Tag: fraud prevention

Preventing fraud losses requires an understanding of each individual fraud type—including third-party, first-party, synthetic identity, and account takeover fraud—and how they differ from one another. It’s only with a multi-layered fraud strategy that businesses can adequately detect and treat each type of fraud while maintaining the customer experience. When’s the last time you reviewed your existing fraud strategy? Download infographic Review your fraud strategy

It’s obvious that 2020 was a year of unprecedented change and created brand new opportunities for fraud. In 2021, fraudsters will continue to iterate on new and old methods of attack, requiring businesses to remain flexible and proactive to prevent losses. We created the 2021 Future of Fraud Forecast to help businesses anticipate new types of fraud and prepare and protect consumers on the road ahead. Here are the trends we expect to see over the coming year: Putting a Face to Frankenstein IDs: Synthetic identity fraud will start to rely on “Frankenstein faces” for biometric verification. “Too Good to Be True” COVID Solutions: The promise of at-home test kits, vaccines and treatments will be used as means for sophisticated phishing and social engineering schemes. Stimulus Fraud Activity, Round Two: Fraudsters will take advantage of additional stimulus funding by using stolen data to intercept payments. Say ‘Hello’ to Constant Automated Attacks: Once the stimulus fraud attacks run their course, hackers will increasingly turn to automated methods. Survival of the Fittest for Small Businesses: In 2021, businesses with lackluster fraud prevention tools will suffer large financial losses. To learn more about how to protect your business and customers, download the Future of Fraud Forecast and check out Experian’s fraud prevention solutions. Future of Fraud Forecast Request a call

Enterprise Security Magazine recently named Experian a Top 10 Fraud and Breach Protection Solutions Provider for 2020.   Accelerating trends in the digital economy--stemming from stay-at-home orders and rapid increases in e-commerce and government funding--have created an attractive environment for fraudsters. At the same time, there’s been an uptick in the amount of personally identifiable information (PII) available on the dark web. This combination makes innovative fraud and breach solutions more crucial than ever.   Enterprise Security Magazine met with Kathleen Peters, Experian’s Chief Innovation Officer, and Michael Bruemmer, Vice President of Global Data Breach and Consumer Protection, to discuss COVID-19 digital trends, the need for robust fraud protection, and how Experian’s end-to-end breach protection services help businesses protect consumers from fraud.   According to the magazine, “With Experian’s best in class analytics, clients can rapidly respond to ever-changing environments by utilizing offerings such as CrossCore® and Sure ProfileTM to identify and prevent fraud.”   In addition to our commitment to develop new products to combat the rising threat of fraud, Experian is focused on helping businesses minimize the consequences of a data breach. The magazine noted that, “To serve as a one-stop-shop for data breach protection, Experian offers a wide range of auxiliary services such as incident management, data breach notification, identity protection, and call center support.”   We are continuously working to create and integrate innovative and robust solutions to prevent and manage different types of data breaches and fraud. Read the full article Contact us

In the wake of unprecedented unemployment fraud since the start of COVID-19, Experian announced it was selected as the exclusive partner for identity and fraud verification for the Unemployment Insurance (UI) Integrity Center’s centralized Identity Verification (IDV) capability. IDV is available to state agencies at no cost through UI Integrity Center, which is operated by the National Association of Workforce Agencies (NASWA) in partnership with the U.S. Department of Labor.   With the Federal Bureau of Investigations (FBI) reporting a spike in fraudulent unemployment insurance claims complaints related to COVID-19, it’s more important than ever for state agencies to use innovative solutions to verify identities that are applying for unemployment insurance to protect consumers. If improper unemployment insurance payments are made to fraudsters, the efforts of the CARES Act could be largely wasted.   The IDV capability leverages Experian’s Precise IDTM to provide a centralized identity verification and proofing solution. Precise ID combines identity analytics with advanced fraud risk models to distinguish various types of fraud, which can help state agencies maximize time and resources. When state agencies submit claims, the IDV solution will return ID theft scoring and associated cause codes, enabling them to assess whether a claim may be fraudulent.   “Due to the COVID-19 health crisis, unemployment is high, with over roughly 60 million Americans filing for unemployment since March,” said Robert Boxberger, president of Experian’s Decision Analytics in North America. “At Experian, we’re proud to have a strong culture dedicated to continuous innovation that helps protect consumers’ financial health. We’re taking that same consumer focus and helping make the unemployment insurance application process more efficient and safer for constituents.”   The Integrity Data Hub (IDH) is a robust, multi-state data system that contains a continuously expanding set of sources to provide advanced cross-matching and analytic capabilities to states. It is designed to be easily implemented by any state Unemployment Insurance agency, regardless of claim volume, technology, or access to internal resources. The IDH was designed and built using the latest National Institute of Standards and Technology IT security standards, including the use of asymmetric encryption and other techniques to ensure the security of sensitive data.   “We’re excited to partner with Experian and utilize its Precise ID solution to assist states in mitigating fraud during these unprecedented times,” said Scott Sanders, NASWA Executive Director. “States are finding this to be a very valuable tool and we are pleased that we can offer this solution to states through our partnership with the U.S. Department of Labor.” Read Press Release Learn More About Precise ID

Synthetic identity fraud, otherwise known as SID fraud, is reportedly the fastest-growing type of financial crime. One reason for its rapid growth is the fact that it’s so hard to detect, and thus prevent. This allows the SIDs to embed within business portfolios, building up lines of credit to run up charges or take large loans before “busting out” or disappearing with the funds. In Experian’s recent perspective paper, Preventing synthetic identity fraud, we explore how SID differs from other types of fraud, and the unique steps required to prevent it. The paper also examines the financial risks of SID, including: $15,000 is the average charge-off balance per SID attack Up to 15% of credit card losses are due to SID 18% - the increase in global card losses every year since 2013 SID is unlike any other type of fraud and standard fraud protection isn’t sufficient. Download the paper to learn more about Experian’s new toolset in the fight against SID. Download the paper

The CU Times recently reported on a nationwide synthetic identity fraud ring impacting several major credit unions and banks. Investigators for the Federal and New York governments charged 13 people and three businesses in connection to the nationwide scheme. The members of the crime ring were able to fraudulently obtain more than $1 million in loans and credit cards from 10 credit unions and nine banks. Synthetic Identity Fraud Can’t Be Ignored Fraud was on an upward trend before the pandemic and does not show signs of slowing. Opportunistic criminals have taken advantage of the shift to digital interactions, loosening of some controls in online transactions, and the desire of financial institutions to maintain their portfolios – seeking new ways to perpetrate fraud. At the onset of the COVID-19 pandemic, many financial institutions shifted their attention from existing plans for the year. In some cases they deprioritized plans to review and revise their fraud prevention strategy. Over the last several months, the focus swung to moving processes online, maintaining portfolios, easing customer friction, and dealing with IT resource constraints. While these shifts made sense due to rapidly changing conditions, they may have created a more enticing environment for fraudsters. This recent synthetic identity fraud ring was in place long before COVID-19. That said, it still highlights the need to have a prevention and detection plan in place. Financial institutions want to maintain their portfolios and their customer or member experience. However, they can’t afford to table fraud plans in the meantime. “72% of FI executives surveyed believe synthetic identity fraud to be more challenging than identity theft. This is due to the fact that it is harder to detect—either crime rings nurture accounts for months or years before busting out with six-figure losses, or they are misconstrued as credit losses, and valuable agent time is spent trying to collect from someone who doesn’t exist,” says Julie Conroy, Research Director at Aite Group. Prevention and Detection Putting the fraud strategy discussion on hold—even in the short term—could open up a financial institution to potential risk at time when cost control and portfolio maintenance are watch words. Canny fraudsters are on the lookout for financial institutions with fewer protections. Waiting to implement or update a fraud strategy could open a business up to increased fraud losses. Now is the time to review your synthetic identity fraud prevention and detection strategies, and Experian can help. Our innovative new tool in the fight against synthetic identity fraud helps financial institutions stop fraudsters at the door. Learn more  

Every few months we hear in the news about a fraud ring that has been busted here in the U.S. or in another part of the world. In May, I read about a fraud ring based in Georgia and Louisiana that bought 13,000 stolen identities of children who were on the Louisiana Medicaid program and billed the government for services not rendered. This group defrauded the Medicaid program of more than $500,000.   This is just one of many stories that we hear about fraud rings, and given the rapidly changing economic environment, now is the time for businesses to think about how to protect against fraud rings. There are a number of challenges that organizations may have when it comes to sharing trends and collaborations, understanding the ways to tie fraud rings together, creating treatments for identifying fraud rings and ways to store and catalogue fraud ring experiences so they can be easily recognized.   The trouble with identifying fraud rings   It’s important to understand the challenges that organizations have because they see the fraud rings through their own internal lens. Here are a few of the top things businesses should work on:   Think like a fraudster. This will help businesses become more creative in their approach to fraud prevention. Facilitate internal collaboration. Share with in-organization partners. Sometimes this can be difficult due to organizational structure. Promote external collaboration. Intel-sharing groups are a great way for businesses to network within their industries and learn about the fraud that others are seeing. An organization that I’ve worked with in the past is the National Cyber Forensic and Training Alliance (NCFTA).   Putting the pieces together   How do businesses identify a fraud ring? There are three steps to get started. The first is reviewing and understanding the data. Fraudsters are lazy and want to replicate the process over and over again, and because of this there is always some piece of information that is repeated. It could be a name, an email address, device fingerprint, or similar.   The second step is tying the fraud ring together. This is done by creating rules to help identify the trends. Having rules in place to identify fraud rings allows businesses to easily pull stats together for their leadership.   Lastly, applying an acronym or name to the particular fraud ring and adding comments to the cases associated with a particular ring will help with post-investigation analysis.   Learning from the past   Before I became a consultant, I remember identifying a fraud ring that was submitting events with the same language pack and where the device fingerprint was staying consistent. Those events were being referred out for review and marked with the same note. At a post-mortem review, I was able to talk to the fraud ring we had seen, and it was easy to pull all events associated with this fraud ring because my team had marked the events with the same comments.   Another fraud ring example happened a few years ago. A client called me and said that they were under a fraud attack and this fraud ring was rotating the email handle. I reviewed the data and came up with a rule to catch this activity. Fraud rings will use email handle rotation to help them keep track of accounts that are opened or what emails they used in the past. By coupling the email handle rotation with an email verification service like Emailage, this insight could be very telling. I would assume that when fraud rings use email handle rotation these emails are new and have just been created.   These are just a few of the many fraud rings that I’ve encountered over the course of my career and I’m sure there will be a lot more in the years to come. The best advice I can give to anyone that reads this post is to understand the data that you are reviewing, look for anomalies within the data, ask questions and test your theories by running queries on the data that you’re reviewing. I would love to hear about the different fraud rings that you’ve encountered over your career.   Stay safe.   Contact us

Experian’s own Chris Ryan and Bobbie Paul recently joined David Mattei from Aite to discuss the latest research and insights into emerging fraud schemes and how businesses can combat them in light of COVID-19 and the resulting economic changes. Between them, Chris, Bobbie, and David have more than 60 years of experience in the world of fraud prevention. Listen in as they discuss how businesses can shape their fraud prevention plan in the short term, including: The impacts of the health crisis and physical distancing The rise of e-commerce and consumer digital engagement Changes in criminal activity Fraud attack vectors 2020 fraud loss projections Critical next steps for the 30-60 day time frame Experian · Make Your Fraud Plan Recession-Ready: 2020 Fraud Trends

The COVID-19 pandemic and resulting rush to transition to a remote lifestyle made it clear that many businesses need a refreshed digital authentication and fraud prevention strategy that includes an investment in technology and provides consumer assurance. This is particularly important when it comes to identity, as many of the standard in-person verification methods and tools are currently unavailable. The meaning of identity is growing and shifting Technology trends are intersecting with social trends to create heightened awareness, and a whole new public conversation has emerged around customer trust and privacy. Attitudes and ideas are changing—even to the point of what we mean by “identity.” An identity is no longer just a name, date of birth, and SSN. Now, there are digital manifestations everywhere you look: screen names, email addresses, mobile phone numbers, device identifiers, and the other “exhaust” we leave behind as we travel the internet. This leads to concerns about what an identity is, who owns it, and who manages and protects it. Businesses have to be able to prove to their ability to protect their customers’ identities through investment in technology and a robust fraud strategy. Consumer attitudes are changing Several years ago, consumers were excited by all the new digital capabilities and the speed, ease, and convenience they provided. Last year, Experian found that consumers still wanted those things, with 70% willing to provide more information to businesses if there was a perceived benefit. However, they also wanted more security in the balance. In Experian’s most recent Global Identity and Fraud Report, we found that 74% of consumers say that security is the most important factor when deciding to engage with a business. Consumers are particularly more tolerant of friction during the enrollment process—as a means of building trust. But, when they return to the app or website, they want to be recognized. This means achieving a balance by using layered technologies, some of which are active and visible to the consumer, and some of which are invisibly working in the background to confirm the identity of returning consumers. Consumer attitudes vs. regulatory pressure The drivers behind the business changes are twofold: shifting consumer attitudes and regulatory changes. While regulations are becoming stricter on a national and global level, they’re not keeping pace with technology and social change. The digital world is evolving at a rapid pace, opening up more new ways for companies to collect information about consumers and use it to identify and verify, and also to target goods and services. With all of this data available, it’s important for businesses to use the tools in the market to help protect identity information. Next steps in technology The bottom line is, businesses can’t wait for regulations to dictate how best to protect information. Instead, they should be looking to technologies like physical and behavioral biometrics to help provide identity authentication and protection – layering those solutions with information from the user and from third parties to give a holistic consumer view. Businesses should adopt a platform approach for identity and fraud in order to be able to adapt quickly, whether to incorporate new kinds of technology or to prevent emerging types of fraud. By investing in technology now, even in the midst of the COVID-19 pandemic, businesses can build the flexibility needed to respond to future crises and help offset future fraud losses. In turn, those fraud-loss savings can then be used to help grow the business in the future. Learn more about Experian’s commitment to helping businesses maximize their investment in technology to safeguard against fraud. Learn more

For the last several years, as the global economy flourished, the opportunities created by removing friction and driving growth guided business strategies governing identity and fraud. The amount of profitable business available in a low-friction environment simply outweighed the fraud that could be mitigated with more stringent verification methods. Now that we’re facing a global crisis, it’s time to reconsider the approach that drove the economic boom that defined that last decade. Recognizing how economic changes impact fraud At the highest level, we separate fraud into two types; third party fraud and first party fraud. In simple terms, third party fraud involves the misuse of a real customer’s identity or unauthorized access to a real customer’s accounts or assets. First party fraud involves the use of an identity that the fraudster controls—whether it’s their own identity, a manipulated version of their own identity, or a synthetic identity that they have created. The important difference in this case is that the methods of finding and stopping third party fraud remain constant even in the event of an economic downturn – establish contact with the owner of the identity and verify whether the events are legitimate. Fraud tactics will evolve, and volumes increase as perpetrators also face pressure to generate income, but at the end of the day, a real person is being impersonated, and a victim exists that will confirm when fraud is taking place. Changes in first party fraud during an economic downturn are dramatically different and much more problematic. The baseline level of first party fraud using synthetic, manipulated and the perpetrator’s own identity continue, but they are augmented by real people facing desperate circumstances and existing “good” customers who over-extend while awaiting a turn-around. The problem is that there is no “victim” to confirm fraud is occurring, and the line between fraud (which implies intent) and credit default (which does not) becomes very difficult to navigate. With limited resources and pressures of their own, at some point lenders must try to distinguish deliberate theft from good customers facing bad circumstances and manage cases accordingly. The new strategy When times are good, it’s easier to build up a solid book of business with good customers. Employment rates are high, incomes are stable, and the risks are manageable. Now, we’re experiencing rapidly changing conditions, entire industries are disrupted, unemployment claims have skyrocketed and customers will need assistance and support from their lenders to help them weather the storm. This is a reciprocal relationship – it behooves those same lenders to help their customers get through to the other side. Lenders will look to limit losses and strengthen relationships. At the same time, they’ll need to reassess their existing fraud and identity strategies (among others) as every interaction with a customer takes on new meaning. Unexpected losses We’ve all been bracing for a recession for a while. But no one expected it to show up quite like it did. Consumers who have been model customers are suddenly faced with a complete shift in their daily life. A job that seemed secure may be less so, investments are less lucrative in the short term, and small business owners are feeling the pressure of a change in day-to-day commerce. All of this can lead to unexpected losses from formerly low-risk customers. As this occurs, it becomes more critical than ever to identify and help good customers facing grim circumstances and find different ways to handle those that have malicious intent. Shifting priorities When the economy was strong, many businesses were able to accept higher losses because those losses were offset by immense growth. Unfortunately, the current crisis means that some of those policies could have unforeseen consequences. For instance – the loss of the ability to differentiate between a good customer who has fallen on hard times and someone who’s been a bad actor from the start. Additionally, businesses need to revise their risk management strategies to align with shifting customer needs. The demand for emergency loans and will likely rise, while loans for new purchases like cars and homes will fall as consumers look to keep their finances secure. As the need to assist customers in distress rises and internal resources are stressed, it’s critical that companies have the right tools in place to triage and help customers who are truly in need. The good news The tools businesses like yours need to screen first party fraud already exist. In fact, you may already have the necessary framework in place thanks to an existing partnership, and a relatively simple process could prepare your business to properly screen both new and existing customers at every touchpoint. This global crisis is nowhere near over, but with the right tools, your business can protect itself and your customers from increased fraud risks and losses of all sorts – first party, stolen identities, or synthetic identities, and come out on the other side even stronger. Contact Experian for a review of your current fraud strategy to help ensure you’re prepared to face upcoming challenges. Contact us

Experian’s 7th Annual Data Breach Preparedness Study is available now, and its findings show organizations struggling in a few areas that are sure to see data breach activity increase this year. New to report this year: we surveyed IT and IT security, compliance, and privacy professionals in both the U.S. and the EMEA to compare the regional differences amongst organizations and their outlook around data breach preparedness. A few themes that stuck out in the study this year were: Spear Phishing and Ransomware 69% of respondents had one or more spear phishing attacks in 2019 Since 2017, respondents who say their organizations are very confident or confident in their ability to deal with spear phishing attacks has declined from 31% to 23% 36% of respondents say their organizations had a ransomware attack last year with only 20% feeling confident in their ability to deal with it The average ransom was $6,128, and 68% of respondents say the ransom was paid Confidence in Data Breach Response Plans From a reputation standpoint, only 23% of respondents say their organization is confident in its ability to minimize the financial and reputational consequences of a material data breach Only 38% of respondents believe they are effective at doing what needs to be done following a data breach to prevent the loss of customers’ and business partners’ trust and confidence Global Data Breaches Only 34% of respondents say they are confident their organizations are able to respond to global breaches, as breaches increasingly become international in scope Read the full results of Experian's 7th Annual Data Breach Preparedness Study and see how you compare to other organizations when it comes to data breach preparedness. Download the full study

Last month, Kenneth Blanco, Director of the Financial Crimes Enforcement Network, warned that cybercriminals are stealing data from fintech platforms to create synthetic identities and commit fraud. These actions, in turn, are alleged to be responsible for exploiting fintech platforms’ integration with other financial institutions, putting banks and consumers at risk. According to Blanco, “by using stolen data to create fraudulent accounts on fintech platforms, cybercriminals can exploit the platforms’ integration with various financial services to initiate seemingly legitimate financial activity while creating a degree of separation from traditional fraud detection efforts.” Fintech executives were quick to respond, and while agreeing that synthetic IDs are a problem, they pushed back on the notion that cybercriminals specifically target fintech platforms. Innovation and technology have indeed opened new doors of possibility for financial institutions, however, the question remains as to whether it has also created an opportunity for criminals to implement more sophisticated fraud strategies. Currently, there appears to be little evidence pointing to an acute vulnerability of fintech firms, but one thing can be said for certain: synthetic ID fraud is the fastest-growing financial crime in the United States. Perhaps, in part, because it can be difficult to detect. Synthetic ID is a type of fraud carried out by criminals that have created fictitious identities. Truly savvy fraudsters can make these identities nearly indistinguishable from real ones. According to Kathleen Peters, Experian’s SVP, Head of Fraud and Identity, it typically takes fraudsters 12 to 18 months to create and nurture a synthetic identity before it’s ready to “bust out” – the act of building a credit history with the intent of maxing out all available credit and eventually disappearing. These types of fraud attacks are concerning to any company’s bottom line. Experian’s 2019 Global Fraud and Identity Report further details the financial impact of fraud, noting that 55% of businesses globally reported an increase in fraud-related losses over the past 12 months. Given the significant risk factor, organizations across the board need to make meaningful investments in fraud prevention strategies. In many circumstances, the pace of fraud is so fast that by the time organizations implement solutions, the shelf life may already be old. To stay ahead of fraudsters, companies must be proactive about future-proofing their fraud strategies and toolkits. And the advantage that many fintech companies have is their aptitude for being nimble and propensity for early adoption. Experian can help too. Our Synthetic Fraud Risk Level Indicator helps both fintechs and traditional financial institutions in identifying applicants likely to be associated with a synthetic identity based on a complex set of relationships and account conditions over time. This indicator is now available in our credit report, allowing organizations to reduce exposure to identity fraud through early detection. To learn more about Experian’s Synthetic Fraud Risk Level Indicator click here, or visit experian.com/fintech.

What do movie actors Adam Sandler and Hugh Grant, jazz singer Michael Bublé, Russian literary giant Leo Tolstoy, and Colonel Sanders, the founder of KFC, have in common? Hint, it’s not a Nobel Prize for Literature, a Golden Globe, a Grammy Award, a trademark goatee, or a “finger-lickin’ good” bucket of chicken. Instead, they were all born on September 9, the most common birth date in the U.S. Baby Boom According to real birth data compiled from 20 years of American births, September is the most popular month to give birth to a child in America – and December, the most popular time to make one. With nine of the top 10 days to give birth falling between September 9 and September 20, one may wonder why the birth month is so common. Here are some theories: Those who get to choose their child’s birthday due to induced and elective births tend to stay away from the hospital during understaffed holiday periods and may plan their birth date around the start of the school year. Several of the most common birth dates in September correspond with average conception periods around the holidays, where couples likely have more time to spend together. Some studies within the scientific community suggest that our bodies may actually be biologically disposed to winter conceptions. While you may not be feeling that special if you were born in September, the actual differences in birth numbers between common and less common birthdays are often within just a few thousand babies. For example, September 10, the fifth most common birthday of the year, has an average birth rate of 12,143 babies. Meanwhile, April 20, the 328th most common birthday, has an average birth rate of 10,714 newborns. Surprisingly, the least common birthdays fall on Christmas Eve, Christmas Day and New Year’s Day, with Thanksgiving and Independence Day also ranking low on the list. Time to Celebrate – but Watch out! Statistically, there’s a pretty good chance that someone reading this article will soon be celebrating their birthday. And while you should be getting ready to party, you should also be on the lookout for fraudsters attempting to ruin your big day. It’s a well-known fact that cybercriminals can use your birth date as a piece of the puzzle to capture your identity and commit identity theft – which becomes a lot easier when it’s being advertised all over social media. It’s also important for employers to safeguard their organization from fraudsters who may use this information to break into corporate accounts. While sharing your birthday with a lot of people could be a good or bad thing depending on how much undivided attention you enjoy – you’re in great company! Not only can you plan a joint party with Michelle Williams, Afrojack, Cam from Modern Family, four people I went to high school with on Facebook and a handful of YouTube stars that I’m too old to know anything about, but there will be more people ringing in your birthday than any other day of the year! And that’s pretty cool.

Friend or foe? Sophisticated criminals put a great deal of effort into creating convincing, verifiable personas (AKA synthetic identities). Once the fictional customer has embedded itself in your business, everything from the acquisition of financial instruments to healthcare benefits, utility services, and tax filings and refunds become vulnerable to synthetic identity fraud. Information attached to synthetic IDs can run several levels deep and be so complete that it includes public record data, credit information, documentary evidence and social media profiles that may even contain photo sets and historical details intended to deceive—all complicating your efforts to identify these fake customers before you do business with them. See real-world examples of how synthetic identity fraud is souring various markets – from auto and healthcare to financial services and public sector – in our tip sheet, Four common synthetic scenarios. Stopping synthetic ID fraud — at the door and thereafter. There are efforts underway in the market to collectively improve your ability to identify, shut down and prevent synthetic identities from entering your portfolio. This overall trend is great news for the future, but there are also near-term solutions you can apply to protect your business starting now. While it’s important to identify synthetic identities when they knock on your door, it’s just as important to conduct regular portfolio checkups to prevent negative impacts to your collections efforts. Every circumstance has its own unique parameters, but the overarching steps necessary to mitigate fraud from synthetic IDs remain the same: Identify current and near-term exposure using targeted segmentation analysis. Apply technology that alerts you when identity data doesn’t add up. Differentiate fraudulent identities from those simply based on bad data. Review front- and back-end screening procedures until they satisfy best practices. Achieve a “single view of the customer” for all account holders across access channels—online, mobile, call center and face-to-face. The right tools for the job. In addition to the steps mentioned above, stopping these fake customers from entering and then stealing from your organization isn’t easy—but with the right tools and strategies, it is possible. Here are a few of our top recommendations: Forensics Isolate and segment identities based on signals received during early account pathing, from both individuals and their device. For example, even sophisticated fraud networks can’t mimic natural per-device user interaction because these organizations work with hundreds or thousands of synthetic identities using just a few devices. It’s highly unlikely that multiple geographically separate account holders would share the same physical device. High-risk fraud scores Not all synthetic identity fraud manifests the same way. Using sophisticated logic and unique combinations of data, a high-risk fraud score looks at a consumer’s credit behavior and credit relationships over time to uncover previously undetectable risk. These scores are especially successful in detecting identities that are products of synthetic identity farms. And by targeting a specific data set and relationships, you can maintain a frictionless customer experience and reduce false positives. Analytics Use a solution that develops models of bad applicant behavior, then compares and scores your portfolio against these models. There isn’t a single rule for detecting fraudulent identities, but you can develop an informed set of rules and targeted models with the right service partner. Cross-referencing models designed to isolate high-risk identity theft cases, first-party or true-name fraud schemes, and synthetic identities can be accomplished in a decisioning strategy or via a custom model that incorporates the aggregate scores and attributes holistically. Synthetic identity detection rules These specialized rules consist of numerous conditions that evaluate a broad selection of consumer behaviors. When they occur in specific combinations, these behaviors indicate synthetic identity fraud. This broad-based approach provides a comprehensive evaluation of an identity to more effectively determine if it’s fabricated. It also helps reduce the incidence of inaccurately associating a real identity with a fictitious one, providing a better customer experience. Work streams Address synthetic identities confidently by applying analytics to work streams throughout the customer life cycle: Credit risk assessment Know Your Customer/Customer Identification Program checks Risk-based identity proofing and authentication Existing account management Manual reviews, investigations and charge-offs/collections activities Learn more about these tools and others that can help you mitigate synthetic identities in our white paper, Synthetic identities: getting real with customers. If your organization is like most, detecting SIDs hasn't been your top priority. So, there's no time to waste in preventing them from entering your portfolio. Criminals are highly motivated to innovate their approaches as rapidly as possible, and it’s important to implement a solution that addresses the continued rise of synthetic IDs from multiple engagement points. With the right set of analytics and decisioning tools, you can reduce exposure to fraud and losses stemming from synthetic identity attacks from the beginning and across the customer life cycle. We can help you detect and mitigate these fake customers before they become delinquent. Learn more

For most businesses, building the best online experience for consumers requires a balance between security and convenience. But the challenge has always been finding a happy medium between the two – offering enough security that won’t get in the way of convenience and vice versa. In the past, it was always believed that one would always come at the expense of the other. But technology and innovation is changing how businesses approach security and is allowing them to give the maximum potential of both. Consumers want security AND convenience Consumers consider security and convenience as the foundation of their online experience. Findings from our 2019 Global Identity and Fraud Report revealed approximately 74 percent of consumers ranked security as the most important part of their online experience, followed by convenience. In other words, they expect businesses to provide them with both. We see this with how consumers are typically using the same security information each time they open a new digital account – out of convenience. But if one account is compromised, the consumer becomes vulnerable to possible fraudulent activity. With today’s technology, businesses can give consumers an easier and more secure way to access their digital accounts. Creating the optimal online experience More security usually meant creating more passwords, answering more security questions, completing CAPTCHA tests, etc. While consumers are willing to work through these friction-inducing methods to complete a transaction or access an account, it’s not always the most convenient process. Advanced data and technology has opened doors for new authentication methods, such as physical and behavioral biometrics, digital tokenization, device intelligence and machine learning, to maximize the potential for businesses to provide the best online experience possible. In fact, consumers have expressed greater confidence in businesses that implement these advanced security methods. Rates of consumer confidence in passwords was only 44 percent, compared to a 74 percent rate of consumer confidence in physical biometrics. Consumers are willing to embrace the latest security technology because it provides the security and convenience they want from businesses. While traditional forms of security were sufficient, advanced authentication methods have proven to be more reliable forms of security that consumers trust and can improve their online experience. The optimal online experience is a balance between security and convenience. Innovative technologies and data are helping businesses protect people’s identities and provide consumers with an improved online experience.