Digital Technology

As we approach the one-year anniversary of the EMV liability shift, we have seen an increase in e-commerce fraud — to the tune of 15% higher than last year. Additional insights from Experian’s biannual analysis on e-commerce fraud include: 44% of e-commerce billing fraud came from Florida, California and New York* 52% of e-commerce shipping fraud came from Florida, New York and California* Miami, Fla., is the most dangerous city in the United States for e-commerce merchants* As fraudsters continue to perpetrate card-not-present fraud, ensure you are prepared. You’ll be thankful if fraudsters come calling. >> E-commerce Attack Rates

Historically, the introduction of EMV chip technology has resulted in a significant drop in card-present fraud, but a spike in card-not-present (CNP) fraud. CNP fraud accounts for 60% to 70% of all card fraud in many countries and is increasing. Merchants and card issuers in the United States likely will see a rise in CNP fraud as EMV migration occurs — although it may be more gradual as issuers and merchants upgrade to chip-based cards. As fraud continues to evolve, so too should your fraud-prevention strategies. Make a commitment to stay abreast of the latest fraud trends and implement sophisticated, cross-channel fraud-prevention strategies. >>Protecting Growth Ambitions Against Rising Fraud Threats

Experian conducted a joint-survey that uncovered insights into the topic of conversational commerce and voice assistants. The survey audience constituted nearly 1300 smartphone users of smart voice assistant tools. The survey asked about most requested tasks and general consumer satisfaction with the voice-recognition capabilities of Amazon's Alexa relative to other smart voice assistants such as Siri and Google.

Did you know that identities can shift (for better or worse) in just 30 days? To succeed in today’s multichannel, mobile environment, businesses must have a broader, more dynamic identity management strategy that includes: Identity proofing: Point-in-time verification (e.g., account opening) Authentication: Ongoing verification (e.g., account login) Identity management: Continual monitoring throughout the Customer Life Cycle Minimize your identity fraud risk, increase customer engagement and provide a satisfying customer experience by shifting to a strategy focused on identity relationship management. >>The three pillars of identity relationship management  

Fraudsters invited into bank branches The days of sending an invitation in the mail have for the most part gone by the wayside. Aside from special invitations for weddings and milestone anniversaries, electronic and email invitations have become the norm. However, one major party planner has refused to change practices — banks inviting fraudsters into their banking centers. As a fraud consultant I have the privilege of meeting many banking professionals, and I hear the same issues and struggles over and over again. It’s clear that the rapid increase of fraudulent account-opening applications are top of mind to many. What the executives making policy don’t realize is they’re facing fraud because they’re literally inviting the fraudsters into their branches. Think I’m exaggerating? Let me explain. I often encounter bank policymakers who explain their practice of directing a suspicious person into a banking center. Yes, many banks still direct applicants who cannot be properly verified over the phone or online into their banking center to show proof of identity. Directing or inviting criminals into your bank instead of trying to keep them out is an outdated, high-risk practice — what good can possibly come of it? The argument I typically hear from non-fraud banking professionals: “The bad guys know that if they come into the bank we will have them on film.” Other arguments include that the bad guys are not typically bold enough to actually come into the banking center or that their physical security guards monitor high-traffic banking centers. But often that is where bank policies and employee training ends. Based on my years of experience dealing with banks of all sizes, from the top three global card issuers to small regional banks, let me poke a few holes in the theory that it is a good deterrent to invite perpetrators into your banking center. Let’s role-play how my conversation goes: Me: “When an underwriter with limited fraud training making the decision to direct a suspicious applicant into a banking center, what is the policy criteria to do so?” Bank policymaker: (typical response) “What do you mean?” Me: “What high-risk authentication was used by the underwriter to make the decision to extend an invitation to a high-risk applicant to come into the banking center? If the applicant failed your high-risk authentication questions and you were not able to properly identify them, what authentication tools do the branch managers have that the underwriters do not?” Bank: “Nothing, but they can usually tell when someone is nervous or seems suspicious.” Me: “Then what training do they receive to identify suspicious behaviors?” (You guessed it …) Bank: “None.” (I then switch to the importance of customer experience.) Me: “How do you notify the banking center in advance that the suspicious applicant was invited to come in to provide additional verification?” Bank: “We do not have a policy to notify the banking center in advance.” Me: “What is considered acceptable documentation? And are banking center employees trained on how to review utility statements, state ID cards, drivers’ licenses or other accepted media?“ Bank: “We do not have a list of acceptable documentation that can be used for verification; it is up to the discretion of the banking center representative.” Me: “How do you ensure the physical safety of your employees and customers when you knowingly invite fraudsters and criminals into your banking center? How do you turn down or ask the suspicious person to leave because they do not have sufficient documentation to move forward with the original application for credit? If a suspicious person provides your employee with a possible stolen identification card, is that employee expected to keep it and notify police or return it to the applicant? Are employees expected to make a photocopy of the documentation provided?” The response that I usually receive is, “I am not really sure.” I hope by now you are seeing the risk of these types of outdated practices on suspicious credit applications. The fact is that technology has allowed criminals to make fairly convincing identification at a very low cost. If employees in banking centers are not equipped, properly trained, and well-documented procedures do not exist in your fraud program — perhaps it’s time to reconsider the practice or seek the advice of industry experts. I have spent two decades trying to keep bad guys out of banks, but I can’t help but wonder — why do some still send open invitations to criminals to come visit their bank? If you are not yet ready to stop this type of bad behavior, at the very least you must develop comprehensive end-to-end policies to properly handle such events. This fraud prevention tactic to invite perpetrators into banks was adopted long before the age of real-time decisions, robust fraud scores, big data, decision analytics, knowledge-based authentication, one-time passcodes, mobile banking and biometrics. The world we bank in has changed dramatically in the past five years; customers expect more and tolerate less. If a seamless customer experience and reducing account-opening and first-party fraud are part of your strategic plan, then it is time to consider Experian fraud solutions and consulting.

Experian’s annual global fraud report reveals trends that can help organizations mitigate fraud and improve the customer experience: Apply the right-sized fraud solutions to reduce unnecessary customer disruption Ensure you have a universal consumer view Select fraud solutions that are future-proof As fraudsters evolve, losses are climbing and the status quo is no longer effective. Organizations should be as forward-looking in fighting fraud as they are in business operations and marketing. >> Global Business Trends: Protecting Growth Ambitions Against Rising Fraud Threats

In an attempt to stay ahead of fraud, systems have become more complex, more expensive and even more difficult to manage, leading to more friction for customers. How extensive is this impact? 30% of online customers are interrupted to catch one fraudulent attempt One in 10 new applicants may be an imposter using breached data $40 billion of legitimate customer sales are declined annually Businesses must continue their efforts to protect all parties’ interests if they are to thrive in this new world of rapid technological growth. >> Infographic: Global fraud trends

We are excited to announce that Experian Fraud and Identity Solutions is presenting at FinovateFall 2016!  Finovate conferences showcase cutting-edge banking and financial technology in a unique demo-only format. Held twice a year, the conferences bring together the leaders from top financial institutions, fintech companies, investors from around the globe, and fintech media to share and promote the most innovative financial technology solutions. "Experian’s Fraud and Identity Solutions is a leader in customer-centric identity and fraud solutions, providing fraud management solutions to some of the world’s largest brands in financial services, insurance, and retail," said Adam Fingersh, general manager and senior vice president of Fraud and Identity Solutions in North America. "We will introduce our Fraud and Identity Solutions and promote our newly released CrossCore platform. CrossCore puts more control in the hands of fraud teams to adapt and deploy strategies that keep up with the pace of fraud while reducing burdens on IT and data science teams." Fingersh and John Sarreal, senior director of Fraud and Identity product management at Experian, are presenting the 7-minute demo focusing on the key CrossCore capabilities, and how CrossCore manages fraud and identity services through its flexible API; open, plug-and-play platform; and powerful workflow and strategy design capabilities. In Forrester’s 2016 “Vendor Landscape: Mobile Fraud Management”, Experian Fraud and Identity Solutions was cited as having the most capabilities and one of the highest estimated revenues in total fraud management in the market, between $200 million and $250 million. Join us for the event on September 8-9 in New York. Experian also has an exclusive 20% off discount code (Experian20FF16) to get even more savings! For more information on the event or to view videos of previous demos, please visit finovate.com.

Many fraud and compliance teams are struggling to keep pace with new business dynamics. Here are several of the many mobile device trends affecting business today: 35% year-over-year growth in mobile commerce from 2014-2015 Value of mobile payment transactions is forecasted to reach more than $27 billion in 2016 45% of smartphone owners use a mobile device to make a purchase every month This rapid growth only reinforces the need for aggressive fraud prevention strategies and the adoption of new technologies to prepare for the latest emerging cybersecurity threats. >> Forrester's 2016 Vendor Landscape: Mobile Fraud Management Solutions Report

Is the speed of fraud threatening your business? Like many other fraud and compliance teams, your teams may be struggling to keep up with new business dynamics. The following trends are changing the way consumers do business with you: 35 percent year-over-year growth in mobile commerce More than $27 billion forecasted value of mobile payment transactions in 2016 45 percent of smartphone owners using a mobile device to make a purchase every month More than 1 billion mobile phone owners will use their devices for banking purposes by the end of 2015 In an attempt to stay ahead of fraud, systems have become more complex, more expensive and even more difficult to manage, leading to more friction for your customers. How extensive is this impact? 30 percent of online customers are interrupted to catch one fraudulent attempt One in 10 new applicants may be an imposter using breached data $40 billion of legitimate customer sales are declined annually because of tight rules, processes, etc. This rapid growth only reinforces the need for aggressive fraud prevention strategies and adoption of new technologies to prepare for the latest emerging cybersecurity threats. Businesses must continue their efforts to protect all parties’ interests. Fraudsters have what they need to be flexible and quick. So why shouldn’t businesses? Introducing CrossCore™, the first smart plug-and-play platform for fraud and identity services. CrossCore uses a single access point to integrate technology from different providers to address different dangers. When all your fraud and identity solutions work together through a single application program interface, you reduce friction and false positives — meaning more growth for your business. View our recent infographic on global fraud trends

Every day, millions of new things get connected online, such as toasters, heart monitors and cars. Many of these things have weak security controls that create vulnerabilities in critical private networks. As more products get connected, the casual mindset about the security risks inherent in the Internet of Things must begin to change. Here are 12 tips to help safeguard your systems from the Internet of Things. >> Securing the Internet of Things

Experian cited in Mobile Fraud Management Solutions report from Forrester as having the most capabilities and one of the highest estimated revenues in total fraud management

Experian consultant offers his recap from attending a half-day event hosted at The White House called the “FinTech Summit” largely focused on how government agencies can tap into the innovation, in which new firms are offering small-business owners and consumers faster forms of loans and digital payments. Federal regulators have been studying the industry to determine how it can be regulated while still encouraging innovation.

Industry’s first smart plug-and-play fraud platform allows companies to connect their own solutions, Experian products and third-party vendors in one place to better protect their customers from fraud threats Experian unveiled the fraud and identity industry’s first open platform designed to catch fraud faster, improve compliance and enhance the customer experience. Experian’s CrossCore™ gives companies an easier way to connect any new or existing tools and systems in one place, whether they are Experian, internal or third-party partner solutions. This “plug-and-play” capability allows companies to rapidly adapt to changing conditions and risks. “Our clients have expressed frustration over the lack of a truly holistic industry solution that delivers the level of confidence and control they need without requiring a massive multiyear project to replace everything they have,” said Steve Platt, global executive vice president, Fraud and Identity, Experian. “New fraud threats, updates to regulatory requirements and customer expectations for a hassle-free experience are making it challenging for fraud and compliance teams to keep up. CrossCore will give them the flexibility they need to balance customer protection with customer experience.” The CrossCore open platform enables organizations to manage services through a common access point that supports a layered approach to managing risks across providers. CrossCore includes powerful workflow and strategy design capabilities that allow fraud and compliance teams to create and adapt strategies based on evolving threats and business needs. This helps them to respond more quickly and reduces the burden on IT. Fraud and compliance teams must constantly respond to new fraud threats and changing regulatory requirements by implementing new tools on top of existing solutions. “A layered approach is imperative, because fraudsters can break through each layer individually, but they will face greater barriers with each additional layer imposed,” said Avivah Litan, vice president and distinguished analyst, Security and Privacy, of Gartner.[1] Over time, as layers have been added and fortified, systems have become increasingly complex, expensive to integrate and difficult to manage, often increasing customer friction. A key feature of the CrossCore fraud platform is the ease of integration with third-party partner solutions. At launch, CrossCore will support fraud and identity services provided by third-party partners, including Acxiom® (Identity Solutions), TeleSign and many others already integrated with Experian solutions, with more being added to the platform. Previously, integrating third-party solutions required tremendous time and effort, which often challenged in-house teams to execute in a timely, efficient manner. Through CrossCore, the responsibility of integrating additional tools and systems moves away from those teams to the platform itself, enabling clients to select best-in-class solutions from multiple providers without creating a strain on resources. Al Pascual, senior vice president, research director and head of fraud & security for Javelin, said, “There are so many great niche solutions to work with, and new ones come out almost every day. To really have a world-class approach, the client has to put all those little things together, because there never will be one vendor who does it all. The market challenge is about how to make it faster and easier to bring things together to enable a more dynamic and fluid approach to managing risk.” CrossCore features Common access through a flexible API connects disparate systems to improve risk controls while reducing integration cost and complexity An open approach enables clients to connect and optimize a portfolio of best-in-class solutions across Experian, third-party services and existing systems Powerful strategy design and workflow decisioning functions enable fraud and compliance teams to apply services in any combination to get the level of confidence required A modern Software as a Service (SaaS) architecture provides scalability and the ability to make strategy changes dynamically with no down time Experian, which offers fraud and identity services in more than 44 countries, developed CrossCore to address the widespread market need consistently expressed by its clients for a faster, easier way to get more out of their existing systems and add new tools to improve their customers’ experience while minimizing risk. Companies can begin accessing CrossCore immediately, with the ability to turn on Experian services through a single integration, connect their own fraud and identity capabilities with a common API and turn on new services as they are added. The initial release includes key Experian products: FraudNet for Account Opening; Hunter®, for application fraud detection; Prove-ID, for international identity verification; and Precise ID®, for U.S. identity verification, including knowledge-based authentication. (KBA). Third-party fraud and identity service providers can engage with CrossCore to connect their services. “Now, companies can implement a new approach to managing fraud and identity services — one that will give them greater control over their risk exposure and enable them to provide a safer and more enjoyable experience for their customers,” added Platt. Learn more about CrossCore at https://www.experian.com/crosscore [1]Gartner, Identity Proofing Revisited as Data Confidentiality Dies, Avivah Litan, Dec. 12, 2013; last reviewed on April 28, 2015  

Last week we had the pleasure of joining more than 400 clients at the 35th annual Vision Conference — connecting business leaders to ideas and solutions. Over the next few weeks, we’ll be sharing some insights from our fraud and identity dedicated session track. I had the pleasure of presenting alongside the U.S. Secret Service, and we had a packed session to discuss the Dark Web — what it is, how it’s accessed, how criminals are exploiting it to commit fraud and the human impact of the massive global cybercrime problem. According to McAfee®, cybercrime represents a $500 billion cost to the global economy — and that’s projected to rise to $600 billion this year, outpacing any other form of crime. With the Internet economy generating between $2 trillion and $3 trillion annually, that means cybercrime is extracting roughly 15 to 20 percent of the entire value created by the Internet. This is a massive problem, and it’s not going away. Unfortunately, there are countless tools and services to commit fraud available on the Web, providing attackers with the cloak of anonymity they need to compromise accounts, mimic legitimate users and submit fraudulent transactions. Device intelligence helps unmask these activities. It is a critical component to defend against the threat, and it provides insight into every interaction throughout a typical customer journey (from account setup to login and account maintenance to transactions). Without this visibility into users’ historical behavior and typical population patterns, organizations often have limited options to target attackers and identify anomalous behaviors. This is key to a successful cybercrime detection and mitigation strategy. Another important point in the session regarded recent law enforcement and private industry successes in identifying, tracking, apprehending and prosecuting online attackers. We thankfully have made significant strides in this area, as evidenced by the work of the Secret Service and other law enforcement organizations, but the collaboration must continue — and intensify. As mentioned in a CNBC story published on the same day as our presentation, the Dark Web is an increasingly mainstream source for everything from financial crime to drug trade and human trafficking. Unfortunately, most businesses are in the dark about the growing criminal underground, but Experian can help. With proper fraud expertise and innovative tools to defend against these ever-evolving threats, organizations can uncloak the attackers and safeguard the business.