AI and machine learning are highly effective at distinguishing a real ID from a fake one. Scannable IDs include physical documents that are easily forged, such as a driver’s license or passport. Trained algorithms work by scanning documents and spotting signs that they were manipulated in any way.
Electronic identity verification (eIDV)
In light of the recent scams involving Swedebank, financial institutions are losing more and more revenue to non-compliance – not only from customer distrust but also from hefty fines and sanctions. Know Your Customer (KYC) and Know Your Business (KYB) compliance can be tricky, which is why companies are turning to eIDV to streamline the process.
Moving away from traditional, paper-based systems, eIDV uses private and public databases to verify identity and address information digitally. eIDV prevents the forgery and fraud that otherwise arises from user-provided documents by pulling data – such as utility bills – directly from the source. It also streamlines the experience both for the consumer and the business by replacing lengthy manual processes.
eIDV streamlines the experience both for the consumer and the business by replacing lengthy manual processes.
Centralized databases are vulnerable to data breaches, so it’s imperative to encrypt and decentralize data, and blockchain technology can help. In a recent move to heighten security, the Department of Homeland Security moved to migrate their paper-based verification system to blockchain credentialing for validating documents.
Apart from enhancing security, blockchain also promotes transparency in data privacy by putting consumers back in control of their own data.
So with all these tools, will businesses finally be safe from identity fraud? Not necessarily. It’s a never-ending battle as fraudsters rely on many of the same technologies to invent new tactics. The important thing is that businesses stay up-to-date on the tools available to help them, so they don’t fall behind in the digital age. There may not be a one-size-fits-all strategy, but as identity fraud evolves, so will fraud prevention technology.
YOU MAY ALSO LIKE:
- Who’s Who? Identity Verification in a Digital World
- Why Open Banking Needs Secure Identity Verification Methods
- Out of Wallet or Out of Touch?
If you like what you’re reading, why not subscribe?
About Amy Hou
Amy Hou is a Marketing Manager at Urjanet, overseeing content and communications. She enjoys writing about the latest industry updates in sustainability, energy efficiency, and data innovation.