Tag: third party fraud

Fraud and identity theft in the automotive industry continue to make headlines with the result bringing significant monetary losses for dealers. In 2022, more than 60% of automotive dealerships filed cases of identity theft losing three or more vehicles, with 84% saying there has been a noticeable increase in identity fraud since the pandemic. Even though dealers understand that fraud is on the rise, 66% stated they lacked adequate identity fraud protections [1]. In a recent episode of the Used Car Dealer Podcast, host Zach Klempf, spoke with Kanchana Sundaram, Experian's senior director of product and innovation for automotive, to discuss Fraud Protect, a new tool from Experian that helps dealers combat fraud. During the interview, Kanchana highlighted how dealers can use Fraud Protect to better identify potentially fraudulent behavior, without slowing down the sales process and still maintaining a positive experience for both them and the consumer. By leveraging the latest technology and advanced analytics, dealers are able to detect some of the most common fraud types that include: Third-party fraud: Fraudsters steal an individual’s identity to purchase a vehicle First-party fraud: A person knowingly misrepresents their identity or provides false information, often with the intention of not paying for the vehicle Synthetic identity fraud: Fraudsters create fake identities and build credit profiles over time before using them to finance a vehicle they do not intend to pay for The episode is now available across all major podcast platforms, click the link to watch: YouTube To learn more about Fraud Protect, visit Experian’s auto fraud prevention solutions webpage. For more information on the Used Car Dealer Podcast, visit https://www.sellyautomotive.com/podcast Facebook – @SellyAutomotive ‘X’ – @SellyAutomotive LinkedIn – @SellyAutomotive 1. https://www.elendsolutions.com/research/2022-Identity-Fraud-Survey-Report/

This article was updated on November 9, 2023. Fraud – it’s a word that comes up in conversations across every industry. While there’s a general awareness that fraud is on the rise and is constantly evolving, for many the full impact of fraud is misunderstood and underestimated. At the heart of this challenge is the tendency to lump different types of fraud together into one big problem, and then look for a single solution that addresses it. It’s as if we’re trying to figure out how to un-bake a terrible cake instead of thinking about the ingredients and the process needed to put them together in the first place. This is the first of a series of articles in which we’ll look at some of the key ingredients that create different types of fraud, including first party, third party, synthetic identity, and account takeover. We’ll talk about why they’re unique and why we need to approach each one differently. At the end of the series, we’ll get a result that’s easier to digest. I had second thoughts about the cake metaphor, but in truth it really works. Creating a good fraud risk management process is a lot like baking. We need to know the ingredients and some tried-and-true methods to get the best result. With that foundation in place, we can look for ways to improve the outcome every time. Let’s start with a look at the best known type of fraud, third party. What is third-party fraud? Third-party fraud – generally known as identity theft – occurs when a malicious actor uses another person’s identifying information to open new accounts without the knowledge of the individual whose information is being used. When you consider first-party vs third-party fraud, or synthetic identity fraud, third-party stands out because it involves an identifiable victim that’s willing to collaborate in the investigation and resolution, for the simple reason that they don’t want to be responsible for the obligation made under their name. Third-party fraud is often the only type of activity that’s classified as fraud by financial institutions. The presence of an identifiable victim creates a high level of certainty that fraud has indeed occurred. That certainty enables financial institutions to properly categorize the losses. Since there is a victim associated with it, third party fraud tends to have a shorter lifespan than other types. When victims become aware of what’s happening, they generally take steps to protect themselves and intervene where they know their identity has been potentially misused. As a result, the timeline for third-party fraud is shorter, with fraudsters acting quickly to maximize the funds they’re able to amass before busting out. How does third-party fraud impact me? As the digital transformation continues, more and more personally identifiable information (PII) is available on the dark web due to data breaches and phishing scams. Given that consumer spending is expected to increase1, we anticipate that the amount of PII readily available to criminals will only continue to grow. All of this will lead to identity theft and increase the risk of third-party fraud. More than $43 billion in total losses was reported due to identity theft and fraud in the U.S. in 2022.2 Solving the third-party fraud problem We’ve examined one part of the fraud problem, and it is a complex one. With Experian as your partner, solving for it isn’t. Continuing my cake metaphor, by following the right steps and including the right ingredients, businesses can detect and prevent fraud. Third-party fraud detection and prevention involves two distinct steps. Analytics: Driven by extensive data that captures the ways in which people present their identity—plus artificial intelligence and machine learning—good analytics can detect inconsistencies, and patterns of usage that are out of character for the person, or similar to past instances of known fraud. Verification: The advantage of dealing with third-party fraud is the availability of a victim that will confirm when fraud is happening. The verification step refers to the process of making contact with the identity owner to obtain that confirmation and may involve identity resolution. It does require some thought and discipline to make sure that the contact information used leads to the identity owner—and not to the fraudster. In a series of articles, we’ll be exploring first-party fraud, synthetic identity fraud, and account takeover fraud and how a layered fraud management solution can help keep your business and customers safe and manage third-party fraud detection, first-party fraud, synthetic identity fraud, and account takeover fraud prevention. Let us know if you’d like to learn more about how Experian is using our identity expertise, data, and analytics to create robust fraud prevention solutions. Contact us 1 Experian Ascend Sandbox 2 2023 U.S. Identity and Fraud Report, Experian.

More than half of U.S. businesses say they discuss fraud management often, making fraud detection in banking top-of-mind. Banking fraud prevention can seem daunting, but with the proper tools, banks, credit unions, fintechs, and other financial institutions can frustrate and root out fraudsters while maintaining a positive experience for good customers. What is banking fraud? Banking fraud is a type of financial crime that uses illegal means to obtain money, assets, or other property owned or held by a bank, other financial institution, or customers of the bank. This type of fraud can be difficult to detect when misclassified as credit risk or written off as a loss rather than investigated and prevented in the future. Fraud that impacts financial institutions consists of small-scale one-off events or larger efforts perpetrated by fraud rings. Not long ago, many of the techniques utilized by fraudsters required in-person or phone-based activities. Now, many of these activities are online, making it easier for fraudsters to disguise their intent and perpetrate multiple attacks at once or in sequence. Banking fraud can include: Identity theft: When a bad actor steals a consumer’s personal information and uses it to take money, open credit accounts, make purchases, and more. Check fraud: This type of fraud occurs when a fraudster writes a bad check, forges information, or steals and alters someone else’s check. Credit card fraud: A form of identity theft where a bad actor makes purchases or gets a cash advance in the name of an unsuspecting consumer. The fraudster may takeover an existing account by gaining access to account numbers online, steal a physical card, or open a new account in someone else’s name.  Phishing: These malicious efforts allow scammers to steal personal and account information through use of email, or in the case of smishing, through text messages. The fraudster often sends a link to the consumer that looks legitimate but is designed to steal login information, personally identifiable information, and more. Direct deposit account fraud: Also known as DDA fraud, criminals monetize stolen information to open new accounts and divert funds from payroll, assistance programs, and more. Unfortunately, this type of fraud doesn’t just lead to lost funds – it also exposes consumer data, impacts banks’ reputations, and has larger implications for the financial system. Today, top concerns for banks include generative AI (GenAI) fraud, peer-to-peer (P2P) payment scams, identity theft and transaction fraud. Without the proper detection and prevention techniques, it’s difficult for banks to keep fraudsters perpetrating these schemes out. What is banking fraud prevention? Detecting and preventing banking fraud consists of a set of techniques and tasks that help protect customers, assets and systems from those with malicious intent. Risk management solutions for banks identify fraudulent access attempts, suspicious transfer requests, signs of false identities, and more. The financial industry is constantly evolving, and so are fraudsters. As a result, it’s important for organizations to stay ahead of the curve by investing in new fraud prevention technologies. Depending on the size and sophistication of your institution, the tools and techniques that comprise your banking fraud prevention solutions may look different. However, every strategy should include multiple layers of friction designed to trip up fraudsters enough to abandon their efforts, and include flags for suspicious activity and other indicators that a user or transaction requires further scrutiny.   Some of the emerging trends in banking fraud prevention include: Use of artificial intelligence (AI) and machine learning (ML). While these technologies aren’t new, they are finding footing across industries as they can be used to identify patterns consistent with fraudulent activity – some of which are difficult or time-consuming to detect with traditional methods. Behavioral analytics and biometrics. By noting standard customer behaviors — e.g., which devices they use and when — and how they use those devices — looking for markers of human behavior vs. bot or fraud ring activity — organizations can flag riskier users for additional authentication and verification. Leveraging additional data sources. By looking beyond standard credit reports when opening credit accounts, organizations can better detect signs of identity theft, synthetic identities, and even potential first-party fraud.     With real-time fraud detection tools in place, financial institutions can more easily identify good consumers and allow them to complete their requests while applying the right amount and type of friction to detect and prevent fraud.   How to prevent and detect banking fraud In order to be successful in the fight against fraud and keep yourself and your customers safe, financial institutions of all sizes and types must: Balance risk mitigation with the customer experience Ensure seamless interactions across platforms for known consumers who present little to no risk Leverage proper identity resolution and verification tools Recognize good consumers and apply the proper fraud mitigation techniques to riskier scenarios With Experian’s interconnected approach to fraud detection in banking, incorporating data, analytics, fraud risk scores, device intelligence, and more, you can track and assess various activities and determine where additional authentication, friction, or human intervention is required. Learn more

What is elder abuse fraud? Financial abuse is reportedly the fastest-growing form of elder abuse, leaving many Americans vulnerable to theft scams, and putting businesses and other organizations on the frontlines to provide protection and help prevent fraud losses.   Financial elder abuse fraud occurs when someone illegally uses a senior’s money or other property. This can be someone they know, or a third party – like fraudsters who are perpetrating romance scams Older consumers and other vulnerable digital newbies were prime targets for this type of abuse during the start of the pandemic when many of them became active online for the first time or started transacting in new ways. This made them especially attractive targets for social engineering (when a fraudster manipulates a person to divulge confidential or private information) and account takeover fraud. While most of us have become used to life online (in fact, there’s been a 25% increase in online activity since the start of the pandemic), some seniors still have risky habits such as poor password maintenance, that can make them more attractive targets for fraudsters. What is the impact of elder abuse fraud? According to the FBI’s Internet Crime Complaint Center (IC3), elder abuse fraud cost Americans over the age of 60 more than $966 million in 2020. In addition to the direct cost to consumers, elder abuse fraud can leave organizations vulnerable to the fallout from data breaches via account takeover, and lost time and money spent helping seniors and other vulnerable Americans recoup their losses, reset accounts, and more. Further, the victim may associate the fraud with the bank, healthcare provider, or other businesses where the account was taken over and decide to stop utilizing that entity all together. How can organizations prevent elder abuse fraud? Preventing elder abuse fraud can take many forms. Organizations should start with a robust fraud management solution that can help prevent account takeover, first-party, synthetic identity fraud, and more. This platform should also include the ability to use data analysis to detect and flag sudden changes in financial behavior, online activities, and transaction locations that could indicate abuse or takeover of the account. With the right fraud strategy in place, organizations can help prevent fraud and build trust with older generations. Given that 95% of Baby Boomers cite security as the most important aspect of their online experience, this step is too important to miss.   To learn more about how Experian is helping organizations develop and maintain effective fraud and identity solutions, be sure to visit us or request a call. Contact us  

Earlier this year, we shared our predictions for five fraud threats facing businesses in 2021. Now that we’ve reached the midpoint of the year and economic recovery is underway, we’re taking another look at how these threats can impact businesses and consumers.   Putting a Face to Frankenstein IDs: Synthetic identity fraudsters will attempt to bypass fraud detection methods by using AI to combine facial characteristics from different people to form a new identity. Overexposure: As many as 80% of SSNs may have been exposed on the dark web, creating opportunities for account application fraud. The Heist: Surges in data breaches, advances in automation, expanded online banking services and vulnerabilities exposed from social engineering mistakes have lead to rises in account takeover fraud. Overstimulated: Opportunistic fraudsters may take advantage of ongoing relief payments by using stolen data from consumers. Behind the Times: Businesses with lackluster fraud prevention tools and insufficient online security technology will likely experience more attacks and suffer larger losses.   To learn more about upcoming fraud threats and how to protect your business, download our new infographic and check out Experian’s fraud prevention solutions. Download infographic Request a call

Preventing fraud losses requires an understanding of each individual fraud type—including third-party, first-party, synthetic identity, and account takeover fraud—and how they differ from one another. It’s only with a multi-layered fraud strategy that businesses can adequately detect and treat each type of fraud while maintaining the customer experience. When’s the last time you reviewed your existing fraud strategy? Download infographic Review your fraud strategy

It’s clear that the digital transformation we experienced this year is here to stay. While there are many positives associated with this transformation – innovation, new ways to work, and greater online connectedness – it’s important that we review the risks associated with these trends as well.   In late 2019 and throughout 2020, Experian surveyed consumers and businesses. We asked about online habits, expectations for information security and plans for future spending. Unsurprisingly, about half of consumers think they’ll continue to spend more online in the coming year. Those same consumers now have a higher expectation for their online experience than before the onset of COVID-19.   Hand-in-hand with the online activity trends come increased risks associated with identity theft and fraud as criminals find new chances to steal information. In response to both of these trends, businesses and consumers want a balance between security and convenience.   Our latest trends report dives into the new opportunities 2020 has created for fraud, and the opportunities to prevent identity theft or manipulation and the associated losses while building stronger relationships.   Download the full North America Trends Report for a look into North American trends over the last year and to learn how fraud prevention and positive customer relationships are actually two sides of the same coin. North America Trends Report

Experian’s Chris Ryan and Bobbie Paul recently re-joined David Mattei from Aite to discuss how emerging fraud trends and changes in consumer behavior will have long-term impacts on businesses. Chris, Bobbie, and David have combined experience of more than 60 years in the world of fraud prevention. In this discussion, they bring that experience to bear as they review how businesses should revise their long-term fraud strategy in response to COVID-19 and the subsequent economic shifts, including: The requirements to authenticate a digital customer Businesses’ technology challenges Differentiating between first party and third party fraud The importance of businesses’ technology investment How to build a roadmap for the next 90 days and beyond Experian · Make Your Fraud Plan Recession-Ready: Your 90 Day and Beyond Plan

One of the most difficult parts of combating fraud is the ability to distinguish between the variety of fraud types. To properly manage your fraud efforts, you need to be able to differentiate between first party fraud and third party fraud so you can determine the best treatment. After all, if you’re treating first party fraud as though it’s third party fraud, the customer you’re contacting for verification will give whatever information they need to in order to continue their criminal actions. So how do you verify each type of fraud without adding additional overhead or increasing the friction experienced by your customers? Combating Fraud During an Economic Downturn Particularly in times of economic uncertainty, the ability to detect and identify individual fraud types allows you to work to prevent them in the future. Through proper identification, you can also apply the correct treatments to maximize the effectiveness of your fraud response teams, since the treatment for first and third party fraud is different. During the economic upswing, first party fraud was a secondary concern. Businesses were easing friction to help continue growth. Now, the same customers that businesses thought would drive growth are hurting and unable to help offset the losses caused by bad actors. Now is the time to revisit existing fraud prevention and mitigation strategies to ensure that fraud is properly identified, and the correct treatments are applied. Introducing Precise ID® Model Suite Experian’s Precise ID Model Suite combines identity analytics with advanced fraud risk models to: Protect the entire customer journey again fraud – across account opening, login, maintenance and transactions Distinguish first-party, third-party, and synthetic identity fraud to determine the best next action Enable agility during changing market conditions Maintain regulatory compliance (including: KYC, CIP, GLBA, FCRA, FFIEC, PATRIOT Act, FACTA, and more) Improve overall fraud management strategies and reduce losses Precise ID Model Suite allows you to detect and distinguish types of fraud with a single call – enabling your business to maximize efficiency and eliminate redundancy across your fraud prevention teams. By accurately recognizing risk, and in particular, recognizing that first party fraud is in fact a type of fraud distinct from credit risk, you’re able to protect your portfolio and your customers. Learn more

The response to the coronavirus (COVID-19) health crisis requires a brand-new mindset from businesses across the country. As part of our recently launched Q&A perspective series, Jim Bander, Market Lead of Analytics and Optimization and Kathleen Peters, Senior Vice President of Fraud and Identity, provided insight into how businesses can work to mitigate fraud and portfolio risk. Q: How can financial institutions mitigate fraud risk while monitoring portfolios? JB: The most important shift in portfolio monitoring is the view of the customer, because it’s very different during times of crisis than it is during expansionary periods. Financial institutions need to take a holistic view of their customers and use additional credit dimensions to understand consumers’ reactions to stress. While many businesses were preparing for a recession, the economic downturn caused by the coronavirus has already surpassed the stress-testing that most businesses performed. To help mitigate the increased risk, businesses need to understand how their stress testing was performed in the past and run new stress tests to understand how financially sound their institution is. KP: Most businesses—and particularly financial institutions—have suspended or relaxed many of their usual risk mitigation tools and strategies, in an effort to help support customers during this time of uncertainty. Many financial institutions are offering debt and late fee forgiveness, credit extensions, and more to help consumers bridge the financial gaps caused by the economic downturn. Unfortunately, the same actions that help consumers can hamstring fraud prevention efforts because they impact the usual risk indicators. To weather this storm, financial institutions need to pivot from standard risk mitigation strategies to more targeted fraud and identity strategies. Q: How can financial institutions’ exposure to risk be managed? JB: Financial institutions are trying to extend as much credit as is reasonably possible—per government guidelines—but when the first stage of this crisis passes, they need to be prepared to deal with the consequences. Specifically, which borrowers will actually repay their loans. Financial institutions should monitor consumer health and use proactive outreach to offer assistance while keeping a finger on the pulse of their customers’ financial health. For the foreseeable future, the focus will be on extending credit, not collecting on debt, but now is the time to start preparing for the economic aftermath. Consumer health monitoring is key, and it must include a strategy to differentiate credit abusers and other fraudsters from overall good consumers who are just financially stressed. KP: As financial institutions work to get all of their customers set up with online and mobile banking and account access, there’s an influx of new requests that all require consumer authentication, device identification, and sometimes even underwriting. All of this puts pressure on already strained resources which means increased fraud risk. To manage this risk, businesses need to balance customer experience—particularly minimizing friction—with vigilance against fraudsters and reputational risk. It will require a robust and flexible fraud strategy that utilizes automated tools as much as possible to free up personnel to follow up on the riskiest users and transactions.   Experian is closely monitoring the updates around the coronavirus outbreak and its widespread impact on both consumers and businesses. We will continue to share industry-leading insights to help financial institutions manage their portfolios and protect against losses. Learn more About Our Experts: [avatar user="jim.bander" /] Jim Bander, Market Lead, Analytics and Optimization, Experian Decision Analytics, North America Jim joined Experian in April 2018 and is responsible for solutions and value propositions applying analytics for financial institutions and other Experian business-to-business clients throughout North America. He has over 20 years of analytics, software, engineering and risk management experience across a variety of industries and disciplines. Jim has applied decision science to many industries, including banking, transportation and the public sector. [avatar user="kathleen.peters" /] Kathleen Peters, Vice President, Fraud and Identity, Experian Decision Analytics, North America Kathleen joined Experian in 2013 to lead business development and international sales for the recently acquired 41st Parameter business in San Jose, Calif. She went on to lead product management for Experian’s fraud and identity group within the global Decision Analytics organization, launching Experian’s CrossCore® platform in 2016, a groundbreaking and award-winning new offering for the fraud and identity market. The last two years, Kathleen has been named a “Top 100 Influencer in Identity” by One World Identity (OWI), an exclusive list that annually recognizes influencers and leaders from across the globe, showcasing a who’s who of people to know in the identity space.

For the last several years, as the global economy flourished, the opportunities created by removing friction and driving growth guided business strategies governing identity and fraud. The amount of profitable business available in a low-friction environment simply outweighed the fraud that could be mitigated with more stringent verification methods. Now that we’re facing a global crisis, it’s time to reconsider the approach that drove the economic boom that defined that last decade. Recognizing how economic changes impact fraud At the highest level, we separate fraud into two types; third party fraud and first party fraud. In simple terms, third party fraud involves the misuse of a real customer’s identity or unauthorized access to a real customer’s accounts or assets. First party fraud involves the use of an identity that the fraudster controls—whether it’s their own identity, a manipulated version of their own identity, or a synthetic identity that they have created. The important difference in this case is that the methods of finding and stopping third party fraud remain constant even in the event of an economic downturn – establish contact with the owner of the identity and verify whether the events are legitimate. Fraud tactics will evolve, and volumes increase as perpetrators also face pressure to generate income, but at the end of the day, a real person is being impersonated, and a victim exists that will confirm when fraud is taking place. Changes in first party fraud during an economic downturn are dramatically different and much more problematic. The baseline level of first party fraud using synthetic, manipulated and the perpetrator’s own identity continue, but they are augmented by real people facing desperate circumstances and existing “good” customers who over-extend while awaiting a turn-around. The problem is that there is no “victim” to confirm fraud is occurring, and the line between fraud (which implies intent) and credit default (which does not) becomes very difficult to navigate. With limited resources and pressures of their own, at some point lenders must try to distinguish deliberate theft from good customers facing bad circumstances and manage cases accordingly. The new strategy When times are good, it’s easier to build up a solid book of business with good customers. Employment rates are high, incomes are stable, and the risks are manageable. Now, we’re experiencing rapidly changing conditions, entire industries are disrupted, unemployment claims have skyrocketed and customers will need assistance and support from their lenders to help them weather the storm. This is a reciprocal relationship – it behooves those same lenders to help their customers get through to the other side. Lenders will look to limit losses and strengthen relationships. At the same time, they’ll need to reassess their existing fraud and identity strategies (among others) as every interaction with a customer takes on new meaning. Unexpected losses We’ve all been bracing for a recession for a while. But no one expected it to show up quite like it did. Consumers who have been model customers are suddenly faced with a complete shift in their daily life. A job that seemed secure may be less so, investments are less lucrative in the short term, and small business owners are feeling the pressure of a change in day-to-day commerce. All of this can lead to unexpected losses from formerly low-risk customers. As this occurs, it becomes more critical than ever to identify and help good customers facing grim circumstances and find different ways to handle those that have malicious intent. Shifting priorities When the economy was strong, many businesses were able to accept higher losses because those losses were offset by immense growth. Unfortunately, the current crisis means that some of those policies could have unforeseen consequences. For instance – the loss of the ability to differentiate between a good customer who has fallen on hard times and someone who’s been a bad actor from the start. Additionally, businesses need to revise their risk management strategies to align with shifting customer needs. The demand for emergency loans and will likely rise, while loans for new purchases like cars and homes will fall as consumers look to keep their finances secure. As the need to assist customers in distress rises and internal resources are stressed, it’s critical that companies have the right tools in place to triage and help customers who are truly in need. The good news The tools businesses like yours need to screen first party fraud already exist. In fact, you may already have the necessary framework in place thanks to an existing partnership, and a relatively simple process could prepare your business to properly screen both new and existing customers at every touchpoint. This global crisis is nowhere near over, but with the right tools, your business can protect itself and your customers from increased fraud risks and losses of all sorts – first party, stolen identities, or synthetic identities, and come out on the other side even stronger. Contact Experian for a review of your current fraud strategy to help ensure you’re prepared to face upcoming challenges. Contact us

By: Ken Pruett I want to touch a bit on some of the third party fraud scenarios that are often top of mind with our customers: identity theft; synthetic identities; and account takeover. Identity Theft Identity theft usually occurs during the acquisition stage of the customer life cycle. Simply put, identity theft is the use of stolen identity information to fraudulently open up a new account.  These accounts do not have to be just credit card related. For example, there are instances of people using others identities to open up wireless phone and utilities accounts Recent fraud trends show this type of fraud is on the rise again after a decrease over the past several years.  A recent Experian study found that people who have better credit scores are more likely to have their identity stolen than those with very poor credit scores. It does seem logical that fraudsters would likely opt to steal an identity from someone with higher credit limits and available purchasing power.  This type of fraud gets the majority of media attention because it is the consumer who is often the victim (as opposed to a major corporation). Fraud changes over time and recent findings show that looking at data from a historical perspective is a good way to help prevent identity theft.  For example, if you see a phone number being used by multiple parties, this could be an indicator of a fraud ring in action.  Using these types of data elements can make your fraud models much more predictive and reduce your fraud referral rates. Synthetic Identities Synthetic Identities are another acquisition fraud problem.  It is similar to identity theft, but the information used is fictitious in nature.  The fraud perpetrator may be taking pieces of information from a variety of parties to create a new identity.  Trade lines may be purchased from companies who act as middle men between good consumers with good credit and perpetrators who creating new identities.   This strategy allows the fraud perpetrator to quickly create a fictitious identity that looks like a real person with an active and good credit history. Most of the trade lines will be for authorized users only.  The perpetrator opens up a variety of accounts in a short period of time using the trade lines. When creditors try to collect, they can’t find the account owners because they never existed.  As Heather Grover mentioned in her blog, this fraud has leveled off in some areas and even decreased in others, but is probably still worth keeping an eye on.  One concern on which to focus especially is that these identities are sometimes used for bust out fraud. The best approach to predicting this type of fraud is using strong fraud models that incorporate a variety of non-credit and credit variables in the model development process.  These models look beyond the basic validation and verification of identity elements (such as name, address, and social security number), by leveraging additional attributes associated with a holistic identity -- such as inconsistent use of those identity elements. Account Takeover Another type of fraud that occurs during the account management period of the customer life cycle is account takeover fraud.  This type of fraud occurs when an individual uses a variety of methods to take over an account of another individual. This may be accomplished by changing online passwords, changing an address or even adding themselves as an authorized user to a credit card. Some customers have tools in place to try to prevent this, but social networking sites are making it easier to obtain personal information for many consumers.  For example, a person may have been asked to provide the answer to a challenge question such as the name of their high school as a means to properly identify them before gaining access to a banking account.  Today, this piece of information is often readily available on social networking sites making it easier for the fraud perpetrators to defeat these types of tools. It may be more useful to use out of wallet, or knowledge-based authentication and challenge tools that dynamically generate questions based on credit or public record data to avoid this type of fraud.  

By: Kennis Wong As I said in my last post, when consumers and the media talk about fraud and fraud risk, they are usually referring to third-party frauds. When financial institutions or other organizations talk about fraud and fraud best practices, they usually refer to both first- and third-party frauds. The lesser-known fraud cousin, first-party fraud, does not involve stolen identities. As a result, first-party fraud is sometimes called victimless fraud. However, being victimless can’t be further from the truth. The true victims of these frauds are the financial institutions that lose millions of dollars to people who intentionally defraud the system. First-party frauds happen when someone uses his/her own identity or a fictitious identity to apply for credit without the intention to fulfill their payment obligation. As you can imagine, fraud detection of this type is very difficult. Since fraudsters are mostly who they say they are, you can’t check the inconsistencies of identities in their applications. The third-party fraud models and authentication tools will have no effect on first-party frauds. Moreover, the line between first-party fraud and regular credit risk is very fuzzy. According to Wikipedia, credit risk is the risk of loss due to a debtor's non-payment of a loan or other line of credit. Doesn’t the definition sound similar to first-party fraud? In practice, the distinction is even blurrier. That’s why many financial institutions are putting first-party frauds in the risk bucket. But there is one subtle difference: that is the intent of the debtor.  Are the applicants planning not to pay when they apply or use the credit?  If not, that’s first-party fraud. To effectively detect frauds of this type, fraud models need to look into the intention of the applicants.

By: Kennis Wong When consumers and the media talk about fraud and fraud risk, nine out of ten times they are referring to third-party frauds. When financial institutions or other organizations talk about fraud, fraud best practices, or their efforts to minimize fraud, they usually refer to both first- and third-party frauds. The difference between the two fraud types is huge. Third-party frauds happen when someone impersonates the genuine identity owner to apply for credit or use existing credit. When it’s discovered, the victim, or the genuine identity owner, may have some financial loss -- and a whole lot of trouble fixing the mess. Third-party frauds get most of the spotlight in newspaper reporting primarily because of large-scale identity data losses. These data losses may not result in frauds per se, but the perception is that these consumers are now more susceptible to third-party frauds. Financial institutions are getting increasingly sophisticated in using fraud models to detect third-party frauds at acquisition. In a nutshell, these fraud models are detecting frauds by looking at the likelihood of applicants being who they say they are. Institutions bounce the applicants’ identity information off of internal and external data sources such as: credit; known fraud; application; IP; device; employment; business relationship; DDA; demographic; auto; property; and public record. The risk-based approach takes into account the intricate similarities and discrepancies of each piece of data element. In my next blog entry, I’ll discuss first-party fraud.