Tag: fraud

Security. Convenience. Personalization. Finding the balance between these three priorities is key to creating a safe and low-friction customer experience. We surveyed more than 6,500 consumers and 650 businesses worldwide about these priorities for our 2020 Global Identity and Fraud Report: Most business are focusing on personalization, specifically in relation to upselling and cross-selling. This is frustrating customers who are looking for increases in both security and convenience. It’s possible to have all three. Read Full Report

It may be a new decade of disruption, but one thing remains constant – the consumer is king. As such, customer experience (and continually evolving digital transformations necessary to keep up), digital expansion and all things identity will also reign supreme as we enter this new set of Roaring 20s. Here are seven of the top trends to keep tabs of through 2020 and beyond. 1. Data that does more – 100 million borrowers and counting Traditional, alternative, public record, consumer-permissioned, small business, big business, big, bigger, best – data has a lot of adjectives preceding it. But no matter how we define, categorize and collate data, the truth is there’s a lot of it that’s untapped, which is keeping financial institutions from operating at their max efficiency levels. Looking for ways to be bigger and bolder? Start with data to engage your credit-worthy consumer universe and beyond. Across the entire lending lifecycle, data offers endless opportunities – from prospecting and acquisitions to fraud and risk management. It fuels any technology solution you have or may want to implement over the coming year. Additionally, Experian is doing their part to create a more holistic picture of consumer creditworthiness with the launch of Experian LiftTM in November. The new suite of credit score products combines exclusive traditional credit, alternative credit and trended data assets, intended to help credit invisible and thin-file consumers gain access to fair and affordable credit. "We're committed to improving financial access while helping lenders make more informed decisions. Experian Lift is our latest example of this commitment brought to life,” said Greg Wright, Executive Vice President and Chief Product Officer for Experian Consumer Information Services. “Through Experian Boost, we're empowering consumers to play an active role in building their credit histories. And, with Experian Lift, we're empowering lenders to identify consumers who may otherwise be excluded from the traditional credit ecosystem,” he said. 2. Identity boom for the next generation Increasingly digital lifestyles have put personalization and frictionless transactions on hyperdrive. They are the expectation, not a nice-to-have. Having customer intelligence will become a necessary survival strategy for those in the market wanting to compete. Identity is not just for marketing purposes; it must be leveraged across the lending lifecycle and every customer interaction. Fragmented customer identities are more than flawed for decisioning purposes, which could potentially lead to losses. And, of course, the conversation around identity would be incomplete without a nod to privacy and security considerations. With the roll-out of the California Consumer Privacy Act (CCPA) earlier this month, we will wait to see if the other states follow suit. Regardless, consumers will continue to demand security and trust. 3. All about artificial intelligence and machine learning We get it – we all want the fastest, smartest, most efficient processes on limited – and/or shrinking – budgets. But implementing advanced analytics for your financial institution doesn’t have to break the bank. And, when it comes to delivering services and messaging to customers the way they want it, how to do that means digital transformation – specifically, leveraging big data and actionable analytics to evaluate risk, uncover industry intel and improve decisioning. One thing’s for certain, financial institutions looking to compete, gain traction and pull away from the competition in this next decade will need to do so by leveraging a future-facing partner’s expertise, platforms and data. AI and machine learning model development will go into hyperdrive to add accuracy, efficiency, and all-out speed. Real-time transactional processing is where it’s at. 4. Customer experience drives decisioning and everything Faster, better, more frictionless. 2020 and the decade will be all about making better decisions faster, catering to the continually quickening pace of consumer attention and need. Platforms and computing language aside, how do you increase processing speed at the same time as increasing risk mitigation? Implementing decisioning environments that cater to consumer preferences, coupled with best-in-class data are the first two steps to making this happen. This can facilitate instant decisioning within financial institutions. Looking beyond digital transformation, the next frontier is digital expansion. Open platforms enable financial institutions to readily add solutions from numerous providers so that they can connect, access and orchestrate decisions across multiple systems. Flexible APIs, single integrations and better strategy and design build the foundation of the framework to be implemented to enhance and elevate customer experience as it’s known today. 5. Credit marketing that keeps up with the digital, instant-gratification age Know your customer may be a common acronym for the financial services industry, but it should also be a baseline for determining whether to send a specific message to clients and prospects. From the basics, like prescreen, to omni-channel marketing campaigns, financial institutions need to leverage the communication channels that consumers prefer. From point of sale to mobile – there are endless possibilities to fit into your consumers’ credit journey. Marketing is clearly not a one-and-done tactic, and therefore multi-channel prequalification offers and other strategies will light the path for acquisitions and cross-sell/up-sell opportunities to come. By developing insights from customer data, financial institutions have a clear line of sight into determining optimal strategies for customer acquisition and increasing customer lifetime value. And, at the pinnacle, the modern customer acquisition engine will continue to help financial institutions best build, test and optimize their customer channel targeting strategies faster than ever before. From segmentation to deployment, and the right data across it all, today and tomorrow’s technology can solve many of financial organizations’ age-old customer acquisition challenges. 6. Three Rs: Recession, regulatory and residents of the White House Last March, the yield curve inverted for the first time since 2007. Though the timing of the next economic correction is debated, messaging is consistent around making a plan of action now. Whether it’s arming your collections department, building new systems, updating existing systems, or adjusting rules and strategy, there are gaps every organization needs to fill. By leveraging the stability of the economy now, financial institutions can put strategies in place to maximize profitability, manage risk, reduce bad debt/charge-offs, and ensure regulatory compliance among their list of to-do’s, ultimately resulting in a more efficient, better-performing program. Also, as we near the election later this year, the regulatory landscape will likely change more than the usual amount. Additionally, we will witness the first accounts of what CECL looks like for SEC-filing financial institutions (and if that will suggest anything for how non-SEC-filing institutions may fare as their deadline inches closer), as well as see the initial implications of the CCPA roll out and whether it will pave a path for other states to follow. As system sophistication continues to evolve, so do the risks (like security breaches) and new regulatory standards (like GDPR and CCPA) which provide reasons for organizations to transform. 7. Focus on fraud (in all forms) With evolving technology, comes evolved fraudsters. Whether it’s loyalty and rewards programs, account openings, breaches, there are so many angles and entry points. Synthetic identity fraud is the fastest-growing type of financial crime in the United States. The cost to businesses is estimated to grow to $1.2 billion by 2020, according to the Aite Group. To ensure the best protection for your business and your customers, a layered, risk-based approach to fraud management provides the highest levels of confidence in the industry. Balance is key – while being compliant with regulatory requirements and conscious of user experience, ensuring consumers’ peace of mind is priority one. Not a new trend, but recognizing fraud and recognizing good consumers will save continue to save financial institutions money and reputational harm, driving significant improvement in key performance indicators. Using the right data (and aggregating multiple data sets) and digital device intelligence tools is the one-two punch to protect your bottom line. For all your needs in 2020 and throughout the next decade, Experian has you covered. Learn more

If you’ve been on the dating scene in the last few years, you’re probably familiar with ghosting. For those of you who aren’t, I’ll save you the trip to Urban Dictionary. “Ghosting” is when the person you’re dating disappears. No calls. No texts. No DMs. They just vanish, never to be heard from again. As troublesome as this can be, there’s a much more nefarious type of ghosting to be wary of – credit ghosting. Wait, what’s credit ghosting? Credit ghosting refers to the theft of a deceased person’s identity. According to the IRS, 2.5 million deceased identities are stolen each year. The theft often occurs shortly after someone dies, before the death is widely reported to the necessary agencies and businesses. This is because it can take months after a person dies before the Social Security Administration (SSA) and IRS receive, share, or register death records. Additionally, credit ghosting thefts can go unnoticed for months or even years if the family of the deceased does not check their credit report for activity after death. Opportunistic fraudsters check obituaries and other publicly available death records for information on the deceased. Obituaries often include a person’s birthday, address or hometown, parents’ names, occupation, and other information regularly used in identity verification. With this information fraudsters can use the deceased person’s identity and take advantage of their credit rating rather than taking the time to build it up as they would have to with other types of fraud. Criminals will apply for credit cards, loans, lines of credit, or even sign up for a cell phone plan and rack up charges before disappearing. Where did this type of identity theft come from? Credit ghosting is the result of a few issues. One traces back to a discrepancy noted by the Social Security’s inspector general. In an audit, they found that 6.5 million Social Security numbers for people born before June 16, 1901, did not have a date of death on record in the administration’s Numident (numerical identification) system – an electronic database containing Social Security number records assigned to each citizen since 1936. Without a date of death properly noted in the database, government agencies and other entities inquiring won’t necessarily know an individual is deceased, making it possible for criminals to implement credit ghosting schemes. Additionally, unreported deaths leave further holes in the system, leading to opportunity for fraudsters. When financial institutions run checks on the identity information supplied by a fraudster, it can seem legitimate. If the deceased’s credit is in good standing, the fraudster now appears to be a good customer—much like a synthetic identity—but now with the added twist that all of the information is from the same person instead of stitched together from multiple sources. It can take months before the financial institution discovers that the account has been compromised, giving fraudsters ample time to bust out and make off with the funds they’ve stolen. How can you defend against credit ghosting? Luckily, unlike your dating pipeline, there are ways to guard against ghosting in your business’ pipeline. Frontline Defense: Start by educating your customers. It’s never pleasant to consider your own passing or that of a loved one, but it’s imperative to have a plan in place for both the short and long term. Remind your customers that they should contact lenders and other financial institutions in the event of a death and continue monitoring those accounts into the future. Relatives of the deceased don’t tend to check credit reports after an estate has been settled. If the proper steps aren’t taken by the family to notify the appropriate creditors of the death, the deceased flag may not be added to their credit report before the estate is closed, leaving the deceased’s information vulnerable to fraud. By offering your customers assistance and steps to take, you can help ensure that they’re not dealing with the fallout of credit ghosting—like dealing with calls from creditors following up after the fraudster’s bust-out—on top of grieving. Backend Defense: Ensure you have the correct tools in place to spot credit ghosts when they try to enter your pipeline. Experian’s Fraud Shield includes high risk indicators and provides a deceased indicator flag so you can easily weed them out. Additionally, you can track other risk indicators like previous uses of a particular Social Security number and identify potential credit-boosting schemes. Speak to an Experian associate today about how you can increase your defenses against credit ghosting. Let's talk

Sometimes, the best offense is a good defense. That’s certainly true when it comes to detecting synthetic identities, which by their very nature become harder to find the longer they’ve been around. To launch an offense against synthetic identity fraud, you need to defend yourself from it at the top of your new customer funnel. Once fraudsters embed their fake identity into your portfolio, they become nearly impossible to detect. The Challenge Synthetic identity fraud is the fastest-growing type of financial crime in the United States. The cost to businesses is hard to determine because it’s not always caught or reported, but the amounts are staggering. According to the Aite Group, it was estimated to total at least $820 million in 2017 and grow to $1.2 billion by 2020. This type of theft begins when individual thieves and large-scale crime rings use a combination of compromised personal information—like unused social security numbers—and fabricated data to stitch together increasingly sophisticated personas. These well-crafted synthetic identities are hard to differentiate from the real deal. They often pass Know Your Customer, Customer Identification Program and other onboarding checks both in person and online. This puts the burden on you to develop new defense strategies or pay the price. Additionally, increasing pressure to grow deposits and expand loan portfolios may coincide with the relaxation of new customer criteria, allowing even more fraudsters to slip through the cracks. Because fraudsters nurture their fake identities by making payments on time and don’t exhibit other risk factors as their credit limits increase, detecting synthetic identities becomes nearly impossible, as does defending against them. How This Impacts Your Bottom Line Synthetic identity theft is sometimes viewed as a victimless crime, since no single individual has their entire identity compromised. But it’s not victimless. When undetected fraudsters finally max out their credit lines before vanishing, the financial institution is usually stuck footing the bill. These same fraudsters know that many financial institutions will automatically settle fraud claims below a specific threshold. They capitalize on this by disputing transactions just below it, keeping the goods or services they purchased without paying. Fraudsters can double-dip on a single identity bust-out by claiming identity theft to have charges removed or by using fake checks to pay off balances before maxing out the credit again and defaulting. The cost of not detecting synthetic identities doesn’t stop at the initial loss. It flows outward like ripples, including: Damage to your reputation as a trusted organization Fines for noncompliance with Know Your Customer Account opening and maintenance costs that are not recouped as they would be with a legitimate customer Mistakenly classifying fraudsters as bad debt write offs Monetary loss from fraudsters’ unpaid balances Rising collections costs as you try to track down people who don’t exist Less advantageous rates for customers in the future as your margins grow thinner These losses add up, continuing to impact your bottom line over and over again. Defensive Strategies So what can you do? Tools like eCBSV that will assist with detecting synthetic identities are coming but they’re not here yet. And once they’re in place, they won’t be an instant fix. Implementing an overly cautious fraud detection strategy on your own will cause a high number of false positives, meaning you miss out on revenue from genuine customers. Your best defense requires finding a partner to help you implement a multi-layered fraud detection strategy throughout the customer lifecycle. Detecting synthetic identities entails looking at more than a single factor (like length of credit history). You need to aggregate multiple data sets and connect multiple customer characteristics to effectively defend against synthetic identity fraud. Experian’s synthetic identity prevention tools include Synthetic Identity High Risk Score to incorporate the history and past relationships between individuals to detect anomalies. Additionally, our digital device intelligence tools perform link analyses to connect identities that seem otherwise separate. We help our partners pinpoint false identities not associated with an actual person and decrease charge offs, protecting your bottom line and helping you let good customers in while keeping false personas out. Find out how to get your synthetic identity defense in place today.

With the growing need for authentication and security, fintechs must manage risk with minimal impact to customer experience. When implementing tactical approaches for fraud risk strategy operations, keeping up with the pace of fraud is another critical consideration. How can fintechs be proactive about future-proofing fraud strategies to stay ahead of savvy fraudsters while maintaining customer expectations? I sat down with Chris Ryan, Senior Fraud Solutions Business Consultant with Experian Decision Analytics, to tap into some of his insights. Here’s what he had to say: How have changes in technology added to increased fraud risk for businesses operating in the online space? Technology introduces many risks in the online space. As it pertains to the fintech world, two stand out. First, the explosion in mobile technology. The same capabilities that make fintech products broadly accessible makes them vulnerable. Anyone with a mobile device can attempt to access a fintech and try their hand at committing fraud with very little risk of being caught or punished. Second, the evolution of an interconnected, digital ‘marketplace’ for stolen data. There’s an entire underground economy that’s focused on connecting the once-disparate pieces of information about a specific individual stolen from multiple, unrelated data breaches. Criminal misrepresentations are more complete and more convincing than ever before. What are the major market drivers and trends that have attributed to the increased risk of fraud? Ultimately, the major market drivers and trends that drive fraud risk for fintechs are customer convenience and growth. In terms of customer convenience, it’s a race to meet customer needs in real time, in a single online interaction, with a minimally invasive request for information. But, serving the demands of good customers opens opportunities for identity misuse. In terms of growth, the pressure to find new pockets of potential customers may lead fintechs into markets where consumer information is more limited, so naturally, there are some risks baked in. Are fintechs really more at risk for fraud? If so, how are fintechs responding to this dynamic threat? The challenge for many fintechs has been the prioritization of fraud as a risk that needs to be addressed. It’s understandable that fintech’s initial emphasis had to be the establishment of viable products that meet the needs of their customers. Obviously, without customers using a product, nothing else matters. Now that fintechs are hitting their stride in terms of attracting customers, they’re allocating more of their attention and innovative spirit to other areas, like fraud. With the right partner, it’s not hard for fintechs to protect themselves from fraud. They simply need to acquire reliable data that provides identity assurance without negatively impacting the customer experience. For example, fintechs can utilize data points that can be extracted from the communications channel, like device intelligence for example, or non-PII unique identifiers like phone and email account data. These are valuable risk indicators that can be collected and evaluated in real time without adding friction to the customer experience. What are the major fraud risks to fintechs and what are some of the strategies that Risk Managers can implement to protect their business? The trends we’ve talked about so far today have focused more on identity theft and other third-party fraud risks, but it’s equally important for fintechs to be mindful of first party fraud types where the owner of the identity is the culprit. There is no single solution, so the best strategy recommendation is to plan to be flexible. Fintechs demonstrate an incredible willingness to innovate, and they need to make sure the fraud platforms they pick are flexible enough to keep pace with their needs. From your perspective, what is the future of fraud and what should fintechs consider as they evolve their products? Fraud will continue to be a challenge whenever something of value is made available, particularly when the transaction is remote and the risk of any sort of prosecution is very low. Criminals will continue to revise their tactics to outwit the tools that fintechs are using, so the best long-term defense is flexibility. Being able to layer defenses, explore new data and analytics, and deploy flexible and dynamic strategies that allow highly tailored decisions is the best way for fintechs to protect themselves. Digital commerce and the online lending landscape will continue to grow at an increasing pace – hand-in-hand with the opportunities for fraud. To stay ahead of fraudsters, fintechs must be proactive about future-proofing their fraud strategies and toolkits. Experian can help. Our Fintech Digital Onboarding Bundle provides a solid baseline of cutting-edge fraud tools that protect fintechs against fraud in the digital space, via a seamless, low-friction customer experience. More importantly, the Fintech Digital Onboarding Bundle is delivered through Experian’s CrossCore platform—the premier platform in the industry recognized specifically for enabling the expansion of fraud tools across a wide range of Experian and third-party partner solutions. Click here to learn more or to speak with an Experian representative. Learn More About Chris Ryan:  Christopher Ryan is a Senior Fraud Solutions Business Consultant. He delivers expertise that helps clients make the most from data, technology and investigative resources to combat and mitigate fraud risks across the industries that Experian serves. Ryan provides clients with strategies that reduce losses attributable to fraudulent activity. He has an impressive track record of stopping fraud in retail banking, auto lending, deposits, consumer and student lending sectors, and government identity proofing. Ryan is a subject matter expert in consumer identity verification, fraud scoring and knowledge-based authentication. His expertise is his ability to understand fraud issues and how they impact customer acquisition, customer management and collections. He routinely helps clients review workflow processes, analyze redundancies and identify opportunities for process improvements. Ryan recognizes the importance of products and services that limit fraud losses, balancing expense and the customer impact that can result from trying to prevent fraud.

As the holiday shopping season kicks off, it’s prime time for fraudsters to prey on consumers who are racking up rewards points as they spend. Find out how fraud trends in loyalty and rewards programs can impact your business: Are you ready to prevent fraud this holiday season? Get started today

Experian has been named one of the 10 participants, and only credit bureau, in the initial rollout of the SSA's new eCBSV service.

What do movie actors Adam Sandler and Hugh Grant, jazz singer Michael Bublé, Russian literary giant Leo Tolstoy, and Colonel Sanders, the founder of KFC, have in common? Hint, it’s not a Nobel Prize for Literature, a Golden Globe, a Grammy Award, a trademark goatee, or a “finger-lickin’ good” bucket of chicken. Instead, they were all born on September 9, the most common birth date in the U.S. Baby Boom According to real birth data compiled from 20 years of American births, September is the most popular month to give birth to a child in America – and December, the most popular time to make one. With nine of the top 10 days to give birth falling between September 9 and September 20, one may wonder why the birth month is so common. Here are some theories: Those who get to choose their child’s birthday due to induced and elective births tend to stay away from the hospital during understaffed holiday periods and may plan their birth date around the start of the school year. Several of the most common birth dates in September correspond with average conception periods around the holidays, where couples likely have more time to spend together. Some studies within the scientific community suggest that our bodies may actually be biologically disposed to winter conceptions. While you may not be feeling that special if you were born in September, the actual differences in birth numbers between common and less common birthdays are often within just a few thousand babies. For example, September 10, the fifth most common birthday of the year, has an average birth rate of 12,143 babies. Meanwhile, April 20, the 328th most common birthday, has an average birth rate of 10,714 newborns. Surprisingly, the least common birthdays fall on Christmas Eve, Christmas Day and New Year’s Day, with Thanksgiving and Independence Day also ranking low on the list. Time to Celebrate – but Watch out! Statistically, there’s a pretty good chance that someone reading this article will soon be celebrating their birthday. And while you should be getting ready to party, you should also be on the lookout for fraudsters attempting to ruin your big day. It’s a well-known fact that cybercriminals can use your birth date as a piece of the puzzle to capture your identity and commit identity theft – which becomes a lot easier when it’s being advertised all over social media. It’s also important for employers to safeguard their organization from fraudsters who may use this information to break into corporate accounts. While sharing your birthday with a lot of people could be a good or bad thing depending on how much undivided attention you enjoy – you’re in great company! Not only can you plan a joint party with Michelle Williams, Afrojack, Cam from Modern Family, four people I went to high school with on Facebook and a handful of YouTube stars that I’m too old to know anything about, but there will be more people ringing in your birthday than any other day of the year! And that’s pretty cool.

Digital channels undoubtedly create convenient experiences for consumers. We have the luxury of applying for loans or creating investment accounts from the comfort of home. However, the same opportunities are available to fraudsters. Fraudsters continue to find creative and innovative ways to expose vulnerabilities across all types of businesses. They prey on inexperienced or low-bandwidth teams that have not invested in the appropriate fraud tools in the past. Despite the imminent fraud risk involved, both consumers and businesses continue to embrace digital channels. With 90 percent of consumers worldwide conducting personal banking online, how do we protect these digital platforms with finite resources? A leading digital financial services company was forced to address this question when they experienced a large-scale fraud attack. But they weren’t in this fight alone. Download the full case study to see how our risk analyst used FraudNet to prevent millions of dollars in fraudulent funding. Client: A leading digital financial services company that operates with zero in-person branches with more than 7,000 employees Challenge/Objective: In October 2018, fraudsters deployed a large-scale, scripted attack against a North American financial services company. The fraud team was extremely understaffed. The fraud team was unable to detect and respond to the attack quickly. The fraudulent account opening activities eventually blended into account takeovers. Resolution: Our risk analyst worked quickly to analyze the geolocation, velocity and device rules firing within FraudNet for Account Opening. By having these rules in place, FraudNet was able to flag and outsort thousands of suspicious applications. Despite being a small team, the fraud investigators were able to work efficiently within the FraudNet workbench and review the true, high-risk applications. Results: Thanks to our risk analyst’s quick remediation and the FraudNet proprietary device rules: 23,800 fraudulent applications were outsorted for review. An estimated $35.7 million in fraudulent funding was prevented. However, the fight against fraud is ongoing. Our risk analyst continues to work closely with the fraud team to develop an effective strategy to prepare against future attacks.

If you’ve seen an uptick in photos of friends and celebrities looking older with wrinkles on your social media feeds, you’re not alone. A new free photo editor has taken the internet by a storm, featuring an AI-powered image-altering application that allows users to see their “future self.” All you have to do is upload a single photo (or few) from your camera roll to be enhanced. While this may seem like harmless fun, the app is now making headlines over increased privacy concerns about what occurs behind the scenes once users submit their selfies. Red flags were raised when multiple alleged negative implications were connected to the app – including the app’s ownership and the potential risk that the app downloaded a user’s entire photo album onto their database. In fact, the privacy concerns also prompted Democratic Party officials to implore federal agencies, including the FBI, “to look into the potential national security and privacy risks the phone app poses to the United States.” Since then, the app’s creators have addressed these concerns, stating most of the photo processing occurs in the cloud and most photos are deleted within 48 hours. Additionally, the only photos uploaded are ones that have been personally submitted by the user. Regardless, a database of user-submitted photos could be seen as a goldmine to fraudsters. In a time where personal and biometric data (including facial recognition) are some of the key ways to validate security, it’s important for consumers to be aware of how and where they’re sharing their data, whether it’s for an age-progression photo app, or their financial accounts. Consumers, businesses, financial institutions – everyone – should exhibit caution and take measures to ensure personal information remains secure and is not being used for nefarious reasons. While consumers may be aware that businesses are collecting data, companies should take steps to form digital trust with transparency. This could be achieved by: Educating consumers on how their data is being used Effectively communicating privacy policies and service terms more concisely Helping consumers feel in control of their information To learn more about research that indicates a shift to advanced authentication methods (including biometrics), fraud trends and how to combat them, download our e-book. Download Now

  You can do everything you can to prepare for the unexpected. But similar to how any first-time parent feels… you might need some help. Call in the grandparents! Experian has extensive expertise and has been around for a long time in the industry, but unlike your traditional grandparents, Experian continuously innovates, researches trends, and validates best practices in fraud and identity verification. That’s why we explored two prominent fraud reports, Javelin’s 2019 Identity Fraud Study: Fraudsters Seek New Targets and Victims Bear the Brunt and Experian’s 2019 Global Identity and Fraud Report — Consumer trust: Building meaningful relationships online, to help you identify and respond to new trends surrounding fraud. What we found – and what you need to know – is there are trends, technology and tactics that can help and hinder your fraud-prevention efforts. Consider the many digital channels available today. A full 91 percent of consumers transacted online in 2018. This presents a great opportunity for businesses to serve and develop relationships with customers. It also presents a great opportunity for fraudsters as well – as almost half of consumers have experienced a fraudulent online event. Since the threat of fraud is not impacting customers’ willingness to transact online, businesses are held responsible for adapting and evolving to not only protect their customers, but to secure their bottom line. This becomes increasingly important as fraudsters continue to target and expose vulnerabilities across inexperienced lines of businesses. Or, how about passwords. Research has shown that both businesses and consumers have greater confidence in biometrics, but neither is ready to stop using passwords. The continued reliance on traditional authentication methods is a delicate balance between security, trust and convenience. Passwords provide both authentication and consumer confidence in the online experience. It also adds friction to the user experience – and sometimes aggravation when passwords are forgotten. Advanced methods, like physical and behavioral biometrics and device intelligence, are gaining user confidence by both businesses and consumers. But a completely frictionless authentication experience can leave consumers doubting the safeness of their transaction. As you respond and adapt to our ever-evolving world, we encourage you to build and strengthen a trusted relationship with your customers through transparency. Consumers know that businesses are collection data about them. When a business is transparent about the use of that data, digital trust and consumer confidence soars. Through a stronger relationship, customers are more willing to accept friction and need fewer signs of security. Learn more about these and other trends, technology and tactics that can help and hinder your authentication efforts in our new E-book, Upcoming fraud trends and how to combat them.

“Experian is transforming our business from a traditional credit bureau to a true technology and software provider,” said Craig Boundy, CEO of Experian, North America, as part of his opening remarks Monday morning to kick off the 2019 Experian Vision Conference. “We are committed to working as a force of good.” Covering the themes of financial inclusion, giving consumers control of their lives and better outcomes, a digital-first society, and the latest trends in fraud and security, Boundy addressed a crowd of over 850. Alex Lintner, Experian’s Group President, gave a quick history of the past 3,000 years, from the first credit card, to the addition of wheels to a suitcase, to the iPhone and artificial intelligence. “Innovation is not invention,” Lintner said. He gave the example of the iPhone and how a tear down analysis revealed there were no new elements; however, it was the translation of an idea into a good or service that benefited everyone (as the entire audience raised their hand when asked who had a smart phone). Lintner’s mainstage presentation also featured three live demos, including how the Ascend Technology Platform takes complex model building and outputs from days and weeks to a few clicks, to the incorporation of Small Business Financial Exchange (SBFE) data into the Ascend Analytical Sandbox (incorporating more than 17 years of small business tradeline data and 150 predictive attributes) and lastly, Experian Boost, which according to a live tracker, has boosted consumer credit scores by a total of 3.2 million points, as of this morning, since its launch eight weeks ago. Keynote Speaker: Gary D. Cohn Gary D. Cohn, Former Director of the U.S. National Economic Council, was Monday morning’s keynote speaker. He weighed in on the domestic and global economy, policy issues, financial institutions’ responsibilities and some of his predictions. Cohn brought attention to the ever-changing financial services space, including new forms of encryption and the world of biometric security, calling the financial services industry the “tip of the spear” when it comes to the digitization of the world. Session Highlights - Day 1 Machine Learning From the building blocks of neural networks to artificial intelligence, machine learning has been used in the areas of financial services that do not have adverse actions – think fraud, ID, collections. As we look to harness machine learning for models and other spaces (including adverse action), it’s important to delineate descriptive data (what’s happening now); predictive data (what’s happening in the future); prescriptive data (what am I going to do now); and cognitive data (are we asking the right question?). In addition, it’s necessary to address the five advanced analytic drivers including customer experience, cost, risk and loss, growth and compliance. Home Equity & Lending US macroeconomic trends show consumer confidence is still on an upward trend. While investor confidence is a little volatile, the GDP remains strong (though slightly slowing down) and unemployment is low and forecasted to remain low. Since 2006, the US hasn’t returned in the HELOC space. Mortgage and personal loans are up 20% and 13% respectively, while mortgages have dropped 1% and HELOCs have dropped 2%. With an estimated market potential of over $700 billion, HELOCs may be an untapped credit line given the strength of the economy. Identity Evolution From dumpster divers, aka pulling receipts out of dumpsters behind businesses, to today’s identity-based authentication, there’s been an evolution of how identity is defined as well as its corresponding risks. According to Experian’s Global Fraud & Identity Report, 74% of consumers value security as the most important part of the online experience (over convenience and personalization). However, 74% of consumers abandoned a shopping session that required too much information, and 72% of consumers said they were willing to share more data if it meant a seamless experience. What does this mean? Consumers want it all. Identity today now includes proxies and activity, which can also mean greater risk. Because of aggregators and other associated entities acting on a consumer’s behalf, there are lots of nuances that will need to be looked through. Consumer-Permissioned Data In order to be more consumer-centric, there are four levers through which consumers are given control: data accuracy, knowing their financial profile, the ability to improve their scores (via Experian BoostTM and UltraFICOTM) and protecting consumers when they permission access to their identity credentials. Using Experian Boost, consumers have seen an average increase of 13 points for consumers with positive changes. Additionally, using alternative credit data, financial institutions can score more people and score more accurately. One hundred million consumers could gain greater access to credit with consumer-permissioned data sources.   --- Meanwhile, the tech showcase featured over 20 demos covering alternative data, digital credit marketing, consumer empowerment, fraud and identity, integrated decisioning and technology. More insights from Vision to come. Follow @ExperianVision and #ExperianVision on Twitter to see more of the action.

For most businesses, building the best online experience for consumers requires a balance between security and convenience. But the challenge has always been finding a happy medium between the two – offering enough security that won’t get in the way of convenience and vice versa. In the past, it was always believed that one would always come at the expense of the other. But technology and innovation is changing how businesses approach security and is allowing them to give the maximum potential of both. Consumers want security AND convenience Consumers consider security and convenience as the foundation of their online experience. Findings from our 2019 Global Identity and Fraud Report revealed approximately 74 percent of consumers ranked security as the most important part of their online experience, followed by convenience. In other words, they expect businesses to provide them with both. We see this with how consumers are typically using the same security information each time they open a new digital account – out of convenience. But if one account is compromised, the consumer becomes vulnerable to possible fraudulent activity. With today’s technology, businesses can give consumers an easier and more secure way to access their digital accounts. Creating the optimal online experience More security usually meant creating more passwords, answering more security questions, completing CAPTCHA tests, etc. While consumers are willing to work through these friction-inducing methods to complete a transaction or access an account, it’s not always the most convenient process. Advanced data and technology has opened doors for new authentication methods, such as physical and behavioral biometrics, digital tokenization, device intelligence and machine learning, to maximize the potential for businesses to provide the best online experience possible. In fact, consumers have expressed greater confidence in businesses that implement these advanced security methods. Rates of consumer confidence in passwords was only 44 percent, compared to a 74 percent rate of consumer confidence in physical biometrics. Consumers are willing to embrace the latest security technology because it provides the security and convenience they want from businesses. While traditional forms of security were sufficient, advanced authentication methods have proven to be more reliable forms of security that consumers trust and can improve their online experience. The optimal online experience is a balance between security and convenience. Innovative technologies and data are helping businesses protect people’s identities and provide consumers with an improved online experience.  

Be warned. I’m a Philadelphia sports fan, and even after 13 months, I still relish in the only Super Bowl victory I’ve ever known as a fan. Having spent more than two decades in fraud prevention, I find that Super Bowl LII is coalescing in my mind with fraud prevention and lessons in defense more and more. Let me explain: It’s fourth-down-and-goal from the one-yard line. With less than a minute on the clock in the first half, the Eagles lead, 15 to 12. The easy option is to kick the field goal, take the three points and come back with a six-point advantage. Instead of sending out the kicking squad, the Eagles offense stays on the field to go for a touchdown. Broadcaster Cris Collingsworth memorably says, “Are they really going to go for this? You have to take the three!” On the other side are the New England Patriots, winners of two of the last three Super Bowls. Love them or hate them, the Patriots under coach Bill Belichick are more likely than any team in league history to prevent the Eagles from scoring at this moment. After the offense sets up, quarterback Nick Foles walks away from his position in the backfield to shout instructions to his offensive line. The Patriots are licking their chops. The play starts, and the ball is snapped — not to Foles as everyone expects, but to running back Corey Clement. Clement takes two steps to his left and tosses the ball the tight end Trey Burton, who’s running in the opposite direction. Meanwhile, Foles pauses as if he’s not part of the play, then trots lazily toward the end zone. Burton lobs a pass over pursuing defenders into Foles’ outstretched hands. This is the “Philly Special” — touchdown! Let me break this down: A third-string rookie running back takes the snap, makes a perfect toss — on the run — to an undrafted tight end. The tight end, who hasn’t thrown a pass in a game since college, then throws a touchdown pass to a backup quarterback who hasn’t caught a ball in any athletic event since he played basketball in high school. A play that has never been run by the Eagles, led by a coach who was criticized as the worst in pro football just a year before, is perfectly executed under the biggest spotlight against the most dominant team in NFL history. So what does this have to do with fraud? There’s currently an outbreak of breach-fueled credential stuffing. In the past couple of months, billions of usernames and passwords stolen in various high-profile data breaches have been compiled and made available to criminals in data sets described as “Collections 1 through 5.” Criminals acquire credentials in large numbers and attack websites by attempting to login with each set — effectively “stuffing” the server with login requests. Based on consumer propensity to reuse login credentials, the criminals succeed and get access to a customer account between 1 in 1,000 and 1 in 50 attempts. Using readily available tools, basic information like IP address and browser version are easy enough to alter/conceal making the attack harder to detect. Credential stuffing is like the Philly Special: Credential stuffing doesn’t require a group of elite all-stars. Like the Eagles’ players with relatively little experience executing their roles in the Philly Special, criminals with some computer skills, some initiative and the guts to try credential stuffing can score. The best-prepared defense isn’t always enough. The Patriots surely did their homework. They set up their defense to stop what they expected the Eagles to do based on extensive research. They knew the threats posed by every Eagle on the field. They knew what the Eagles’ coaches had done in similar circumstances throughout their careers. The defense wasn’t guessing. They were as prepared as they could have been. It’s the second point that worries me when I think of credential stuffing. Consumers reuse online credentials with alarming frequency, so a stolen set of credentials is likely to work across multiple organizations, possibly even yours. On top of that, traditional device recognition like cookies can’t identify and stop today’s sophisticated fraudsters. The best-prepared organizations feel great about their ability to stop the threats they’re aware of. Once they’ve seen a scheme, they make investments, improve their defenses, and position their players to recognize a risk and stop it. Sometimes past expertise won’t stop the play you can’t see coming.  

How can fintech companies ensure they’re one step ahead of fraudsters? Kathleen Peters discusses how fintechs can prepare for success in fraud prevention.