Apply DA Tag
Finding a balance between providing secure financial services and user-friendly experiences is no easy task. One of the biggest hurdles? Ensuring identity authentication is robust and reliable. Let's walk through the essentials of identity authentication, its importance, and what effective solutions look like. What is identity authentication? Identity authentication is the process of proving that an individual is who they claim to be. Unlike identity verification, which simply confirms that the provided identity information is valid, identity authentication goes a step further by ensuring that the person presenting the information is indeed its rightful owner. At its core, identity authentication relies on various methods to verify identities. These methods can range from simple password checks to more sophisticated technologies like biometrics and adaptive authentication. The goal is to create multiple layers of security that make it difficult for unauthorized users to gain access. Types of authentication methods Several types of identity authentication methods are used today. Passwords and PINs are the most basic forms, but they are increasingly being supplemented or replaced by more advanced solutions like multi-factor authentication (MFA) , biometric scans, and knowledge-based authentication (KBA). Each method has its advantages and limitations, making it crucial for financial institutions to choose the right mix. Authentication vs. verification While often used interchangeably, identity verification and identity authentication serve different purposes. Identity verification solutions confirm that the provided identity information matches public records, whereas identity authentication solutions ensure that the person presenting the information is its true owner. Identity verification is typically a one-time process conducted at the beginning of a relationship, such as when opening a new bank account. On the other hand, identity authentication is an ongoing process, ensuring that each login or transaction is carried out by a legitimate user. Though different, these processes are crucial for financial institutions. They work together to provide a robust security framework that minimizes the risk of fraud while offering a seamless user experience. READ: Learn how to overcome online identity verification challenges. Why it's important for financial institutions The importance of identity authentication for financial institutions cannot be overstated. With the rise of cyber threats and sophisticated fraud schemes like synthetic identity fraud, robust identity authentication measures are more critical than ever. Enhancing security. Effective authentication significantly enhances the security of financial transactions. By preventing unauthorized access, sensitive information and financial assets are safeguarded. Advanced solutions like multi-factor authentication solutions add extra layers of protection. Building trust with customers. Robust authentication also helps build trust with customers. When users feel confident that their accounts and personal information are secure, they are more likely to engage with the institution and utilize its services. Regulatory compliance. For financial institutions, compliance with regulatory standards is paramount. Many regulations now mandate strong identity authentication measures to protect against fraud and ensure the security of financial transactions. What to look for in an identity authentication solution The ideal solution should offer a balance between security, user experience, and cost-effectiveness. Adaptive authentication solutions use machine learning algorithms to assess the risk level of each transaction. This allows for a dynamic approach to authentication, where additional checks are only required when necessary. Multi-factor authentication (MFA) solutions add an extra layer of security by requiring users to provide multiple forms of identification. This could include something they know (password), something they have (smartphone), and something they are (biometric data). Knowledge-based authentication (KBA) solutions ask users to answer questions based on their personal information. This method is particularly useful for verifying identities during online transactions and account recoveries. Experian’s Knowledge IQSM offers KBA with over 70 credit- and noncredit-based questions to help you authenticate consumers by asking noninvasive questions that can be answered quickly by the true consumer. Comprehensive identity solutions take a holistic approach by integrating various methods and technologies. Experian’s identity solutions offer a range of services, from risk-based authentication to automated identity verification, ensuring comprehensive protection. Importance of user experience. While security is paramount, user experience should not be overlooked. The ideal identity authentication solution should be seamless and user-friendly, minimizing friction during the authentication process. READ: By adopting a consumer-centric approach to digital identity, organizations can offer customers a better experience while minimizing risk. How Experian can help Identity authentication is a critical component of modern financial institutions. By implementing robust and user-friendly solutions, organizations can enhance security, build customer trust, and comply with regulatory standards. Whether it's through adaptive authentication, multi-factor authentication, or knowledge-based authentication, the goal is to create a secure and seamless experience for users. Ready to take your identity strategy to the next level? Explore Experian’s identity solutions today and discover how they can help your institution achieve its security and user experience goals. Learn more This article includes content created by an AI language model and is intended to provide general information.
With more consumers online, bad actors are taking the opportunity to commit more financial crimes, such as account takeover fraud. This online scheme resulted in nearly $13 billion in losses in 2023, up from $11 billion in 2022.1 So, what do organizations need to know about this form of identity theft? And how can they prevent it? Let’s explore one type of account takeover fraud: email account takeover. What is email account takeover? Email account takeover occurs when a fraudster gains access to a legitimate user’s email account through data breaches that expose credentials, purchasing from the dark web, or phishing scams. It's usually one of the first steps in a broader account takeover scheme. Once fraudsters have access to a consumer’s email or social media account, they have access to the private information in that consumer’s inbox: financial statements, health records, and other forms of PII. Fraudsters can also now use the consumer’s email to impersonate them with friends, family, financial institutions or other businesses they interact with. They can also gain access to other accounts and here’s where email account takeover becomes more dangerous. In this attack, the fraudster gains access to an email or mobile account. Once they have an email, they start by trying to guess the user’s password, commonly called a brute force attack, or through password spraying, where they use commonly used passwords, i.e. ‘password’ or ‘123123. A recent Google survey found that 65% of people use the same password for some or all of their online accounts. This, along with a corresponding email address can give fraudsters further entre into a consumer’s other accounts. If unsuccessful, they’ll then execute a ‘forgot password’, password reset, or one-time password. Then, they take over the victim’s account with their financial institution to facilitate the transfer of funds from the compromised account. 57% of businesses are experiencing rising fraud losses associated with account opening and account takeover.2 While email account takeover can be quickly executed, detecting it can take time. Unlike credit card fraud, where an individual may soon notice suspicious activity, an email account takeover can go undetected for longer. The owner may not realize until later that their account has been compromised, especially with a dormant account or secondary account they use less. As a result, criminals have more time to facilitate additional attacks. LEARN MORE: Explore 2024 fraud trends listed by Experian. How does it affect your organization? Account takeover fraud doesn't just impact consumers, it can result in significant financial losses for organizations. For example, if your organization offers credit products, you might have to cover the costs of disputing chargebacks, card processing fees, or providing refunds. In the case of a data breach, you may have to pay fines against your organization for not properly protecting consumer information. Nearly two-thirds of consumers say they’re very or somewhat concerned with online security.3 But email account takeover isn't just costly — it can damage your organization's reputation. Consumers expect organizations to have proper security measures in place to protect their information. If a data breach occurs, your security can seem weak, leading consumers to lose trust in your organization. As a result, they may potentially take their business elsewhere. The importance of prevention While consumers listed identity theft as their top concern when conducting activities online, they’re still interacting, opening new accounts, and transacting digitally.4 Coupled with the rise of account takeover fraud and associated losses, it’s more crucial than ever for organizations to accurately detect and prevent these attacks. To do this, they must have a proactive fraud prevention strategy in place. Account takeover fraud prevention requires your business to maintain and continuously reaffirm confidence in the identity data you collect. Your team can monitor, segment, and proactively act on customer identities that display a higher risk of fraud than was determined at account origination through risk-based fraud detection models, machine learning, and advanced analytics. Experian offers many flexible solutions, including: CrossCore® Solutions are best practice-based groupings of fraud and identity products that enable organizations to solve common to complex issues. For example, our fraud risk solutions include email and phone intelligence to improve verification for thin-files and other challenging populations. Experian offers phone/carrier-based matching capabilities with address validity and occupancy data for >95% of U.S. households. FraudNet is a device intelligence solution that analyzes hundreds of device attributes and prevents fraud on all digital channels. Combining contextual data, behavioral data, and device data, it bridges the gap between physical and digital identity to achieve fraud capture rates that exceed industry averages. To further alleviate account takeover fraud, your organization can offer educational resources for fraud prevention. Using various, strong passwords across their accounts, and changing them regularly, is a foundational way consumers can help ensure their accounts are secure. Leveraging user names that are different from your email can also help. If a fraudster is able to takeover an account and initiate a lost password request, and that password is used for other accounts, that fraudster now has the credentials they need to further defraud that consumer. By spreading awareness about identity fraud risks and providing best practices for prevention, you can better protect your organization and consumers. LEARN MORE: Building a multilayered fraud and identity strategy with CrossCore Solutions Partnering with Experian Email account takeover, along with other types of fraud, can be detected and prevented with the right partner. Experian’s fraud management solutions can help your organization accurately verify customers and assess risk with our account takeover and fraud management solutions. Explore Experian’s account takeover solutions and watch an on-demand recording of our Fraud Risk and Identity Verification Solutions tech showcase. Learn more Watch tech showcase 1 Identity Fraud Cost Americans $43 Billion in 2023, AARP. 2-4 2023 U.S. Identity and Fraud Report, Experian.
In this article...What is fair lending?Understanding machine learning modelsThe pitfalls: bias and fairness in ML modelsFairness metricsRegulatory frameworks and complianceHow Experian® can help As the financial sector continues to embrace technological innovations, machine learning models are becoming indispensable tools for credit decisioning. These models offer enhanced efficiency and predictive power, but they also introduce new challenges. These challenges particularly concern fairness and bias, as complex machine learning models can be difficult to explain. Understanding how to ensure fair lending practices while leveraging machine learning models is crucial for organizations committed to ethical and compliant operations. What is fair lending? Fair lending is a cornerstone of ethical financial practices, prohibiting discrimination based on race, color, national origin, religion, sex, familial status, age, disability, or public assistance status during the lending process. This principle is enshrined in regulations such as the Equal Credit Opportunity Act (ECOA) and the Fair Housing Act (FHA). Overall, fair lending is essential for promoting economic opportunity, preventing discrimination, and fostering financial inclusion. Key components of fair lending include: Equal treatment: Lenders must treat all applicants fairly and consistently throughout the lending process, regardless of their personal characteristics. This means evaluating applicants based on their creditworthiness and financial qualifications rather than discriminatory factors. Non-discrimination: Lenders are prohibited from discriminating against individuals or businesses on the basis of race, color, religion, national origin, sex, marital status, age, or other protected characteristics. Discriminatory practices include redlining (denying credit to applicants based on their location) and steering (channeling applicants into less favorable loan products based on discriminatory factors). Fair credit practices: Lenders must adhere to fair and transparent credit practices, such as providing clear information about loan terms and conditions, offering reasonable interest rates, and ensuring that borrowers have the ability to repay their loans. Compliance: Financial institutions are required to comply with fair lending laws and regulations, which are enforced by government agencies such as the Consumer Financial Protection Bureau (CFPB) in the United States. Compliance efforts include conducting fair lending risk assessments, monitoring lending practices for potential discrimination, and implementing policies and procedures to prevent unfair treatment. Model governance: Financial institutions should establish robust governance frameworks to oversee the development, implementation and monitoring of lending models and algorithms. This includes ensuring that models are fair, transparent, and free from biases that could lead to discriminatory outcomes. Data integrity and privacy: Lenders must ensure the accuracy, completeness, and integrity of the data used in lending decisions, including traditional credit and alternative credit data. They should also uphold borrowers’ privacy rights and adhere to data protection regulations when collecting, storing, and using personal information. Understanding machine learning models and their application in lending Machine learning in lending has revolutionized how financial institutions assess creditworthiness and manage risk. By analyzing vast amounts of data, machine learning models can identify patterns and trends that traditional methods might overlook, thereby enabling more accurate and efficient lending decisions. However, with these advancements come new challenges, particularly in the realms of model risk management and financial regulatory compliance. The complexity of machine learning models requires rigorous evaluation to ensure fair lending. Let’s explore why. The pitfalls: bias and fairness in machine learning lending models Despite their advantages, machine learning models can inadvertently introduce or perpetuate biases, especially when trained on historical data that reflects past prejudices. One of the primary concerns with machine learning models is their potential lack of transparency, often referred to as the "black box" problem. Model explainability aims to address this by providing clear and understandable explanations of how models make decisions. This transparency is crucial for building trust with consumers and regulators and for ensuring that lending practices are fair and non-discriminatory. Fairness metrics Key metrics used to evaluate fairness in models can include standardized mean difference (SMD), information value (IV), and disparate impact (DI). Each of these metrics offers insights into potential biases but also has limitations. Standardized mean difference (SMD). SMD quantifies the difference between two groups' score averages, divided by the pooled standard deviation. However, this metric may not fully capture the nuances of fairness when used in isolation. Information value (IV). IV compares distributions between control and protected groups across score bins. While useful, IV can sometimes mask deeper biases present in the data. Disparate impact (DI). DI, or the adverse impact ratio (AIR), measures the ratio of approval rates between protected and control classes. Although DI is widely used, it can oversimplify the complex interplay of factors influencing credit decisions. Regulatory frameworks and compliance in fair lending Ensuring compliance with fair lending regulations involves more than just implementing fairness metrics. It requires a comprehensive end-to-end approach, including regular audits, transparent reporting, and continuous monitoring and governance of machine learning models. Financial institutions must be vigilant in aligning their practices with regulatory standards to avoid legal repercussions and maintain ethical standards. Read more: Journey of a machine learning model How Experian® can help By remaining committed to regulatory compliance and fair lending practices, organizations can balance technological advancements with ethical responsibility. Partnering with Experian gives organizations a unique advantage in the rapidly evolving landscape of AI and machine learning in lending. As an industry leader, Experian offers state-of-the-art analytics and machine learning solutions that are designed to drive efficiency and accuracy in lending decisions while ensuring compliance with regulatory standards. Our expertise in model risk management and machine learning model governance empowers lenders to deploy robust and transparent models, mitigating potential biases and aligning with fair lending practices. When it comes to machine learning model explainability, Experian’s clear and proven methodology assesses the relative contribution and level of influence of each variable to the overall score — enabling organizations to demonstrate transparency and fair treatment to auditors, regulators, and customers. Interested in learning more about ensuring fair lending practices in your machine learning models? Learn More This article includes content created by an AI language model and is intended to provide general information.
In this article...What is a TOAD attack?How TOAD attacks happenEffective countermeasures Keeping TOADS at bay with Experian Imagine receiving a phone call informing you that your antivirus software license is about to expire. You decide to renew it over the phone, and before you know it, you have been “TOAD-ed”! What is a TOAD attack? Telephone-Oriented Attack Deliveries (TOADs) are an increasingly common threat to businesses worldwide. According to Proofpoint's 2024 State of the Phish Report, 10 million TOAD attacks are made every month, and 67% of businesses globally were affected by a TOAD attack in 2023. In the UK alone, businesses have lost over £500 million to these scams, while in the United States the reported monetary loss averaged $43,000 per incident, with some losses exceeding $1 million.TOADs involve cybercriminals using real phone numbers to impersonate legitimate callers, tricking victims into divulging sensitive information or making fraudulent transactions. This type of attack can result in substantial financial losses and reputational damage for businesses. How TOAD attacks happen TOAD attacks often involve callback phishing, where victims are tricked into calling fake call centers. Before they strike, scammers will gather a victim's credentials from various sources, such as past data breaches, social media profiles, and information bought on the dark web. They will then contact the individual through applications like WhatsApp or call their phone directly. Here is a common TOAD attack example: Initial contact: The victim receives an email from what appears to be a reputable company, like Amazon or PayPal. Fake invoice: The email contains a fake invoice for a large purchase, prompting the recipient to call a customer service number. Deception: A scammer, posing as a customer service agent, convinces the victim to download malware disguised as a support tool, granting the scammer access to the victim's computer and personal information. These techniques keep improving. One of the cleverer tricks of TOADs is to spoof a number or email so they contact you as someone you know. Vishing is a type of phishing that uses phone calls, fake numbers, voice changers, texts, and social engineering to obtain sensitive information from users. It mainly relies on voice to fool users. (Smishing is another type of phishing that uses texts to fool users, and it can be combined with phone calls depending on how the attacker works.) According to Rogers Communication website, an employee in Toronto, Canada got an email asking them to call Apple to change a password. They followed the instructions, and a “specialist” helped them do it. After receiving their password, the cyber criminals used the employee's account to send emails and deceive colleagues into approving a fake payment of $5,000. Artificial intelligence (AI) is also making it easier for TOAD phishing attacks to happen. A few months ago, a Hong Kong executive was fooled into sending HK$200m of his company's funds to cyber criminals who impersonated senior officials in a deepfake video meeting. Effective countermeasures To combat TOAD attacks, businesses must implement robust solutions. Employee training and awareness: Regular training sessions and vishing simulations help employees recognize and respond to TOAD attacks. Authentication and verification protocols: Implementing multi-factor authentication (MFA) and call-back verification procedures enhances security for sensitive transactions. Technology solutions: Bots and spoofing detection and voice biometric authentication technologies help verify the identity of callers and block fraudulent numbers. Monitoring and analytics: Advanced fraud detection and behavioral analytics identify anomalies and unusual activities indicative of TOAD attacks. Secure communication channels: Ensure consumers have access to verified customer service numbers and promote secure messaging apps. A strong strategy should also involve using advanced email security solutions with AI fraud detection and machine learning (ML) to effectively defend against TOAD threats. These can help identify and stop phishing emails. Regular security audits and updates are necessary to find and fix vulnerabilities, and an incident response plan should be prepared to deal with and reduce any breaches. By integrating technology, processes, and people into their strategy, organizations can develop a strong defense against TOAD attacks. Keeping TOADS at bay with Experian® By working and exchanging information with other businesses and industry groups, you can gain useful knowledge about new or emerging threats and defense strategies. Governments and organizations like the Federal Communications Commission (FCC) have a shared duty to defend the private sector and public consumers from TOAD attacks, while many of the current rules and laws seem to lag behind what criminals are doing. By combining the best data with our automated ID verification processes, Experian® helps you protect your business and reputation. Our best-in-class solutions employ device recognition, behavioral biometrics, machine learning, and global fraud databases to spot and block suspicious activity before it becomes a problem. Learn more *This article includes content created by an AI language model and is intended to provide general information.
Experian’s award-winning platform now brings together market-leading data, generative AI and cutting-edge machine learning solutions for analytics, credit decisioning and fraud into a single interface — simplifying the deployment of analytical models and enabling businesses to optimize their practices. The platform updates represent a notable milestone, fueled by Experian’s significant investments in innovation over the last eight years as part of its modern cloud transformation. “The evolution of our platform reaffirms our commitment to drive innovation and empower businesses to thrive. Its capabilities are unmatched and represent a significant leap forward in lending technology, democratizing access to data in compliant ways while enabling lenders of all sizes to seamlessly validate their customers’ identities with confidence, help expand fair access to credit and offer awesome user and customer experiences,” said Alex Lintner CEO Experian Software Solutions. The enhanced Experian Ascend Platform dramatically reduces time to install and offers streamlined access to many of Experian's award-winning integrated solutions and tools through a single sign-on and a user-friendly dashboard. Leveraging generative AI, the platform makes it easy for organizations of varying sizes and experience levels to pivot between applications, automate processes, modernize operations and drive efficiency. In addition, existing clients can easily add new capabilities through the platform to enhance business outcomes. Read Press Release Learn More Check out Experian Ascend Platform in the media: Transforming Software for Credit, Fraud and Analytics with Experian Ascend Platform™ (Episode 160) Reshaping the Future of Financial Services with Experian Ascend Platform Introducing Experian’s Cloud-based Ascend Technology Platform with GenAI Integration 7 enhancements of Experian Ascend Platform
With e-commerce booming and more transactions occurring online, the threat of chargeback fraud has never been more significant. In this article, we'll explore chargeback fraud, why it's a growing problem, and, most importantly, how to prevent it. Whether you're a small or large business, understanding and implementing robust chargeback fraud prevention measures is critical to protecting your organization. Understanding chargeback fraud Before we can prevent chargeback fraud, we need to know what we're dealing with. A chargeback happens when a cardholder disputes a transaction, or files a chargeback request, leading to the reversal of the payment to the merchant. Chargebacks can occur for various reasons including: Fraudulent transactions: If a card is stolen or its information is used without authorization, like in the case of account takeover fraud or card not present fraud, the cardholder can dispute the charges. Unauthorized transactions: Even if the cardholder didn't lose their card, they might notice charges they didn't make. Quality issues: If the product or service doesn't meet the cardholder's expectations or has a defect, they might dispute the charge. Billing errors: Sometimes, billing mistakes happen, such as being charged multiple times for the same transaction. Subscription cancellations: When a cardholder cancels a subscription but continues to be billed they can dispute the charges. While there are legitimate reasons for chargebacks, chargeback fraud, also known as friendly fraud, occurs when a customer makes a legitimate purchase with their credit card and then disputes the charge by filing a chargeback request. Unlike third-party fraud, where the cardholder's information is stolen or used without permission, in chargeback fraud, the cardholder initiates the dispute to avoid paying for goods or services they legitimately received. Chargeback fraud can take various forms: False claims of non-receipt: The cardholder claims they never received the purchased item, even though they did. Unauthorized transaction claims: The cardholder denies making the purchase, even though they did so legitimately. Product/service dissatisfaction: The cardholder claims dissatisfaction with the product or service as a reason for disputing the charge, even if the product or service was as described. Subscription services: The cardholder signs up for a subscription service and then disputes the recurring charges as unauthorized or unwanted. Why chargeback fraud is on the rise Chargeback fraud is becoming more pervasive for a couple of reasons. First, as e-commerce grows, so does the opportunity for fraud. Without face-to-face interactions, fraudsters can pull off their schemes more easily. Second, the process of issuing chargebacks has become consumer-friendly, with banks often siding with the cardholder without deep scrutiny of the claim. Finally, with the rise of subscription-based services and digital goods, the incidence of "friendly fraud" is increasing. The impact and repercussions of chargeback fraud The impact of chargeback fraud can be felt across several areas within a business. Financially, it's a clear and direct loss. There are also significant operational costs associated with managing chargebacks, including potential product loss, bank and related fees, and administrative work. However, the less tangible, more insidious repercussions involve damage to the business's reputation. A high chargeback rate can lead to a merchant account being suspended or terminated, causing a loss of the ability to process credit card payments. A tarnished reputation can further lead to losing consumer trust, which can be hard to regain. How to prevent chargeback fraud Preventing and managing chargeback fraud often involves implementing fraud prevention solutions, providing clear communication and customer support, and disputing illegitimate chargebacks with evidence when possible. Here are key actions you can take to protect your business against chargeback fraud: Educate and communicate with customers: Ensure your customers are fully aware of your return and refund policies. Be clear and transparent in your communications about what happens in the event of a disputed transaction. This can significantly reduce misunderstandings that often lead to legitimate chargebacks. Implement stringent transaction verification processes: Utilize Address Verification Services (AVS) and Card Verification Value (CVV2) verification for online and over-the-phone transactions. These credit card authentication services add an extra layer of security and can establish the validity of a purchase. Keep meticulous records: Document all transactions, including emails, phone calls, and any other purchase-related correspondence. In the event of a dispute, these records can serve as compelling evidence to defend the transaction. Immediate shipment and tracking: Ship products as quickly as possible after purchase and provide tracking information to customers. This delights customers and provides tangible proof of delivery should a chargeback be disputed. Utilize advanced fraud detection tools: Many fraud detection services are available that can instantly flag potentially fraudulent transactions, from monitoring for suspicious spending patterns to IP tracking for online orders. Examples include: Tokenization: Tokenization replaces sensitive card data with a "token," a random string of characters that is useless to fraudsters. This token can be stored or transmitted easily, with the actual payment information securely kept off-site. Machine learning and AI: Machine learning and AI fraud detection solutions can analyze vast amounts of transaction data to detect patterns and anomalies, thus flagging potentially fraudulent activity in real-time. The role of customer support in chargeback prevention While the above tools can help your organization prevent fraudulent charge backs, you likely already have a key tool in your company that can help mitigate chargebacks altogether. Your customer support team is your front line in chargeback prevention. Train them to handle customer inquiries effectively and resolve issues before they escalate. Offer multiple contact channels: Give customers several ways to reach your support team, such as email, phone, and live chat. The more easily they can contact you, the less likely they are to resort to a chargeback. Ensure prompt and courteous service: A positive and responsive customer service experience can turn a potential chargeback into a loyalty-building opportunity. Make refunds and returns as easy as possible for your customers. Additionally, clear and generous policies will reduce dissatisfaction and the likelihood of chargebacks. How Experian can help with chargeback fraud prevention Chargeback fraud can be a daunting prospect for any business, but with the right strategies in place, you can protect your business, your customers and your bottom line. Experian’s fraud management solutions provide robust verification options and layered risk management to help reduce the risk of chargeback fraud. Our advanced fraud detection solutions leverage machine learning algorithms and behavioral analytics to confirm the identity of customers during transactions, identify suspicious patterns and activities, and offer deeper insights that enhance fraud prevention strategies. These solutions can help detect potential instances of chargeback fraud in real-time or during post-transaction analysis. Learn More *This article includes content created by an AI language model and is intended to provide general information.
The world of finance can be a dangerous place, where cunning schemes lurk in the shadows, ready to pounce on unsuspecting victims. In the ever-evolving landscape of financial crime, the insidious ‘pig butchering’ scam has emerged as a significant threat, targeting both financial institutions and their clients. What is a ‘pig butchering’ scam? ‘Pig butchering’ scams are named after the practice of farmers fattening up their livestock before “butchering” them. This comparison describes the core of ‘pig butchering’ scams, where criminals entice victims to participate in investment schemes and cryptocurrency fraud. Originating in Southeast Asia and now rampant in the United States, these scams often start with online interactions via social media or dating applications. Scammers build trust with the victim, eventually gaining access to their online accounts. They "fatten the pig" by enticing more cryptocurrency investments and then make off with their ill-gotten gains. The repercussions are staggering, with reported losses exceeding $3.5 billion in 2023 alone according to an AP News article, and around 40,000 victims in the United States, including cases of losses as massive as $4 million. The real-life impact The story of “RB,” a San Francisco man who engaged with a scammer named "Janey Lee," serves as a stark warning. Through social media, Janey orchestrated an elaborate scheme, promising "RB” substantial returns in cryptocurrency investment. Seduced by false promises, “RB” emptied his life savings into the scam, only to be rescued by a Federal Bureau of Investigation (FBI) intervention, narrowly avoiding financial ruin.1 Malicious actors are improving their targeting skills, and often pursue executives and victims with a large sum of money, such as C-level officials from financial institutions. This past February, a $50 million pig slaughtering fraud incident caused the CEO of a local bank in Kansas to lose all his funds and the bank to collapse a few months later. FinCEN's vigilance and updates The Financial Crimes Enforcement Network (FinCEN) remains vigilant, issuing advisories to financial institutions to combat ‘pig butchering’ scams. Their latest advisory highlights evolving scam tactics, including aggressive promotions, using money mules for illegal fund transfers, and leveraging new financial products like decentralized finance (DeFi) platforms to obfuscate transactions. FinCEN also warns about red flags such as large and sudden investments from older customers, quick fund withdrawals after big deposits, and the frequent use of coins or mixers that hide transactions. Financial institutions are encouraged to: Report any suspicious activities by using specific terms like "pig butchering fraud advisory" in their reports to make analysis and response easier. File suspicious activity reports (SARs) using the key term “FIN-2023-PIGBUTCHERING.” Guide potential victims to report to the FBI’s IC3 or the Security and Exchange Commission (SEC’s) reporting system. A call to action for financial institutions The fight against ‘pig butchering’ scams requires proactive measures from financial institutions: Enhance fraud detection and anti-money laundering (AML) programs: Implement robust systems compliant with regulatory guidelines, conduct thorough customer enhanced due diligence, and leverage fraud detection software to spot anomalies and red flags., and leverage fraud detection software to spot anomalies and red flags. Leverage data analytics: Utilize data analytics tools to monitor customer behavior, identify irregular patterns, and swiftly detect potential ‘pig butchering’ activities. Employee training: Educate employees on scam risks, fraud detection techniques, and FinCEN red flags to empower them as the first line of defense., and FinCEN red flags to empower them as the first line of defense. Community education: Educate customers on recognizing and avoiding investment scams, promoting awareness, and safeguarding their assets. Navigating challenges with effective solutions ‘Pig butchering’ scams cause not only money losses but also personal troubles and reputational harm. Awareness, learning, and cooperation are essential in protecting from these complex financial fraudsters, securing the safety and confidence of your institutions and stakeholders. By combining the best data with our automated identification verification processes, you can protect your business and onboard new talents efficiently. Our industry-leading solutions employ device recognition, behavioral biometrics, machine learning, and global fraud databases to spot and block suspicious activity before it becomes a problem. Learn more 1San Francisco Chronical (2023). Crypto Texting Scam *This article includes content created by an AI language model and is intended to provide general information.
In a financial world that's increasingly connected and complex, monitoring transactions is not just good business practice — it's a regulatory necessity. Anti-money laundering (AML) transaction monitoring stands as a crucial barrier against financial crimes, which ensures the integrity of financial systems worldwide. For financial institutions, the challenges of AML compliance and the tools to meet them continue to evolve. In this blog post, we'll walk through the basics, best practices, and future of AML transaction monitoring. What is AML transaction monitoring? AML transaction monitoring refers to the systems and processes financial institutions use to detect and report potentially suspicious transactions to the Financial Crimes Enforcement Network (FinCEN) under the United States Department of Treasury, which spearheads the efforts to track financial crimes — money laundering and financing of criminal or terrorist activities. By continuously monitoring customer transactions and establishing patterns of behavior, suspicious activities can be identified for further investigation. The role of AML transaction monitoring AML transaction monitoring identifies potential criminal activities and helps maintain a clean and efficient financial ecosystem. By being proactive in preventing the misuse of services, organizations can protect their reputation, strengthen customer trust, and uphold regulatory requirements. The challenge of false positives However, AML compliance is not without challenges. The systems in place often produce many 'false positives', transactions identified as potentially suspicious that, after investigation, turn out to be mundane. These false alarms can overwhelm compliance departments, leading to inefficiency and potentially missing real red flags. Why is AML transaction monitoring important? Understanding the importance of AML transaction monitoring requires a broader look at the implications of financial crimes. Money laundering often supports other serious crimes such as drug trafficking, fraud, and even terrorism. The ability to interrupt the flow of illicit funds also disrupts these additional criminal networks. Furthermore, for organizations, the cost of non-compliance can be substantial — financially and reputationally. Penalties for inadequate AML controls can be hefty, signaling the need for robust monitoring systems. Specifics on compliance Compliance with AML regulations is not a choice but a must. Financial institutions are required to comply with AML laws and regulations to protect their businesses and the industry as a whole. This includes understanding and adhering to regulation changes, which can be complex and have significant operational impacts. How does AML transaction monitoring work? There are two main approaches to transaction monitoring: Rule-based systems: These rely on pre-defined rules that flag transactions exceeding certain thresholds, originating from high-risk countries, or involving specific types of activities. Scenario-based systems: These use more sophisticated algorithms to analyze transaction patterns and identify anomalies that might not be captured by simple rules. This can include analyzing customer behavior, source of funds, and the purpose of transactions. Most organizations use a combination of both approaches. Transaction monitoring software is a valuable tool, but it's important to remember that it's not a foolproof solution. Human analysis is still essential to investigate flagged transactions and determine if they are truly suspicious. Implementing AML transaction monitoring solutions Implementing a robust AML transaction monitoring system requires the right technology and the right strategy. Beyond the software, it's about embedding a culture of compliance within the organization. Choosing the right AML solution The right AML solution should be based on the specific needs of the institution, the complexity of its operations, and the sophistication of the fraud landscape it faces. It's imperative to pick a solution that is agile, scalable, and integrates seamlessly with existing systems. Leveraging KYC and CIP programs Know your customer (KYC) and customer identification program (CIP) are deeply connected to transaction monitoring. Implementing a robust KYC program helps to establish a strong customer identity, whereas a solid CIP ensures that essential customer information is verified at the time of account opening. Automation and AI in AML compliance Automation and AI are revolutionizing AML compliance, especially in transaction monitoring. AI systems, with their ability to learn and evolve, can significantly reduce false positives, making the compliance process more efficient and effective. Advanced AML solutions and the future Technological advancements are constantly reshaping the AML landscape, including solutions incorporating big data analysis and machine learning. Utilizing big data for better insights: Big data analytics provides an unprecedented ability to spot potential money laundering by analyzing vast amounts of transactional data, allowing for better contextual understanding and the ability to identify patterns of suspicious activity. Machine learning and predictive analytics: Machine learning technologies have the potential to refine transaction monitoring by continuously learning new behaviors and adapting to evolving threats. Predictive analytics can help in identifying potential risks well in advance and taking pre-emptive actions. The human element in AML Despite the advancing technology, the human element remains crucial. AML systems are only as good as the people who operate them. Organizations must invest in: Continuous training and skill development: Continuous training ensures that employees remain updated on regulations, compliance techniques, and the latest tools. Developing a team with AML expertise is an investment in the institution's security and success. Cultivating a compliance culture: Cultivating a corporate culture that values compliance is vital. From the highest levels of management to front-line staff, a mindset that embraces the duty to protect against financial crime is a powerful asset in maintaining an effective AML program. How we can help As a leader in fraud prevention and identity verification, Experian’s AML solutions can help you increase the effectiveness of your AML program to efficiently comply with federal and international AML regulations while safeguarding your organization from financial crime. We provide data, models, and automated systems and processes to monitor, detect, investigate, document and report potential money laundering activities across the entire customer lifecycle. Learn more about Experian’s AML solutions *This article includes content created by an AI language model and is intended to provide general information.
Financial institutions have long relied on anti-money laundering (AML) and anti-fraud systems to protect themselves and their customers. These departments and systems have historically operated in siloes, but that’s no longer best practice. Now, a new framework that integrates fraud and AML, or FRAML, is taking hold as financial institutions see the value of sharing resources to fight fraud and other financial crimes. You don’t need to keep them separated For fraudsters, fraud and money laundering go hand-in-hand. By definition, someone opening an account and laundering money is committing a crime. The laundered funds are also often from illegal activity — otherwise, they wouldn’t need to be laundered. For financial institutions, different departments have historically owned AML and anti-fraud programs. In part, because AML and fraud prevention have different goals: AML is about staying compliant: AML is often owned by an organization’s compliance department, which ensures the proper processes and reporting are in place to comply with relevant regulations. Fraud is about avoiding losses: The fraud department identifies and stops fraudulent activity to help protect the organization from reputational harm and fraud losses. As fraudsters’ operations become more complex, the traditional separation of the two departments may be doing more harm than good. Common areas of focus There has always been some overlap in AML and fraud prevention. After all, an AML program can stop criminals from opening or using accounts that could lead to fraud losses. And fraud departments might stop suspicious activity that’s a criminal placing or layering funds. While AML and fraud both involve ongoing account monitoring, let’s take a closer look at similarities during the account creation: Verifying identities: Financial institutions’ AML programs must include know your customer (KYC) procedures and a Customer Identification Program (CIP). Being able to verify the identity of a new customer can be important for tracing transactions back to an individual or entity later. Similarly, fraud departments want to be sure there aren’t any red flags when opening a new account, such as a connection between the person or entity and previous fraudulent activity. Preventing synthetic identity fraud: Criminals may try to use synthetic identities to avoid triggering AML or fraud checks. Synthetic identity fraud has been a growing problem, but the latest solutions and tools can help financial institutions stop synthetic identity fraud across the customer lifecycle. Detecting money mules: Some criminals recruit money mules rather than using their own identity or creating a synthetic identity. The mules are paid to use their legitimate bank account to accept and transfer funds on behalf of the criminal. In some cases, the mule is an unwitting victim of a scam and an accomplice in money laundering. Although the exact requirements, tools, processes, and reports for AML and fraud differ, there’s certainly one commonality — identify and stop bad actors. Interactive infographic: Building a multilayered fraud and identity strategy The win-win of the FRAML approach Aligning AML and fraud could lead to cost savings and benefits for the organization and its customers in many ways. Save on IT costs: Fraud and AML teams may benefit from similar types of advanced analytics for detecting suspicious activity. In 2023, around 60 percent of businesses were using or trying to use machine learning (ML) in their fraud strategies, but a quarter said cost was impeding implementation.1 If fraud and AML can share IT resources and assets, they might be able to better afford the latest ML and AI solutions. Avoid duplicate work: Cost savings can also happen if you can avoid having separate AML and fraud investigations into the same case. The diverse backgrounds and approaches to investigations may also lead to more efficient and successful outcomes. Get a holistic view of customers: Sharing information about customers and accounts also might help you more accurately assess risk and identify fraud groups. Improve your customer experience: Shared data can also reduce customer outreach for identity or transaction verifications. Creating a single view of each account or customer can also improve customer onboarding and account monitoring, leading to fewer false positives and a better customer experience. Some financial institutions have implemented collaboration with the creation of a new team, sometimes called the financial crimes unit (FCU). Others may keep the departments separate but develop systems for sharing data and resources. Watch the webinar: Fraud and identity challenges for Fintechs How Experian can help Creating new systems and changing company culture doesn’t happen overnight, but the shift toward collaboration may be one of the big trends in AML and fraud for 2024. As a leader in identity verification and fraud prevention, Experian can offer the tools and strategies that organizations need to update their AML and fraud processes across the entire customer lifecycle. CrossCore® is our integrated digital identity and fraud risk platform which enables organizations to connect, access, and orchestrate decisions that leverage multiple data sources and services. CrossCore cloud platform combines risk-based authentication, identity proofing and fraud detection, which enables organizations to streamline processes and quickly respond to an ever-changing environment. In its 2023 Fraud Reduction Intelligence Platforms (FRIP), Kuppinger Cole wrote, “Once again, Experian is a Leader in Fraud Reduction Intelligence Platforms. Any organizations looking for a full-featured FRIP service with global support should consider Experian CrossCore.” Learn more about Experian’s AML and fraud solutions. 1. Experian (2023). Experian's 2023 Identity and Fraud Report
Know Your Customer (KYC) procedures are a requirement for banks and other financial institutions to collect and verify the identity of their customers. When a bank verifies the identity of another organization or its owners, the process may be called Know Your Business (KYB) instead. As part of banks’ anti-money laundering (AML) programs, KYC can help stop corruption, money laundering and terrorist financing. Creating and maintaining KYC programs is also important for regulatory compliance, reputation management and fraud prevention. READ: How to Build a Know Your Customer Checklist – Everything You Need to Know The three components of KYC programs Banks can largely determine how to set up their KYC and AML programs within the applicable regulatory guidelines. In the United States, KYC needs to happen when banks initially onboard a new customer. But it’s not a one-and-done event—ongoing customer and transaction monitoring is also important. Customer Identification Program (CIP) Creating a robust Customer Identification Program (CIP) is an essential part of KYC. At a minimum, a bank’s CIP requires it to collect the following information from new customers: Name Date of birth Address Identification number, such as a Social Security number (SSN) or Employer Identification Number (EIN) Banks' CIPs also have to use risk-based procedures to verify customers’ identities and form a reasonable belief that they know the customer's true identity.1 This might involve comparing the information from the application to the customer’s government-issued ID, other identifying documents and authoritative data sources, such as credit bureau databases. Additionally, the bank's CIP will govern how the bank: Retains the customer’s identifying information Compares customer to government lists Provides customers with adequate notices Banks can create CIPs that meet all the requirements in various ways, and many use third-party solutions to quickly collect data, detect forged or falsified documents and verify the provided information. INFOGRAPHIC: Streamlining the Digital Onboarding Process: Beating Fraud at its Game Customer due diligence (CDD) CIP and CDD overlap, but the CIP primarily verifies a customer’s identity while customer due diligence (CDD) helps banks understand the risk that each customer poses. To do this, banks try to understand what various types of customers do, what those customers’ normal banking activity looks like, and in contrast, what could be unusual or suspicious activity. Financial institutions can use risk ratings and scores to evaluate customers and then use simplified, standard or enhanced due diligence (EDD) processes based on the results. For example, customers who might pose a greater risk of laundering money or financing terrorism may need to undergo additional screenings and clarify the source of their funds. Ongoing monitoring Ongoing or continuous monitoring of customers’ identities and transactions is also important for staying compliant with AML regulations and stopping fraud. The monitoring can help banks spot a significant change in the identity of the customer, beneficial owner or account, which may require a new KYC check. Unusual transactions can also be a sign of money laundering or fraud, and they may require the bank to file a suspicious activity report (SAR). Why is KYC important in banking? Understanding and implementing KYC processes can be important for several reasons: Regulatory compliance: Although the specific laws and rules can vary by country or region, many banks are required to have AML procedures, including KYC. The fines for violating AML regulations can be in the hundreds of millions— a few banks have been fined over $1 billion for lax AML enforcement and sanctions breaching. Reputation management: In some cases, enforcement actions and fines were headline news. Banks that don’t have robust KYC procedures in place risk losing their customers' trust and respect. Fraud prevention: In addition to the regulatory requirements, KYC policies and systems can also work alongside fraud management solutions for banks. Identity verification at onboarding can help banks identify synthetic identities attempting to open money mule accounts or take out loans. Ongoing monitoring can also be important for identifying long-term fraud schemes and large fraud rings. ON-DEMAND WEBINAR: Fraud Strategies for a Positive Customer Experience KYC in a digital-first world Many financial institutions have been going through digital transformations. Part of that journey is updating the systems and tools in place to meet the expectations of customers and regulators. An Experian survey found that about half of consumers (51 percent) consider abandoning the creation of a new account because of friction or a less-than-positive experience — that increased to 69 percent for high-income households.2 The survey wasn’t specific to financial services, but friction could be a problem for banks wanting to attract new account holders. Just as access to additional data sources and machine learning help automate underwriting, financial institutions can use technological advances to add an appropriate amount of friction based on various risk signals. Some of these can be run in the background, such as an electronic Consent Based Social Security Number Verification (eCBSV) check to verify the customer’s name, SSN and date of birth match the Social Security Administration’s records. Others may require more customer involvement, such as taking a selfie that’s then compared to the image on their photo ID — Experian CrossCore® Doc Capture enables this type of verification. Experian is a leader in identity and data management Experian's identity verification solutions use proprietary and third-party data to help banks manage their KYC procedures, including identity verification and Customer Identification Programs. By bundling identity verification with fraud assessment, banks can stop fraudsters while quickly resolving identity discrepancies. The automated processes also allow you to offer a low-friction identity verification experience and use step-up authentications as needed. Learn more about Experian’s identity solutions. 1FDIC (2021). Customer Identification Program 2Experian (2023). Experian's 2023 Identity and Fraud Report
This article was updated on March 12, 2024. The number of decisions that a business must make in the marketing space is on the rise. Which audience to target, what is the best method of communication, which marketing campaign should they receive? To stay ahead, a growing number of businesses are embracing artificial intelligence (AI) analytics, machine learning, and mathematical optimization in their decisioning models and strategies. What is an optimization model? While machine learning models provide predictive insights, it’s the mathematical optimization models that provide actionable insights that drive decisioning. Optimization models factor in multiple constraints and goals to leave you with the next best steps. Each step in the optimization process can significantly improve the overall impact of your marketing outreach — for both you and your customers. Using a mathematical optimization software, you can enhance your targeting, increase response rates, lower cost per acquisition, and drive engagement. Better engagement can lead to stronger business performance and profitability. Here are a few key areas where machine learning and optimization modeling can help increase your return on investment (ROI): Prospecting: Advanced analytics and optimization can be used to better identify individuals who meet your credit criteria and are most likely to respond to your offers. Taking this customer-focused approach, you can provide the most relevant marketing messages to customers at the right time and place. Cross-sell and upsell: The same optimized targeting can be applied to increase profitability with your existing customer base in cross-sell and up-sell opportunities. Gain insights into the best offer to send to each customer, the best time to send it, and which channel the customer will respond best to. Additionally, implement logic that maintains your customer contact protocols. Retention: Employing optimization modeling in the retention stage helps you make quicker decisions in a competitive environment. Instantly identify triggers that warrant a retention offer and determine the likelihood of the customer responding to different offers. LEARN MORE: eBook: Debunking the top 5 myths about optimization Gaining insight and strengthening decisions with our solutions Experian’s suite of advanced analytics solutions, including our optimization software, can help improve your marketing strategies. Use our ROI calculator to get a personalized estimate of how optimization can lift your campaigns without additional marketing spend. Start by inputting your organization’s details below. initIframe('62e81cb25d4dbf17c7dfea55'); Learn more about how optimization modeling can help you achieve your marketing and growth goals. Learn more
In the ever-expanding financial crime landscape, envision the most recent perpetrator targeting your organization. Did you catch them? Could you recover the stolen funds? Now, picture that same individual attempting to replicate their scheme at another establishment, only to be thwarted by an advanced system flagging their activity. The reason? Both companies are part of an anti-fraud data consortium, safeguarding financial institutions (FIs) from recurring fraud. In the relentless battle against fraud and financial crime, FIs find themselves at a significant disadvantage due to stringent regulations governing their operations. Criminals, however, operate without boundaries, collaborating across jurisdictions and international borders. Recognizing the need to level the playing field, FIs are increasingly turning to collaborative solutions, such as participation in fraud consortiums, to enhance their anti-fraud and Anti-Money Laundering (AML) efforts. Understanding consortium data for fraud prevention A fraud consortium is a strategic alliance of financial institutions and service providers united in the common goal of comprehensively understanding and combatting fraud. As online transactions surge, so does the risk of fraudulent activities. However, according to Experian’s 2023 U.S. Identity and Fraud Report, 55% of U.S. consumers reported setting up a new account in the last six months despite concerns around fraud and online security. The highest account openings were reported for streaming services (43%), social media sites and applications (40%), and payment system providers (39%). Organizations grappling with fraud turn to consortium data as a robust defense mechanism against evolving fraud strategies. Consortium data for fraud prevention involves sharing transaction data and information among a coalition of similar businesses. This collaborative approach empowers companies with enhanced data analytics and insights, bolstering their ability to combat fraudulent activities effectively. The logic is simple: the more transaction data available for analysis by artificial-intelligence-powered systems, the more adept they become at detecting and preventing fraud by identifying patterns and anomalies. Advantages of data consortiums for fraud and AML teams Participation in an anti-fraud data consortium provides numerous advantages for a financial institution's risk management team. Key benefits include: Case management resolution: Members can exchange detailed case studies, sharing insights on how they responded to specific suspicious activities and financial crime incidents. This collaborative approach facilitates the development of best practices for incident handling. Perpetrator IDs: Identifying repeat offenders becomes more efficient as consortium members share data on suspicious activities. Recognizing patterns in names, addresses, device fingerprints, and other identifiers enables proactive prevention of financial crimes. Fraud trends: Consortium members can collectively analyze and share data on the frequency of various fraud attempts, allowing for the calibration of anti-fraud systems to effectively combat prevalent types of fraud. Regulatory changes: Staying ahead of evolving financial regulations is critical. Consortiums enable FIs to promptly share updates on regulatory changes, ensuring quick modifications to anti-fraud/AML systems for ongoing compliance. Who should join a fraud consortium? A fraud consortium can benefit any organization that faces fraud risks and challenges, especially in the financial industry. However, some organizations may benefit more, depending on their size, type, and fraud exposure. Some of the organizations that should consider joining a fraud consortium are: Financial institutions: Banks, credit unions, and other financial institutions are prime targets for fraudsters, who use various methods such as identity theft, account takeover, card fraud, wire fraud, and loan fraud to steal money and information from them. Fintech companies: Fintech companies are innovative and disruptive players in the financial industry, who offer new and alternative products and services such as digital payments, peer-to-peer lending, crowdfunding, and robot-advisors. Online merchants: Online merchants are vulnerable to fraudsters, who use various methods such as card-not-present fraud, friendly fraud, and chargeback fraud to exploit their online transactions and payment systems. Why partner with Experian? What companies need is a consortium that allows FIs to collaboratively research anti-fraud and AML information, eliminating the need for redundant individual efforts. This approach promotes tighter standardization of anti-crime procedures, expedited deployment of effective anti-fraud/AML solutions, and a proactive focus on preventing financial crime rather than reacting to its aftermath. Experian Hunter is a sophisticated global application fraud and risk management solution. It leverages detection rules to screen incoming application data for identifying and preventing fraudulent activities. It matches incoming application data against multiple internal and external data sources, shared fraud databases and dedicated watch lists. It uses client-flexible matching rules to crossmatch data sources for highlighting data anomalies and velocity attempts. In addition, it looks for connections to previous suspected and known fraudulent applications. Hunter generates a fraud score to indicate a fraud risk level used to prioritize referrals. Suspicious applications are moved into the case management tool for further investigation. Overall, Hunter prevents application fraud by highlighting suspicious applications, allowing you to investigate and prevent fraud without inconveniencing genuine customers. To learn more about our fraud management solutions, visit us online or request a call. Learn more This article includes content created by an AI language model and is intended to provide general information.
Finding a reliable, customer-friendly way to protect your business against new account fraud is vital to surviving in today's digital-driven economy. Not only can ignoring the problem cause you to lose valuable money and client goodwill, but implementing the wrong solutions can lead to onboarding issues that drive away potential customers. The Experian® 2023 Identity and Fraud Report revealed that nearly 70 percent of businesses reported fraud loss in recent years, with many of these involving new account fraud. At the same time, problems with onboarding caused 37 percent of consumers to drop off and take their business elsewhere. In other words, your customers want protection, but they aren't willing to compromise their digital experience to get it. You need to find a way to meet both these needs when combating new account fraud. What is new account fraud? New account fraud occurs any time a bad actor creates an account in your system utilizing a fake or stolen identity. This process is referred to by different names, such as account takeover fraud, account creation fraud, or account opening fraud. Examples of some of the more common types of new account fraud include: Synthetic identity (ID) fraud: This type of fraud occurs when the scammer uses a real, stolen credential combined with fake credentials. For example, they might use someone's real Social Security number combined with a fake email. Identity theft: In this case, the fraudster uses personal information they stole to create a new scam account. Fake identity: With this type of fraud, scammers create an account with wholly fake credentials that haven't been stolen from any particular person. New account fraud may target individuals, but the repercussions spill over to impact entire organizations. In fact, many scammers utilize bots to attempt to steal information or create fake accounts en masse, upping the stakes even more. How does new account fraud work? New account fraud begins at a single weak security point, such as: Data breaches: The Bureau of Justice reported that in 2021 alone, 12 percent of people ages 16 or older received notifications that their personal information was involved in a data breach.1 Phishing scams: The fraudster creates an email or social media account that pretends to be from a legitimate organization or person to gain confidential information.2 Skimmers: These are put on ATMs or fuel pumps to steal credit or debit card information.2 Bot scrapers: These tools scrape information posted publicly on social media or on websites.2 Synthetic ID fraud: 80 percent of new account fraud is linked to synthetic ID fraud.3 The scammer just needs one piece of legitimate information. If they have a real Social Security number, they might combine it with a fake name and birth date (or vice versa.) After the information is stolen, the rest of the fraud takes place in steps. The fake or stolen identity might first be used to open a new account, like a credit card or a demand deposit account. Over time, the account establishes a credit history until it can be used for higher-value targets, like loans and bank withdrawals. How can organizations prevent new account fraud? Some traditional methods used to combat new account fraud include: Completely Automated Public Turing Tests (CAPTCHAs): These tests help reduce bot attacks that lead to data breaches and ensure that individuals logging into your system are actual people. Multifactor authentication (MFA): MFA bolsters users' password protection and helps guard against account takeover. If a scammer tries to take over an account, they won't be able to complete the process. Password protection: Robust password managers can help ensure that one stolen password doesn't lead to multiple breaches. Knowledge-based authentication: Knowledge-based authentication can be combined with MFA solutions, providing an additional layer of identity verification. Know-your-customer (KYC) solutions: Businesses may utilize KYC to verify customers via government IDs, background checks, ongoing monitoring, and the like. Additional protective measures may involve more robust identity verification behind the scenes. Examples include biometric verification, government ID authentication, public records analysis, and more. Unfortunately, these traditional protective measures may not be enough, for many reasons: New account fraud is frequently being perpetrated by bots, which can be tougher to keep up with and might overwhelm systems. Institutions might use multiple security solutions that aren't built to work together, leading to overlap and inefficiency. Security measures may create so much friction in the account creation process that potential new customers are turned away. How we can help Experian's fraud management services provide a multi-layered approach that lets businesses customize solutions to their particular needs. Advanced machine learning analytics utilizes extensive, proprietary data to provide a unique experience that not only protects your company, but it also protects your customers' experience. Customer identification program (CIP) Experian's KYC solutions allow you to confidently identify your customers via a low-friction experience. The tools start with onboarding, but continue throughout the customer journey, including portfolio management. The tools also help your company comply with relevant KYC regulations. Cross-industry analysis of identity behavior Experian has created an identity graph that aggregates consumer information in a way that gives companies access to a cross-industry view of identity behavior as it changes over time. This means that when a new account is opened, your company can determine behind the scenes if any part of the identity is connected to instances of fraud or presents actions not normally associated with the customer's identity. It's essentially a new paradigm that works faster behind the scenes and is part of Experian's Ascend Fraud Platform™. Multifactor authentication solutions Experian's MFA solutions utilize low-friction techniques like two-factor authentication, knowledge-based authentication, and unique one-time password authentication during remote transactions to guard against hacking. Synthetic ID fraud protection Experian's fraud management solutions include robust protection against synthetic ID fraud. Our groundbreaking technology detects and predicts synthetic identities throughout the customer lifecycle, utilizing advanced analytics capabilities. CrossCore® CrossCore combines risk-based authentication, identity proofing, and fraud detection into one cloud platform, allowing for real-time decisions to be made with flexible decisioning workflows and advanced analytics. Interactive infographic: Building a multilayered fraud and identity strategy Precise ID® The Precise ID platform lets customers choose the combination of fraud analytics, identification verification, and workflows that best meet their business needs. This includes machine-learned fraud risk models, robust consumer data assets, one-time passwords (OTPs), knowledge-based authentication (KBAs), and powerful insights via the Identity Element Network®. Account takeover fraud represents a significant threat to your business that you can't ignore. But with Experian's broad range of solutions, you can keep your systems secure while not sacrificing customer experience. Experian can keep your business secure from new account fraud Experian's innovative approach can streamline your new account fraud protection. Learn more about how our fraud management solutions can help you. Learn more References 1. Harrell, Erika. "Just the Stats: Data Breach Notifications and Identity Theft, 2021." Bureau of Justice Statistics, January 2024. https://bjs.ojp.gov/data-breach-notifications-and-identity-theft-2021 2. "Identity Theft." USA.gov, December 6, 2023. https://www.usa.gov/identity-theft 3. Purcell, Michael. "Synthetic Identity Fraud: What is It and How to Combat It." Thomson Reuters, April 28, 2023. https://legal.thomsonreuters.com/blog/synthetic-identity-fraud-what-is-it-and-how-to-combat-it/
This article was updated on March 6, 2024. Advances in analytics and modeling are making credit risk decisioning more efficient and precise. And while businesses may face challenges in developing and deploying new credit risk models, machine learning (ML) — a type of artificial intelligence (AI) — is paving the way for shorter design cycles and greater performance lifts. LEARN MORE: Get personalized recommendations on optimizing your decisioning strategy Limitations of traditional lending models Traditional lending models have worked well for years, and many financial institutions continue to rely on legacy models and develop new challenger models the old-fashioned way. This approach has benefits, including the ability to rely on existing internal expertise and the explainability of the models. However, there are limitations as well. Slow reaction times: Building and deploying a traditional credit risk model can take many months. That might be okay during relatively stable economic conditions, but these models may start to underperform if there's a sudden shift in consumer behavior or a world event that impacts people's finances. Fewer data sources: Traditional scoring models may be able to analyze some types of FCRA-regulated data (also called alternative credit data*), such as utility or rent payments, that appear in credit reports. Custom credit risk scores and models could go a step further by incorporating data from additional sources, such as internal data, even if they're designed in a traditional way. But AI-driven models can analyze vast amounts of information and uncover data points that are more highly predictive of risk. Less effective performance: Experian has found that applying machine learning models can increase accuracy and effectiveness, allowing lenders to make better decisions. When applied to credit decisioning, lenders see a Gini uplift of 60 to 70 percent compared to a traditional credit risk model.1 Leveraging machine learning-driven models to segment your universe From initial segmentation to sending right-sized offers, detecting fraud and managing collection efforts, organizations are already using machine learning throughout the customer life cycle. In fact, 79% are prioritizing the adoption of advanced analytics with AI and ML capabilities, while 65% believe that AI and ML provide their organization with a competitive advantage.2 While machine learning approaches to modeling aren't new, advances in computer science and computing power are unlocking new possibilities.3 Machine learning models can now quickly incorporate your internal data, alternative data, credit bureau data, credit attributes and other scores to give you a more accurate view of a consumer's creditworthiness. By more precisely scoring applicants, you can shrink the population in the middle of your score range, the segment of medium-risk applicants that are difficult to evaluate. You can then lower your high-end cutoff and raise your low-end cutoff, which may allow you to more confidently swap in good accounts (the applicants you turned down with other models that would have been good) and swap out bad accounts (those you would have approved who turned bad). Machine learning models may also be able to use additional types of data to score applicants who don't qualify for a score from traditional models. These applicants aren't necessarily riskier — there simply hasn't been a good way to understand the risk they present. Once you can make an accurate assessment, you can increase your lending universe by including this segment of previously "unscorable" consumers, which can drive revenue growth without additional risk. At the same time, you're helping expand financial inclusion to segments of the population that may otherwise struggle to access credit. READ MORE: Is Financial Inclusion Fueling Business Growth for Lenders? Connecting the model to a decision Even a machine learning model doesn't make decisions.4 The model estimates the creditworthiness of an applicant so lenders can make better-informed decisions. AI-driven credit decisioning software can take your parameters (such cutoff points) and the model's outputs to automatically approve or deny more applicants. Models that can more accurately segment and score populations will result in fewer applications going to manual review, which can save you money and improve your customers' experiences. CASE STUDY: Atlas Credit, a small-dollar lender, nearly doubled its loan approval rates while decreasing risk losses by up to 20 percent using a machine learning-powered model and increased automation. Concerns around explainability One of the primary concerns lenders have about machine learning models come from so-called “black box" models.5 Although these models may offer large lifts, you can't verify how they work internally. As a result, lenders can't explain why decisions are made to regulators or consumers — effectively making them unusable. While it's a valid concern, there are machine learning models that don't use a black box approach. The machine learning model doesn't build itself and it's not really “learning" on its own — that's where the black box would come in. Instead, developers can use machine learning techniques to create more efficient models that are explainable, don't have a disparate impact on protected classes and can generate reason codes that help consumers understand the outcomes. LEARN MORE: Explainability: Machine learning and artificial intelligence in credit decisioning Building and using machine learning models Organizations may lack the expertise and IT infrastructure required to develop or deploy machine learning models. But similar to how digital transformations in other parts of the business are leading companies to use outside cloud-based solutions, there are options that don't require in-house data scientists and developers. Experian's expert-guided options can help you create, test and use machine learning models and AI-driven automated decisioning; Ascend Intelligence Services™ Acquire: Our model development service allows you to prebuild and test the performance of a new model before Experian data scientists complete the model. It's collaborative, and you can upload internal data through the web portal and make comments or suggestions. The service periodically retrains your model to increase its effectiveness. Ascend Intelligence Services™ Pulse: Monitor, validate and challenge your existing models to ensure you're not missing out on potential improvements. The service includes a model health index and alerts, performance summary, automatic validations and stress-testing results. It can also automatically build challenger models and share the estimated lift and financial benefit of deployment. PowerCurve® Originations Essentials: Cloud-based decision engine software that you can use to make automated decisions that are tailored to your goals and needs. A machine learning approach to credit risk and AI-driven decisioning can help improve outcomes for borrowers and increase financial inclusion while reducing your overall costs. With a trusted and experienced partner, you'll also be able to back up your decisions with customizable and regulatorily-compliant reports. Learn more about our credit decisioning solutions. Learn more When we refer to "Alternative Credit Data," this refers to the use of alternative data and its appropriate use in consumer credit lending decisions as regulated by the Fair Credit Reporting Act (FCRA). Hence, the term "Expanded FCRA Data" may also apply in this instance and both can be used interchangeably.1Experian (2024). Improving Your Credit Risk Machine Learning Model Deployment2Experian and Forrester Research (2023). Raising the AI Bar3Experian (2022). Driving Growth During Economic Uncertainty with AI/ML Strategies4Ibid5Experian (2020). Explainability ML and AI in Credit Decisioning
This article was updated on March 4, 2024. If you steal an identity to commit fraud, your success is determined by how long it takes the victim to find out. That window gets shorter as businesses get better at knowing when and how to reach an identity owner when fraud is suspected. In response, frustrated fraudsters have been developing techniques to commit fraud that does not involve a real identity, giving them a longer run-time and a bigger payday. That's the idea behind synthetic identity (SID) fraud — one of the fastest-growing types of fraud. Defining synthetic identity fraud Organizations tend to have different definitions of synthetic identity fraud, as a synthetic identity will look different to the businesses it attacks. Some may see a new account that goes bad immediately, while others might see a longer tenured account fall delinquent and default. The qualifications of the synthetic identity also change over time, as the fraudster works to increase the identity’s appearance of legitimacy. In the end, there is no person to confirm that fraud has occurred, in the very best case, identifying a synthetic identity is inferred and verified. As a result, inconsistent reporting and categorization can make tracking and fighting SID fraud more difficult. To help create a more unified understanding and response to the issue, the Federal Reserve and 12 fraud experts worked together to develop a definition. In 2021, the Boston Federal Reserve published the result, “Synthetic identity fraud is the use of a combination of personally identifiable information to fabricate a person or entity to commit a dishonest act for personal or financial gain."1 To break down the definition, personally identifiable information (PII) can include: Primary PII: Such as a name, date of birth (DOB), Social Security number (SSN) or another government-issued identifier. When combined, these are generally unique to a person or entity. Secondary PII: Such as an address, email, phone number or device ID. These elements can help verify a person or entity's identity. Synthetic identities are created when fraudsters establish an identity from scratch using fake PII. Or they may combine real and fake PII (I.e., a stolen SSN with a fake name and DOB) to create a new identity. Additionally, fraudsters might steal and use someone's SSN to create an identity - children, the elderly and incarcerated people are popular targets because they don't commonly use credit.4 But any losses would still be tied to the SID rather than the victim. Exploring the Impact of SID fraud The most immediate and obvious impact of SID fraud is the fraud losses. Criminals may create a synthetic identity and spend months building up its credit profile, opening accounts and increasing credit limits. The identities and behaviors are constructed to look like legitimate borrowers, with some having a record of on-time payments. But once the fraudster decides to monetize the identity, they can apply for loans and max out credit cards before ‘busting out’ and disappearing with the money. Aite-Novaric Group estimates that SID fraud losses totaled $1.8 billion in 2020 and will increase to $2.94 billion in 2024.2 However, organizations that do not identify SIDs may classify a default as a credit loss rather than a fraud loss. By some estimates, synthetic identity fraud could account for up to 20 percent of loan and credit card charge-offs, meaning the annual charge-off losses in the U.S. could be closer to $11 billion.3 Additionally, organizations lose time and resources on collection efforts if they do not identify the SID fraud. Those estimates are only for unsecured U.S. credit products. But fraudsters use synthetic identities to take out secured loans, including auto loans. As part of schemes used to steal relief funds during the pandemic, criminals used synthetic identities to open demand deposit accounts to receive funds. These accounts can be used to launder money from other sources and commit peer-to-peer payment fraud. Deposit account holders are also a primary source of cross-marketing for some financial institutions. Criminals can take advantage of vulnerable onboarding processes for deposit accounts where there’s low risk to the institution and receive offers for lending products. Building a successful SID prevention strategy Having an effective SID prevention strategy is more crucial than ever for organizations. Aside from fraud losses, consumers listed identity theft as their top concern when conducting activities online. And while 92% of businesses have an identity verification strategy in place, 63% of consumers are "somewhat confident" or "not very confident" in businesses' ability to accurately identify them online. Read: Experian's 2023 Identity and Fraud Report Many traditional fraud models and identity verification methods are not designed to detect fake people. And even a step up to a phone call for verification isn't enough when the fraudster will be the one answering the phone. Criminals also quickly respond when organizations update their fraud detection methods by looking for less-protected targets. Fraudsters have even signed their SIDs up for social media accounts and apps with low verification hurdles to help their SIDs pass identity checks.5 Understand synthetic identity risks across the lifecycle Synthetic Identities are dynamic. When lending criteria is tightened to synthetics from opening new accounts, they simply come back when they can qualify. If waiting brings a higher credit line, they’ll wait. It’s important to recognize that synthetic identity isn’t a new account or a portfolio management problem - it’s both. Use analytics that are tailored to synthetic identity Many of our customers in the financial services space have been trying to solve synthetic identity fraud with credit data. There’s a false sense of security when criteria is tightened and losses go down—but the losses that are being impacted tend to not be related to credit. A better approach to synthetic ID fraud leverages a larger pool of data to assess behaviors and data linkages that are not contained in traditional credit data. You can then escalate suspicious accounts to require additional reviews, such as screening through the Social Security Administration's Electronic Consent Based SSN Verification (eCBSV) system or more stringent document verification. Find a trusted partner Experian's interconnected data and analytics platforms offer lenders turnkey identity and synthetic identity fraud solutions. In addition, lenders can take advantage of the risk management system and continuous monitoring to look for signs of SIDs and fraudulent activity, which is important for flagging accounts after opening. These tools can also help lenders identify and prevent other common forms of fraud, including account takeovers, e-commerce fraud, child identity theft fraud and elderly fraud. Learn more about our synthetic identity fraud solutions. Learn more 1Federal Reserve Bank (2021). Defining Synthetic Identity Fraud 2Aite Novarica (2022). Synthetic Identity Fraud: Solution Providers Shining Light into the Darkness 3Experian (2022). Preventing synthetic identity fraud 4The Federal Reserve (2022). Synthetic Identity Fraud: What Is it and Why You Should Care? 5Experian (2022). Preventing synthetic identity fraud