Tag: precise ID

With more consumers online, bad actors are taking the opportunity to commit more financial crimes, such as account takeover fraud. This online scheme resulted in nearly $13 billion in losses in 2023, up from $11 billion in 2022.1 So, what do organizations need to know about this form of identity theft? And how can they prevent it? Let’s explore one type of account takeover fraud: email account takeover. What is email account takeover? Email account takeover occurs when a fraudster gains access to a legitimate user’s email account through data breaches that expose credentials, purchasing from the dark web, or phishing scams. It's usually one of the first steps in a broader account takeover scheme. Once fraudsters have access to a consumer’s email or social media account, they have access to the private information in that consumer’s inbox: financial statements, health records, and other forms of PII. Fraudsters can also now use the consumer’s email to impersonate them with friends, family, financial institutions or other businesses they interact with.   They can also gain access to other accounts and here’s where email account takeover becomes more dangerous. In this attack, the fraudster gains access to an email or mobile account. Once they have an email, they start by trying to guess the user’s password, commonly called a brute force attack, or through password spraying, where they use commonly used passwords, i.e. ‘password’ or ‘123123.  A recent Google survey found that 65% of people use the same password for some or all of their online accounts. This, along with a corresponding email address can give fraudsters further entre into a consumer’s other accounts. If unsuccessful, they’ll then execute a ‘forgot password’, password reset, or one-time password. Then, they take over the victim’s account with their financial institution to facilitate the transfer of funds from the compromised account. 57% of businesses are experiencing rising fraud losses associated with account opening and account takeover.2 While email account takeover can be quickly executed, detecting it can take time. Unlike credit card fraud, where an individual may soon notice suspicious activity, an email account takeover can go undetected for longer. The owner may not realize until later that their account has been compromised, especially with a dormant account or secondary account they use less. As a result, criminals have more time to facilitate additional attacks. LEARN MORE: Explore 2024 fraud trends listed by Experian. How does it affect your organization? Account takeover fraud doesn't just impact consumers, it can result in significant financial losses for organizations. For example, if your organization offers credit products, you might have to cover the costs of disputing chargebacks, card processing fees, or providing refunds. In the case of a data breach, you may have to pay fines against your organization for not properly protecting consumer information. Nearly two-thirds of consumers say they’re very or somewhat concerned with online security.3 But email account takeover isn't just costly — it can damage your organization's reputation. Consumers expect organizations to have proper security measures in place to protect their information. If a data breach occurs, your security can seem weak, leading consumers to lose trust in your organization. As a result, they may potentially take their business elsewhere. The importance of prevention While consumers listed identity theft as their top concern when conducting activities online, they’re still interacting, opening new accounts, and transacting digitally.4 Coupled with the rise of account takeover fraud and associated losses, it’s more crucial than ever for organizations to accurately detect and prevent these attacks. To do this, they must have a proactive fraud prevention strategy in place. Account takeover fraud prevention requires your business to maintain and continuously reaffirm confidence in the identity data you collect. Your team can monitor, segment, and proactively act on customer identities that display a higher risk of fraud than was determined at account origination through risk-based fraud detection models, machine learning, and advanced analytics. Experian offers many flexible solutions, including: CrossCore® Solutions are best practice-based groupings of fraud and identity products that enable organizations to solve common to complex issues. For example, our fraud risk solutions include email and phone intelligence to improve verification for thin-files and other challenging populations. Experian offers phone/carrier-based matching capabilities with address validity and occupancy data for >95% of U.S. households. FraudNet is a device intelligence solution that analyzes hundreds of device attributes and prevents fraud on all digital channels. Combining contextual data, behavioral data, and device data, it bridges the gap between physical and digital identity to achieve fraud capture rates that exceed industry averages. To further alleviate account takeover fraud, your organization can offer educational resources for fraud prevention. Using various, strong passwords across their accounts, and changing them regularly, is a foundational way consumers can help ensure their accounts are secure. Leveraging user names that are different from your email can also help. If a fraudster is able to takeover an account and initiate a lost password request, and that password is used for other accounts, that fraudster now has the credentials they need to further defraud that consumer. By spreading awareness about identity fraud risks and providing best practices for prevention, you can better protect your organization and consumers. LEARN MORE: Building a multilayered fraud and identity strategy with CrossCore Solutions Partnering with Experian Email account takeover, along with other types of fraud, can be detected and prevented with the right partner. Experian’s fraud management solutions can help your organization accurately verify customers and assess risk with our account takeover and fraud management solutions. Explore Experian’s account takeover solutions and watch an on-demand recording of our Fraud Risk and Identity Verification Solutions tech showcase. Learn more Watch tech showcase 1 Identity Fraud Cost Americans $43 Billion in 2023, AARP. 2-4 2023 U.S. Identity and Fraud Report, Experian.

In the wake of unprecedented unemployment fraud since the start of COVID-19, Experian announced it was selected as the exclusive partner for identity and fraud verification for the Unemployment Insurance (UI) Integrity Center’s centralized Identity Verification (IDV) capability. IDV is available to state agencies at no cost through UI Integrity Center, which is operated by the National Association of Workforce Agencies (NASWA) in partnership with the U.S. Department of Labor.   With the Federal Bureau of Investigations (FBI) reporting a spike in fraudulent unemployment insurance claims complaints related to COVID-19, it’s more important than ever for state agencies to use innovative solutions to verify identities that are applying for unemployment insurance to protect consumers. If improper unemployment insurance payments are made to fraudsters, the efforts of the CARES Act could be largely wasted.   The IDV capability leverages Experian’s Precise IDTM to provide a centralized identity verification and proofing solution. Precise ID combines identity analytics with advanced fraud risk models to distinguish various types of fraud, which can help state agencies maximize time and resources. When state agencies submit claims, the IDV solution will return ID theft scoring and associated cause codes, enabling them to assess whether a claim may be fraudulent.   “Due to the COVID-19 health crisis, unemployment is high, with over roughly 60 million Americans filing for unemployment since March,” said Robert Boxberger, president of Experian’s Decision Analytics in North America. “At Experian, we’re proud to have a strong culture dedicated to continuous innovation that helps protect consumers’ financial health. We’re taking that same consumer focus and helping make the unemployment insurance application process more efficient and safer for constituents.”   The Integrity Data Hub (IDH) is a robust, multi-state data system that contains a continuously expanding set of sources to provide advanced cross-matching and analytic capabilities to states. It is designed to be easily implemented by any state Unemployment Insurance agency, regardless of claim volume, technology, or access to internal resources. The IDH was designed and built using the latest National Institute of Standards and Technology IT security standards, including the use of asymmetric encryption and other techniques to ensure the security of sensitive data.   “We’re excited to partner with Experian and utilize its Precise ID solution to assist states in mitigating fraud during these unprecedented times,” said Scott Sanders, NASWA Executive Director. “States are finding this to be a very valuable tool and we are pleased that we can offer this solution to states through our partnership with the U.S. Department of Labor.” Read Press Release Learn More About Precise ID

One of the most difficult parts of combating fraud is the ability to distinguish between the variety of fraud types. To properly manage your fraud efforts, you need to be able to differentiate between first party fraud and third party fraud so you can determine the best treatment. After all, if you’re treating first party fraud as though it’s third party fraud, the customer you’re contacting for verification will give whatever information they need to in order to continue their criminal actions. So how do you verify each type of fraud without adding additional overhead or increasing the friction experienced by your customers? Combating Fraud During an Economic Downturn Particularly in times of economic uncertainty, the ability to detect and identify individual fraud types allows you to work to prevent them in the future. Through proper identification, you can also apply the correct treatments to maximize the effectiveness of your fraud response teams, since the treatment for first and third party fraud is different. During the economic upswing, first party fraud was a secondary concern. Businesses were easing friction to help continue growth. Now, the same customers that businesses thought would drive growth are hurting and unable to help offset the losses caused by bad actors. Now is the time to revisit existing fraud prevention and mitigation strategies to ensure that fraud is properly identified, and the correct treatments are applied. Introducing Precise ID® Model Suite Experian’s Precise ID Model Suite combines identity analytics with advanced fraud risk models to: Protect the entire customer journey again fraud – across account opening, login, maintenance and transactions Distinguish first-party, third-party, and synthetic identity fraud to determine the best next action Enable agility during changing market conditions Maintain regulatory compliance (including: KYC, CIP, GLBA, FCRA, FFIEC, PATRIOT Act, FACTA, and more) Improve overall fraud management strategies and reduce losses Precise ID Model Suite allows you to detect and distinguish types of fraud with a single call – enabling your business to maximize efficiency and eliminate redundancy across your fraud prevention teams. By accurately recognizing risk, and in particular, recognizing that first party fraud is in fact a type of fraud distinct from credit risk, you’re able to protect your portfolio and your customers. Learn more