Tag: fraud prevention

When a data breach occurs, it can have a ripple effect on your business, your employees, and your customers. Depending on the severity of the breach, large volumes of personally identifiable information – such as email addresses, birth dates, passwords, social security numbers, etc. – may fall into the hands of unauthorized people who intend to exploit that information for personal gain. While data breaches are difficult to predict, you can take proactive steps to ensure that your business and your customers are well equipped to respond quickly and drive faster resolution. Create a plan The average cost of a data breach in 2023 is $4.45 million, a 15% increase from 2020[1]. This is a considerable loss that can be devastating to a business of any size. The best strategy to mitigate this kind of loss is to be prepared with a data breach response plan. If your business experiences a data breach and you’re unprepared for it, the losses you and your customers incur can be much more serious, and the damage to your company’s bottom line and reputation can last much longer than necessary. By establishing a data breach response plan, you can limit the downside potential of an attack and considerably shorten the recovery time. This can help your business and your customers return to good standing as soon as possible. Arm your team with knowledge The IT department is no longer the only line of defense against cyberattack or data breaches. Many hackers will try to illegally obtain sensitive information from front line or associate level employees using a variety of methods like phishing, ransomware, or social engineering. This puts the responsibility of protecting company data on every employee, not just on the cybersecurity team. This is why it’s important to educate all of your employees on how to recognize potential threats of a data breach. With this knowledge, they can work collectively to keep consumers’ data safe and secure. Address your customers’ concerns effectively If a data breach happens to your business, it’s crucial to notify your customers as soon as possible. Not only should you alert them of the breach, but you should also have a protocol in place to provide up-to-date information, helpful resources, and reassurance. Whether through email, in-app notifications, or call center agents, your customer response process should include clear, frequent, and timely communication throughout the duration of the breach. Keeping your customers informed and at ease during a breach will encourage them to remain calm and feel confident to continue doing business with you. Data breaches and cyberattacks are unpredictable and can have unforeseen, long-lasting negative effects on small, medium, and large businesses alike. But if you have a solid plan, keep your employees knowledgeable about potential threats, and provide useful, timely information to your customers, you can minimize the damage of any breach on your organization. Visit our website for more information about our offerings and how Experian can help you prepare and respond to data breaches. [1]IBM. Cost of a Data Breach Report 2023.

Written by: Mihail Blagoev As there is talk about the global economy potentially heading into a recession, while some suggest that it has already started, there is an expectation that many of the world's countries will see their economic output decline in the next couple of months or a year. Among the negative trends that can occur during a recession are companies making fewer sales and people losing their jobs. Unfortunately, just like any other economic crisis, fraud is expected to go in the opposite direction as criminals continue finding innovative ways to attack consumers when they’re most vulnerable. There is also a concern that first-party fraud attempts might rise as genuine consumers are pushed over the edge by inflation and economic uncertainty. With that in mind, here are six fraud trends that are likely to happen during a recession: Fraudsters exploiting the vulnerable  It is well-documented that fraudsters found numerous ways to exploit the vulnerable during the pandemic. Unfortunately, this is expected to happen again in the coming months. As the cost of living rises, criminals will try to use that in their favor by looking for people who can't pay their utility bills or can't afford the price of gas or even food. Fraudsters will try to exploit that by offering them deals, discounts, refunds, or just about anything that will make people believe they are paying less for something that has increased in value or is out of reach at its normal price. Fraudsters have two main goals behind these tactics – stealing personal information to use in other crimes or gaining immediate financial benefits. Although their tactics are well-known – applying pressure on their victims to make quick decisions or offering them something that sounds like a great deal, but in truth, it isn't – that won't prevent them from trying. These scams show that, unlike in other industries, criminals do not rely on high success rates to achieve their goals. All they need is one or two victims out of every few hundred to fall for their schemes. Loan origination fraud Periods of financial instability often result in an increase in first-party fraud, among others. This could take many forms, and there is a possibility for an increase in fraudulent loan applications by genuine consumers to be among the most popular ones. In this type of fraud, bad actors lie on registration forms or applications to gain access to funds they wouldn't normally receive if they added their real information. That could be done by lying about their income and employment information, usually inflating their salaries, extending the amount of time they worked for a certain company, or simply adding a company they have never worked for. Other popular forgeries include anything from supplying fake phone numbers and addresses to providing fake bank statements and utility bills. Money mules Recessions can result in layoffs or people looking for work not being able to find any. That's another opportunity for fraudsters to exploit the vulnerable by offering them “jobs.” This could be achieved by posting job ads on real employment websites or social media. Once recruited, people are asked to open new bank accounts or use their previously opened accounts to transfer funds to accounts that are in the possession of criminals. In the end, the funds get laundered, while the genuine account holder receives a fee for the service. People of all ages are a possible target, but this is especially true for younger generations who often don't understand the consequences of their activities.  Friendly fraud Another type of first-party fraud that could go up as a result of the increased economic pressures could be friendly fraud. In this type of fraud that mostly affects the retail industry, consumers charge back genuine payments made by them in order to end up with both the product purchased and the funds for it back in their possession. They could then keep the product or quickly resell it for less than its original value. Luxury goods and electronics could be especially attractive for this type of fraud. Claiming non-deliveries or transactions not being recognized could be among the top reasons used for charging back the transactions. Investment fraud During times of economic hardship, people are often looking for ways to keep their savings from getting eaten by inflation. Investments in property could be one solution, but as it is not affordable for everyone, people are also looking for other ways to invest their money. While this isn’t exactly a vulnerability, it is something that criminals are looking to exploit greatly. They usually reach out to potential victims through social media while also presenting them with fake websites that mimic those by real investors. The opportunities being offered can range from cryptocurrency to various schemes and products that don’t exist or are worthless. However, after the criminals obtain possession of the funds, they discontinue their contact with the victims. Fake goods While this shouldn't happen to the same extent that was seen in 2020, there is a chance that some goods might disappear from certain markets. There could be a variety of reasons for that, from companies limiting their production or going out of business due to inability to pay their bills or shortage in sales to issues with supply chains due to the high gas and oil prices. Expect fraudsters to be the first to move in if there are shortages and start offering fake products or goods that will never arrive.  It is still difficult to measure if or when a recession will hit each corner of the world or how long it will take for the next phase in the financial cycle to begin. However, one thing that is certain is that the longer it takes the economy to settle, the more opportunities criminals will have to benefit from their schemes and come up with new ways to defraud people. Businesses should monitor the fraud environment around them closely and be ready to adjust their fraud management strategies quickly. They should also understand the complexity of the problems in front of them and that they will likely need a mixture of capabilities to sort them out while keeping their customer base happy. This is where fraud orchestration platforms could help by offering the needed solutions to solve multiple fraud issues and the flexibility to turn any of these tools on and off when needed. Contact us

External fraud generally results from deceptive activity intended to produce financial gain that is carried out by an individual, a group of people or an entire organization. Fraudsters may prey on any organization or individual, regardless of the size or nature of their activities. The tactics used are becoming increasingly sophisticated, requiring a multilayered fraud mitigation strategy. Fraud mitigation involves using tools to reduce the frequency or severity of these risks, ultimately protecting the bottom line and the future of the organization. Fraud impacts the bottom line and so much more According to the Federal Trade Commission, consumers reported losing more than $10 billion to fraud in 2023, a 14% increase over the previous year and the highest dollar amount ever reported. These costs extend beyond the face value of the theft to include fees and interest incurred, fines and legal fees, labor and investigation costs and external recovery expenses. Aside from dollar losses and direct costs, fraud can also pose legal risks that lead to fines and other legal actions and diminish credibility with regulators. Word of deceptive activities can also create risk for the brand and reputation. These factors can, in turn, result in a loss of market confidence, making it difficult to retain clients and engage new business. Leveraging fraud mitigation best practices As the future unfolds, three things are fairly certain: 1) The future is likely to bring more technological advances and, thereby, new ways of working and creating. 2) Fraudsters will continue to look for ways to exploit those opportunities. 3) The future is here, today. Organizations that want to remain competitive in the digital economy should make fraud mitigation and prevention an integral part of their operational strategy. Assess the risk environment While enhancing revenue opportunities, the global digital economy has increased the complexity of risk management. Be aware of situations that require people to enforce fraud risk policies. While informed, experienced people are powerful resources, it is important to automate routine decisions where you can and leverage people on the most challenging cases. It is also critical to consider that not every fraud risk aligns directly to losses. Consider touchpoints where information can be exposed that will later be used to commit fraud. Information that crooks attempt to glean from idle chatter during a customer service call can be a source of unexpected vulnerability. These activities can benefit from greater transparency and automated oversight. Create a tactical plan to prevent and handle fraud Leverage analytics wherever possible to streamline decisions and choose the right level of friction that’s appropriate for the risk, and palatable for good customers. Consumers and small businesses have come to expect a customized and frictionless experience. Employee productivity, and ultimately revenue growth, requires the ability to operate with speed and informed confidence. A viable fraud mitigation strategy should incorporate these goals seamlessly with operational objectives. If not, prevention and mitigation controls may be sidelined to get legitimate business done, creating inroads for fraudsters. Look for a partner who can apply the right friction to situations depending on your risk appetite and use existing data (including your internal data and their own data resources) to better identify individual consumers. This identification process can actually smooth the way for known consumers while providing the right protection against fraudsters and giving consumers who are new to your organization a sense of safety and security when logging in for the first time. It's equally important that everyone in your organization is working together to prevent fraud. Establish and document best practices and controls, beginning with fostering a workplace culture in which fraud mitigation is part of everyone's job. Empower and train all staff to identify and report suspicious activity and ensure they know how to raise concerns. Consider implementing ways to encourage open and swift communication, such as anonymous or confidential reporting channels. Stay vigilant and tap into resources for managing risks It is likely impossible to think of every threat your organization might face. Instead, think of fraud mitigation as an ongoing process to identify and isolate any suspected fraud fast — before the activity can develop into a major threat to the bottom line — and manage any fallout. Incorporating technology and robust data collection can fortify governance best practices. Technology can also help you perform the due diligence faster, ensuring compliance with Know Your Customer (KYC) and other regulations. As necessary, work with risk assessment consultants to get an objective, experienced view.  Learn more about fraud risk mitigation and fraud prevention services. Learn more  

Between social unrest across the globe, the lingering pandemic, and the digital transformation brought on by the health crisis, the fraud landscape has expanded dramatically for businesses and consumers alike. According to Experian’s latest global identity and fraud report, 93% of U.S. companies have mid-to-high concern for fraud, and 81% say that their worries about fraud have increased over the past 12 months. Monitoring unused or dormant accounts for fraud is often a warning directed at consumers. However, it’s now advice an increasing number of businesses are wishing they’d followed, as growing synthetic identity (SID) fraud is fueling a dramatic increase in losses—SID related charge-offs ballooned to $20 billion in 2021 alone, according to the Federal Reserve Bank of Boston. The threat of SIDs SIDs are made to look like an actual consumer, combining both real and fake data to form a new composite identity. They typically evolve using a combination of tactics that include: Identifying and creating relationships with businesses that have a high tolerance for identity discrepancies. These include businesses whose products expose the business to low fraud risk and/or products offered to market segments where identity verification is expected to be challenging. Either of these enable an SID to be planted among consumer data sources. Attaching the SID to existing accounts and relationships that belong to other consumers. Often these existing accounts were established by collusive criminals or by using other SIDs, but there are also ways for legitimate consumers to collect ‘rent’ in exchange for adding other consumers to existing accounts. Either approach improves the SID’s appearance of credit worthiness. Progressively building the SID’s independent ability to access larger and larger amounts of credit until they spend quickly and default on all obligations, leaving no one for the victimized businesses to pursue. “They’re difficult to identify because of the combination of real and fake data and because there’s no actual victim reporting an identity theft. As a result, businesses typically have trouble separating SID losses from credit losses,” said Chris Ryan, Experian’s go-to-market lead for fraud and identity. “SID fraud isn’t committed haphazardly.  It’s carefully planned and executed—and it adapts to policy changes. Some businesses change their underwriting policy or focus on early-lifecycle account activity like purchases, payments, and requests for additional credit to reduce SID losses that occur immediately after an account is opened. SIDs can adapt to this. If six months of responsible account behavior earns a credit line increase or the ability to spend large amounts in a single billing cycle, the perpetrators are willing to wait,” Ryan said. “It’s something businesses and lenders need to be on guard for, especially with the fast-paced holiday shopping season ahead,” he said. Addressing SIDs Solving the increasingly complex problem of SID fraud requires a thoughtful approach. The institutions seeing success at preventing multi-faceted fraud are using a layered approach to identifying and mitigating fraud. Here are three steps lenders can take today to prevent SID fraud across your portfolio: Use data and analytics that extend beyond credit to evaluate identities and their histories more completely. Apply those analytics across the lifecycle from marketing and origination to portfolio management recognizing that SID risk is not restricted to a single lifecycle stage. Have a rigorous verification process that escalates to document verification or the Social Security Administrations Electronic Consent Based SSN Verification (eCBSV) process For more information on how you can leverage a multi-layered approach to fraud in your business, visit our fraud and identity solutions hub or request a call to discuss customizing a solution for your company.

Online transactions face a higher chance of being declined because face-to-face transactions come with a higher degree of confidence. Businesses who fail to address this problem run the risk of losing the customer permanently, damaging their reputation and bottom line. What can e-commerce marketplace merchants do to increase the approval rate of online payments without making fraud worse? Here are three tips: 1. Broaden access to data beyond what’s in the authorization stream. Merchants use a variety of solutions to prevent fraud and verify identities, but typically use very limited data to approve a transaction through the authorization stream between a merchant and issuer. The issuing bank often only compares the purchase data to the address listed on the card owner’s account, which can create discrepancies when a customer is trying to send an order to an alternate address from their primary home. That’s why it’s important for merchants to augment their decisioning with additional data sources to help inform the true customer risk profile. 2. Leverage capabilities that can assess risk for both the transaction and the individual behind it. Today, merchants leverage limited data including email address data, device information and other technologies in silos to augment their address verification capabilities. The challenge with these tools is that each judge the risk of a specific component of the transaction or the individual. Where integration is lacking, false positives are amplified. 3. Collaborate and share expertise and data across merchants and issuers. How can Experian help? Leveraging our multidimensional data, technical expertise and advanced analytics capabilities, we can help businesses frictionlessly authenticate valid customers, thus increasing revenue by increased approval rates, without increasing fraud or operating expenses. Only Experian Link™, our frictionless credit card owner verification solution can associate payment card with its owner. This solution combines Experian’s vast data assets – including over 500 million credit card account numbers on file in the U.S. across 250 million consumers – with our advanced analytics capabilities to match and assess the risk of the identity attributes presented to the merchant to the identity attributes contributed by the credit card’s issuer and to Experian’s network of credit and identity inquiries. The result: Experian Link’s patent-pending REST API simply and frictionlessly improves a merchant’s customer experience and helps increase revenue while reducing their fraud and operating expenses. Get started with Experian Link™ now. Experian Link

Experian recently attended Fintech Nexus USA, formally known as LendIt Fintech USA, the leading event for innovation in financial services. The event was held at the Javits Center in New York City on May 25-26. This year’s event housed over 4,000 attendees, 350 speakers and 225 sponsors. Experian was a proud platinum sponsor and participated in two expert sessions. Day one Gasan Awad, Product Management Vice President for Experian Fraud and Analytics, led the session, “Frictionless Fraud Prevention: Fintech’s Balancing Act.” Gasan was joined by Ibo Dusi, Chief Risk Officer for Revolut, and Ashish Gupta, Chief Risk Officer for LendingPoint, to discuss the growing fraud landscape. “ Fraud is not slowing down; it is getting more complex as customers continue to grow their online and digital usage.” Gasan Award There has been $56 billion in identity fraud losses since 2020, $13 billion stemmed from traditional identity fraud and $43 billion from identity fraud scams. 53% of consumers say security is the most important aspect of their online experience. During the session, our experts delved into important questions, including: What fraud and identity-proofing strategies should you consider to prevent sophisticated attacks and balance ease of interactions? How do you detect fraudsters without disrupting the customer experience? Want more insight? Access the discussion here. Learn more about how Experian supports fintechs by visiting our fintech resources page, and how we’re helping businesses of all types stay guarded against fraud with our fraud prevention solutions. Day two Greg Wright, Executive Vice President and Chief Product Officer for Experian, joined Afterpay, Sunbit and Jifiti in the session, “Reconciling Responsible Buy Now Pay Later (BNPL) with the Need for Access.”   BNPL industry fast facts: Last year in the U.S., 45 million Americans used BNPL. The number of U.S. users has grown 300% since 2018. Spending in the U.S. was $20.8B in 2021 and is forecasted to grow globally to $1T by 2025. Real-time data is critical for the BNPL industry. Greg provided insight into what Experian is doing to incorporate BNPL data into the lending ecosystem. Through The Buy Now Pay Later Bureau™, Experian plans to bring transparency to the BNPL and financial services industries. We are currently working with large BNPLs to support data furnishing of BNPL tradelines to the new bureau.     “We figured out a way to work with the BNPL clients to bring BNPL data into the lending ecosystem to where it does not have an immediate impact on your credit score just because you chose to use a BNPL option rather than a credit card,” said Greg Wright.      Typical lending risk models limit the accessibility of financing, but the nature of BNPL dictates that merchants and consumers need instant decision-making. Experian's response to the BNPL finance method is a consumer-friendly solution that supports end-to-end credit risk insights and point-of-sale financing solutions that do not fit into mainstream credit processes and aren’t adequately handled by traditional credit scores. This one-of-a-kind specialty bureau allows consumers to benefit from successful repayment behaviors and lenders of all types to drive more inclusive and responsible practices. Additionally, Experian has plans to make BNPL data visible on the core consumer credit profile. Ready to learn more? Access the discussion here. Discover how you can bring transparency to the industry with The Buy Now Pay Later Bureau and power innovative fintech lending solutions. Fintech resources The Buy Now Pay Later Bureau

Rewards are among the most appealing features of any credit card. While upfront benefits, like sign-up bonuses and cashback, are most influential in card acquisition, ancillary benefits, like fraud and identity protection, can amplify a card’s overall value.1 Credit card fraud ranked as the second most common form of identity theft in 2021,2 and is expected to become even more frequent as consumers continue to bank and shop online.3 42% of consumers are concerned for the safety of their banking and shopping transactions. With digital identity theft and fraud on the rise, it’s no surprise that safety measures are “very” or “extremely” important to consumers when deciding between different credit cards.4 In response, many card issuers have started to market their security and protection-related benefits more frequently to better capitalize on their cards’ value to consumers. The ways they’ve highlighted these benefits include: A fraud protection campaign From spotlighting their fraud protection benefits in card welcome kits to providing privacy tips on social media, credit card issuers have crafted compelling campaigns to demonstrate their commitment to protecting their customers from fraud and identity theft. In turn, issuers can differentiate their cards from the competition and improve response rates. Reminders about their fraud prevention efforts Issuers have also sent out ongoing reminders outlining the protections their credit cards offer, such as credit monitoring services 5 that notify cardholders of suspicious activity on their credit report. By consistently promoting their efforts to keep their customers’ accounts and data safe, issuers can earn their cardholders’ trust, build loyalty and drive card usage. While benefits like cashback and travel points can help with card acquisition, fraud and identity protection benefits can help drive long-term customer relationships, especially now that card fraud is becoming a growing concern.6 To learn more about how businesses have worked to meet the consumer demand for secure interactions, check out our 2021 Global Identity and Fraud Report. Learn more 1Jonathan O'Connor. "Most Consumers Aren't Aware of Their Credit Cards' Ancillary Benefits. How Does This Impact Card Acquisition and Usage?" TSYS, January 2019 2FTC. "Consumer Sentinel Network" Data Book, 2021 3April Berthene. "Coronavirus pandemic adds $219 billion to US ecommerce sales in 2020-2021" Digital Commerce 360, March 2022 4"Consumers Consider as Many as Six Factors When Choosing Credit Card" PYMTS.com, December 2021 5David McMillin. "Identity theft is a major problem, but these 5 credit card protection programs can help keep you safe" Business Insider, June 2021 6"New FICO Survey Finds Overconfidence Could Put US Consumers at Risk From Scams" Business Wire, February 2022

The digital innovation that has come out from the pandemic across businesses of all kinds – and the resulting improvement to customer experience – has been welcomed by consumers and the financial services industry.   However, it created a challenge for those institutions, namely credit unions, who thrived on and were famous for an excellent in-person customer experience. But rather than viewing it as a threat, the savviest credit unions began to look at some of the cloud-based tools this pandemic-induced digital wave brought with it.   To continue to deliver personalized, secure and fast decisions to their members, credit unions are now adopting cloud-based decisioning and fraud prevention platforms. These systems, like Experian PowerCurve, have helped credit unions and financial institutions alike overcome a dependency on manual processes and other potential resource constraints. In doing so, they can to deliver an excellent online customer experience that can handle high volumes of members from a variety of backgrounds, which reinforces the brand promises of trust and personalized customer service.    But it’s not just members who are benefiting from an improved lending experience. Credit unions may want to follow OneAZ Credit Union, who has seen a 26% increase in booking rates after implementing PowerCurve, in addition to a 25% reduction in manual reviews.  With 21 branches and a full-service digital team, OneAZ prides itself on a world-class member experience while helping members exceed their financial goals. They partnered with Experian® to implement an advanced decisioning system that would increase efficiency and further improve the member experience.  “The speed at which we can return a decision and our better understanding of future performance has really propelled us in being able to better serve our members,” said John Schooner, VP Credit Risk Management for OneAZ.  To read the full case study, click here. And to find more information on how Experian can improve your lending experience through automated decisioning tools,  you can read more about PowerCurve here.   

New Year, New Cyber Threats This is my first blog post of 2022, and I’m afraid the news I’m here to bear isn’t ideal: cyber attack stakes are high. In 2022, hackers are literally betting on a growing market spreading online across the U.S. Before I get into our Data Breach Industry Forecast, let’s take a quick look back. In 2021, we witnessed a sea of change in digital connectivity and activity during the pandemic. As vaccines became widely available and distributed, the recovery, on all fronts, felt close. But now, as new variants continue to develop and spread, it seems like we are in a one-step-forward, two-steps-back scenario—what the Ninth Annual Experian Data Breach Industry Forecast calls the “Cyberdemic Hangover.” As we aim for stability in 2022, companies must continue to secure weak technologies, and consumers must be vigilant in their daily digital lives. The 2022 Data Breach Industry Forecast report tells the story of what we’re facing this year better than I can, so I encourage you to download a copy. However, here’s a preview of one prediction to get you started. Hackers Bet on New Gamblers Again, cyber attack stakes are high. The online gambling market reached more than $70 billion globally in 2021. With more U.S. states legalizing online sports, cyber thieves will look to place scams, particularly phishing scams, on the likes of fantasy sports sites and more. The possible targets will add up over the course of the year as this market grows and alternative payments like cryptocurrency become more widely accepted. Experian’s deep expertise in helping companies navigate more breaches over the last 18 years informs the other four predictions. To find out the other areas hackers are hoping to cash in on this year, download the predictions now. Visit our website for Data Breach Resolution and Reserved Response™ insights

Hackers are playing the game of data compromise, and they are winning. At this point, companies of all sizes, from all industries, know that consumers have a growing desire to take control of their data and digital privacy. In case you missed the latest webinar and whitepaper release from Javelin Strategy & Research, it makes three things clear about consumers’ current attitudes about fraud and its impact on businesses. 1. Consumers are much more privacy-aware In 2020, consumers turned to social media and telecommunicating platforms to work, stay in touch with friends and family networks and learn. While the broad-scale increase provided a way for global commerce and connections to continue during the worldwide pandemic, it also accelerated cybercrime. The influx of internet traffic created a ready-made environment for fraudsters to profit from consumers in a big way, primarily through scams. Scams were so profitable that they accounted for $43 billion of the $56 billion reported ID fraud losses last year.1 2. Consumers blame Financial Institutions for fraud. It’s the main reason they leave.  When consumers experience fraud, they blame their financial institutions, even if the loss has nothing to do with the institution or its business’s responsibility to the consumer. This attitude shows that consumers hold FIs accountable for their data protection. And when they don’t get it, they take their expectations and their business elsewhere. The data shows the proof. In 2020, 38% of consumers closed a bank account affected by fraud, with 69% saying their primary FIs did not resolve their fraud concerns or losses.1 As the saying goes, perception is reality, and in the case of fraud, consumer thoughts have real consequences for organizations. 3. Consumers leave when breaches happen This point is simple: consumers leave even when personally identifiable information (PII) or other data is not stolen. Be prepared with a playbook or be ready to lose consumer trust To improve the customer experience, build trust and reduce risk, companies need a playbook — a fraud resolution and breach response playbook — a solid plan that falls under their existing business and continuity disaster recovery plan. Why? Because consumers need to know and, more importantly, trust that companies are prepared to react quickly and deliver resolution when a network intrusion occurs.  According to Javelin Strategy & Research data, fraud resolution is the best way to retain customers and members. In addition, consumer perception of cybersecurity plays a significant role in consumer attrition and retention. Again, even if personal information is protected, if your organization is attacked, consumers are more likely to stop doing business with your organization, even if no data was compromised. This means cybersecurity and fraud prevention empowerment is a game-changer, driving 22% of consumers’ satisfaction ratings with online banking.2 When building your playbook, consider two core things:  1. Make sure it’s well-developed A comprehensive fraud resolution and breach response should include a solid approach to collaborate with consumers when fraud occurs. Ensuring your plan includes fraud, cyber, and marketing communications teams will help your company act swiftly and build consumer confidence. 2. Don’t just encrypt data; strengthen perimeter security.  Strong perimeter security will ensure safe interactions with consumers. Even if personal information is protected, consumers will perceive a penetration of the network as a breach and will be more apt to stop doing business with your company. At Experian, preparedness is our business. We know how important fraud resolution and breach response is to your customer’s experience. Developing a solid playbook is key to that experience, building trust and reducing risk. To learn more, read the Giving Consumers Control and Enhancing Fraud Prevention whitepaper, watch the Empowerment and Fraud Prevention are Key webinar and find out how to protect your business with Experian’s Global Data Breach Solutions. 1 Javelin Strategy & Research. March 2021. 2 Javelin Strategy & Research. June 2021.

Experian’s Sure Profile was selected as a Platinum winner in the “Fraud and Security Innovation” category in the sixth annual Fintech & Payments awards from Juniper Research, a firm dedicated to delivering thought leadership and analysis in the Fintech and Payment industries.   An innovative service in the fight against synthetic identity fraud, Sure Profile is a comprehensive credit profile that provides a composite history of a consumer’s identification, public record, and credit information in order to detect synthetic identities. It utilizes premium data to help businesses identify potential synthetic fraud threats across credit inquiries, thus allowing lenders to transact more confidently with the vast majority of legitimate consumers.   “Experian has always been a leader in delivering innovative services that both combat fraud and provide identity verification and trust to lending environments. Sure Profile delivers an industry-first fraud offering—integrated directly into the credit profile—that mitigates lender losses while protecting millions of legitimate consumers’ identities,” said Keir Breitenfeld, Senior Vice President, Portfolio Marketing, Experian Decision Analytics. “In times of rapid changes to customer interactions, growth strategies, and risk management practices, it’s particularly important to focus on building tools that can help businesses make better decisions and I’m proud that Experian has again provided an instrument to enable those decisions.”   To learn more about Sure Profile and how Experian is working to solve this multibillion-dollar problem, visit us or request a call. Learn more

It’s time for organizations to harness the power artificial intelligence (AI) can bring to digital identity management – quickly and accurately identifying consumers throughout the lifecycle. The rise in crime   The acceleration to digital platforms created a perfect storm of new opportunities for fraudsters. Synthetic identity fraud, stimulus-related fraud, and other types of cybercrime have seen huge upticks within the past year and a half. In fact, the Federal Trade Commission revealed that consumers reported over 360,000 complaints, resulting in more than $580 million in COVID-19-related fraud losses as of October 2021. To protect both themselves and consumers, businesses — especially lenders — will have to find and incorporate new strategies to identify customers, deter fraudsters and mitigate cybercrime. The benefits of AI for digital identity In our latest e-book, we explore the impacts of AI on organizations’ digital identity strategies, including: How changing consumer expectations increased the need for speed The challenges associated with both AI and digital identities The path forward for digital identity and AI How to develop the right strategy Building a solution It’s clear that current digital identity and fraud prevention tools are not enough to stop cybercriminals. To stay ahead of fraudsters and keep consumers happy, businesses need to look to new technologies — ones that can intake and compute large data sets in near-real time for better and faster decisions throughout the customer lifecycle. By using AI, businesses will enjoy a fast and consistent decisioning system that automatically routes questionable identities to additional authentication steps, allowing employees to focus on the riskiest cases and maximizing efficiency. Read our latest e-book to dive into the ways artificial intelligence and digital identity interact, and the benefits a clear identity strategy can have for the entire user journey. Download the e-book

Lately, I’ve been surprised by the emphasis that some fraud prevention practitioners still place on manual fraud reviews and treatment. With the market’s intense focus on real-time decisions and customer experience, it seems that fraud processing isn’t always keeping up with the trends. I’ve been involved in several lively discussions on this topic. On one side of the argument sit the analytical experts who are incredibly good at distilling mountains of detailed information into the most accurate fraud risk prediction possible. Their work is intended to relieve users from the burden of scrutinizing all of that data. On the other side of the argument sits the human side of the debate. Their position is that only a human being is able to balance the complexity of judging risk with the sensitivity of handling a potential customer. All of this has led me to consider the pros and cons of manual fraud reviews. The Pros of Manual Review When we consider the requirements for review, it certainly seems that there could be a strong case for using a manual process rather than artificial intelligence. Human beings can bring knowledge and experience that is outside of the data that an analytical decision can see. Knowing what type of product or service the customer is asking for and whether or not it’s attractive to criminals leaps to mind. Or perhaps the customer is part of a small community where they’re known to the institution through other types of relationships—like a credit union with a community- or employer-based field of membership. In cases like these, there are valuable insights that come from the reviewer’s knowledge of the world outside of the data that’s available for analytics. The Cons of Manual Review When we look at the cons of manual fraud review, there’s a lot to consider. First, the costs can be high. This goes beyond the dollars paid to people who handle the review to the good customers that are lost because of delays and friction that occurs as part of the review process. In a past webinar, we asked approximately 150 practitioners how often an application flagged for identity discrepancies resulted in that application being abandoned. Half of the audience indicated that more than 50% of those customers were lost. Another 30% didn’t know what the impact was. Those potentially good customers were lost because the manual review process took too long. Additionally, the results are subjective. Two reviewers with different levels of skill and expertise could look at the same information and choose a different course of action or make a different decision. A single reviewer can be inconsistent, too—especially if they’re expected to meet productivity measures. Finally, manual fraud review doesn’t support policy development. In another webinar earlier this year, a fraud prevention practitioner mentioned that her organization’s past reliance on manual review left them unable to review fraud cases and figure out how the criminals were able to succeed. Her organization simply couldn’t recreate the reviewer’s thought process and find the mistake that lead to a fraud loss. To Review or Not to Review? With compelling arguments on both sides, what is the best practice for manually reviewing cases of fraud risk? Hopefully, the following list will help: DO: Get comfortable with what analytics tell you. Analytics divide events into groups that share a measurable level of fraud risk. Use the analytics to define different tiers of risk and assign each tier to a set of next steps. Start simple, breaking the accounts that need scrutiny into high, medium and low risk groups. Perhaps the high risk group includes one instance of fraud out of every five cases. Have a plan for how these will be handled. You might require additional identity documentation that would be hard for a criminal to falsify or some other action. Another group might include one instance in every 20 cases. A less burdensome treatment can be used here – like a one-time-passcode (OTP) sent to a confirmed mobile number. Any cases that remain unverified might then be asked for the same verification you used on the high-risk group. DON’T: Rely on a single analytical score threshold or risk indicator to create one giant pile of work that has to be sorted out manually. This approach usually results in a poor experience for a large number of customers, and a strong possibility that the next steps are not aligned to the level of risk. DO: Reserve manual review for situations where the reviewer can bring some new information or knowledge to the cases they review. DON’T: Use the same underlying data that generated the analytics as the basis of a review. Consider two simplistic cases that use a new address with no past association to the individual. In one case, there are several other people with different surnames that have recently been using the same address. In the other, there are only two, and they share the same surname. In the best possible case, the reviewer recognizes how the other information affects the risk, and they duplicate what the analytics have already done – flagging the first application as suspicious. In other cases, connections will be missed, resulting in a costly mistake. In real situations, automated reviews are able to compare each piece of information to thousands of others, making it more likely that second-guessing the analytics using the same data will be problematic. DO: Focus your most experienced and talented reviewers on creating fraud strategies. The best way to use their time and skill is to create a cycle where risk groups are defined (using analytics), a verification treatment is prescribed and used consistently, and the results are measured. With this approach, the outcome of every case is the result of deliberate action. When fraud occurs, it’s either because the case was miscategorized and received treatment that was too easy to discourage the criminal—or it was categorized correctly and the treatment wasn’t challenging enough. Gaining Value While there is a middle ground where manual review and skill can be a force-multiplier for strong analytics, my sense is that many organizations aren’t getting the best value from their most talented fraud practitioners. To improve this, businesses can start by understanding how analytics can help group customers based on levels of risk—not just one group but a few—where the number of good vs. fraudulent cases are understood. Decide how you want to handle each of those groups and reserve challenging treatments for the riskiest groups while applying easier treatments when the number of good customers per fraud attempt is very high. Set up a consistent waterfall process where customers either successfully verify, cascade to a more challenging treatment, or abandon the process. Focus your manual efforts on monitoring the process you’ve put in place. Start collecting data that shows you how both good and bad cases flow through the process. Know what types of challenges the bad guys are outsmarting so you can route them to challenges that they won’t beat so easily. Most importantly, have a plan and be consistent. Be sure to keep an eye out for a new post where we’ll talk about how this analytical approach can also help you grow your business. Contact us

As stimulus-generated fraud wanes, we anticipate a return of more traditional forms of fraud, including account opening fraud. As businesses embrace the digital evolution and look ahead to responsible growth, it’s important to balance the customer experience with the risks associated with account opening fraud. Preventing account opening fraud requires a layered fraud and identity management strategy that allows you to approve good customers while keeping criminals out. With the right tools in place, you can optimize the customer experience while still keeping risk low. Download infographic Review your fraud strategy

In today’s digital-first environment, fraud threats are growing in sophistication and scope. It’s critical for credit unions to not only understand the specific threats presented by life online, but to also be prepared with a solid fraud detection and prevention plan. Below, we’ve outlined a few fraud trends that credit unions should be aware of and prepared to address. 2021 Trends to Watch: Digitization and the Movement to Life Online Trend #1: Digital Acceleration As we look ahead to the rest of 2021 and beyond, we expect to see adoption of digital strategies nearing the top of credit unions’ list of priorities. Members’ expectations for their digital experience have permanently shifted, and many credit unions now have members using online channels who traditionally wouldn’t have. This has led to a change in the types of fraud we see as online activities increased in volume. Trend #2: First-Party Fraud is On the Rise First party fraud is on the rise – 43% of financial executives say that mule activity is up 10% or more compared to attack rates prior to the pandemic, according to Trace Fooshee, Senior Analyst for Aite Group, and we expect to see this number grow. The ability for credit unions to identify and segregate the “good guys” from “bad guys” is getting more difficult to discern and this detail is more important than ever as credit unions work to create frictionless digital experiences by using digital tools and strategies. Trend #3: Continual Uptick in Synthetic Identity Fraud We expect synthetic identity fraud (SID) to continue to rise in 2021 as cybercriminals become more sophisticated in the digital space and as members continue with their new digital habits. Additionally, fraudsters can use SIDs to bring significant damage and loss to credit unions through fraudulent checks, debit cards, person-to-person and automated clearing house (ACH) transactions. More and more, fraudsters are seen opening accounts and remaining very patient – using an account to build and nurture a trusted relationship with the credit union and then remain dormant for two years before ensuing in any sort of abuse. Once the fraudster feels confident that they can bypass authentication processes or avoid a new product vetting, oftentimes, they will take that opportunity to get easy access to all solutions credit unions have available and will abuse them all at once. There are no signs of fraud slowing, so credit unions will need to stay vigilant in their fraud protection and prevention plans. We’ve outlined a few tips for credit unions to help protect member data while reducing risk. The Fight Against Fraud: Four Key Tips Tip #1: Manage Each Fraud Type Appropriately Preventing and detecting fraud requires a multi-level solution. This can involve new methods for authenticating current and prospective members, as well as incorporating synthetic identity services and identity proofing throughout the member lifecycle. For example, credit unions should consider taking extra verification steps during the account opening process as a preventative measure to minimize SID infiltration and associated fraud losses. As credit unions continue down the path of digitization, it’s also important to add in digital signals and behavior-based verification, such as information about the device a consumer is logging in from to heighten defenses against bad actors. Tip #2: Be Resourceful In the wake of the COVID-19 pandemic, many have asked, “How should credit unions approach fraud prevention tactics when in-person contact is limited or unavailable?” In some cases, you might need to be willing to say no to requests or get creative and find other options. Sometimes, it takes leveraging current resources and using what’s readily available to allow for a binary decision tree. For example, if you’re suspicious of a dormant account that you think could be synthetic, call them, and ask yourself these questions: Did they answer? Was the phone still active? Send the account holder an email – did you get a reply? Is this a new member? Is this a new channel for the member? Could they have logged on to do this instead of calling the call center? Tip #3: Empower Members Through Education Members like to know that their credit unions are taking the necessary steps and applying the right measures to keep their data secure. While members might not want every detail, they do want to know that the security measures are there. Require the use of strong passwords, step-up authentication, and empower members with alerts, notifications, and card controls. Additionally, protect members by providing resources like trainings, webinars, and best practices articles, where they can learn about current cyber trends and how to protect their data. Tip #4: Trust Data Many credit unions rely on an employee’s decision to decide when to take action and what action to take. The challenge with this approach comes when the credit union needs to reduce friction for members or tighten controls to prevent fraud, because it’s extremely hard to know exactly what drove prior actions. A better alternative is to rely on scores and specific data. Tweaks to the scores or data points that drive actions allow credit unions to achieve the desired member experience and risk tolerance – just be sure to leverage internal experts help figure out those policies. By determining what conditions drive actions before the actions are taken (instead of doing it one case at a time) the decisions remain transparent and actionable. Looking for more insights around how to best position your credit union to mitigate and prevent fraud? Watch our webinar featuring experts from around the industry and key credit unions in this Fraud Insight Form hosted by CUES. Watch now Contact us