Fraud & Identity Management

A few weeks ago, I shared the first in a series of articles about understanding the different types of fraud and how to solve for them. In that article, I likened the fraud problem to baking. Continuing that theme, I’m going to explore first-party fraud by comparing it to biting into a cookie you think is chocolate chip, only to find that it’s filled with raisins. The raisins in the cookie were hiding in plain sight, indistinguishable from chocolate chips without a closer look, much like first-party fraudsters. What is first-party fraud? First-party fraud refers to instances when an individual makes a promise of future repayments in exchange for goods or services without the intent to repay. The fraudster might accomplish this by applying for a loan or credit card they won’t pay back, or misrepresenting their financial situation to get a more favorable rate.   First-party fraud sometimes presents via “mules” or consumers who are persuaded to use their own information to obtain credit or merchandise on behalf of a larger fraud ring. This type of fraud has become especially prevalent in 2020 due to the increases in online activity for both work and purchasing.   Mule activity has increased by 41% in 2020 in comparison to attack rates prior to the pandemic. – Julie Conroy, Research Director, Aite Group   First-party fraud is often miscategorized as credit loss and written off as bad debt, which causes problems when businesses later try to determine how much they’ve lost to fraud versus credit risk, and then make future lending decisions.   How does first-party fraud impact me?   Firstly, there are often substantial losses associated with first-party fraud. According to Payments Journal, 60% of financial institutions report first-party fraud as the prominent source of fraud losses.   The ranks of those who commission the attacks, as well as the mules who provide logistical support, will continue to increase at the same pace, if not more quickly, as economic conditions remain suppressed. The result will be an increase in the volume of attacks in general but with a particular emphasis on the kinds of fraud that typically accompany prolonged recessions, most notably first-party fraud.1 – Trace Fooshee, Senior Analyst, Aite Group   An imperfect first-party fraud solution can also strain relationships with good customers and hinder growth. When lenders have to interpret actions and behavior to assess customers, there’s a lot of room for error and losses. Those same losses hinder growth when, as mentioned before, businesses anticipate credit losses that aren’t actually credit losses.   This type of fraud isn’t a single-time event, and it doesn’t occur at just one point in the customer lifecycle. It occurs when good customers develop fraudulent intent, when new applicants who have positive history with other lenders have recently changed circumstances, or when seemingly good applicants have manipulated their identities to mask previous defaults.   Finally, first-party fraud impacts how your organization categorizes and manages risk – and that’s something that touches every department.   Solving the first-party fraud problem   Preventing first-party fraud requires a change in how we think about the fraud problem. It starts with the ability to separate first- and third-party fraud to treat them differently. Because first-party fraud doesn’t have a victim, you can’t work with the person whose information was stolen to confirm the fraud. Instead, you’ll have to work implement a consistent monitoring system and make a determination internally when fraud is suspected.   As we’ve already discussed, the fraud problem is complex. However with a partner like Experian, you have the tools required to perform a closer examination and the ability to differentiate between the types of fraud so you can determine the best course of action moving forward.   In the coming weeks, I’ll continue my exploration of this topic with a dive into synthetic identity and account takeover fraud, and how a layered fraud management strategy can help you minimize customer friction to improve and deepen your relationships while preventing fraud. Contact us if you’d like to learn more about how Experian is using our identity expertise, data, and analytics to detect and prevent all types of fraud. Contact us 1Key Trends Driving Fraud Transformation in 2021 and Beyond, December 2020

Published: December 9, 2020 by Chris Ryan

Fraud – it’s a word that comes up in conversations across every industry. While there’s a general awareness that fraud is on the rise and is constantly evolving, for many the full impact of fraud is misunderstood and underestimated. At the heart of this challenge is the tendency to lump different types of fraud together into one big problem, and then look for a single solution that addresses it. It’s as if we’re trying to figure out how to un-bake a terrible cake instead of thinking about the ingredients and the process needed to put them together in the first place. This is the first of a series of articles in which we’ll look at some of the key ingredients that create different types of fraud, including first party, third party, synthetic identity, and account takeover.  We’ll talk about why they’re unique and why we need to approach each one differently. At the end of the series, we’ll get a result that’s easier to digest. I had second thoughts about the cake metaphor, but in truth it really works. Creating a good fraud management process is a lot like baking. We need to know the ingredients and some tried-and-true methods to get the best result. With that foundation in place, we can look for ways to improve the outcome every time. Let’s start with a look at the best known type of fraud, third party. What is third-party fraud? Third-party fraud – generally known as identity theft – occurs when a malicious actor uses another person’s identifying information to open new accounts without the knowledge of the individual whose information is being used. This type of fraud is unique from first party or synthetic identity fraud because it involves an identifiable victim that’s willing to collaborate in the investigation and resolution, for the simple reason that they don’t want to be responsible for the obligation made under their name. Third-party fraud is often the only type of activity that’s classified as fraud by financial institutions. The presence of an identifiable victim creates a high level of certainty that fraud has indeed occurred. That certainty enables financial institutions to properly categorize the losses. Since there is a victim associated with it, third party fraud tends to have a shorter lifespan than other types. When victims become aware of what’s happening, they generally take steps to protect themselves and intervene where they know their identity has been potentially misused. As a result, the timeline for third-party fraud is shorter, with fraudsters acting quickly to maximize the funds they’re able to amass before busting out. How does third-party fraud impact me? As the digital transformation continues, more and more personally identifiable information (PII) is available on the dark web due to data breaches and phishing scams. Given that half of consumers anticipate increasing their online spending in the coming year, we anticipate that the amount of PII readily available to criminals will only continue to grow. All of this will lead to identity theft and increase the risk of third-party fraud. Third-party fraud has been on businesses\' radar throughout 2020, with account takeover and account opening fraud representing high opportunities for risk. While we don’t yet know the full financial impact of COVID-19, it’s clear that it has created both opportunity—increased online presence and interaction—and need—in the form of financial distress for businesses and consumers—when it comes to third-party fraud. Solving the third-party fraud problem We’ve examined one part of the fraud problem, and it is a complex one. With Experian as your partner, solving for it isn’t. Continuing my cake metaphor, by following the right steps and including the right ingredients, businesses can detect and prevent fraud. Preventing third-party fraud involves two distinct steps. Analytics: Driven by extensive data that captures the ways in which people present their identity—plus artificial intelligence and machine learning—good analytics can detect inconsistencies, and patterns of usage that are out of character for the person, or similar to past instances of known fraud. Verification: The advantage of dealing with third-party fraud is the availability of a victim that will confirm when fraud is happening. The verification step refers to the process of making contact with the identity owner to obtain that confirmation. It does require some thought and discipline to make sure that the contact information used leads to the identity owner—and not to the fraudster. Over the coming weeks, I’ll be exploring first-party fraud, synthetic identity fraud, and account takeover fraud and how a layered fraud management strategy can help keep your business and customers safe from all types. Let us know if you’d like to learn more about how Experian is using our identity expertise, data, and analytics to detect and prevent fraud. Contact us

Published: November 16, 2020 by Chris Ryan

Enterprise Security Magazine recently named Experian a Top 10 Fraud and Breach Protection Solutions Provider for 2020.   Accelerating trends in the digital economy--stemming from stay-at-home orders and rapid increases in e-commerce and government funding--have created an attractive environment for fraudsters. At the same time, there’s been an uptick in the amount of personally identifiable information (PII) available on the dark web. This combination makes innovative fraud and breach solutions more crucial than ever.   Enterprise Security Magazine met with Kathleen Peters, Experian’s Chief Innovation Officer, and Michael Bruemmer, Vice President of Global Data Breach and Consumer Protection, to discuss COVID-19 digital trends, the need for robust fraud protection, and how Experian’s end-to-end breach protection services help businesses protect consumers from fraud.   According to the magazine, “With Experian’s best in class analytics, clients can rapidly respond to ever-changing environments by utilizing offerings such as CrossCore® and Sure ProfileTM to identify and prevent fraud.”   In addition to our commitment to develop new products to combat the rising threat of fraud, Experian is focused on helping businesses minimize the consequences of a data breach. The magazine noted that, “To serve as a one-stop-shop for data breach protection, Experian offers a wide range of auxiliary services such as incident management, data breach notification, identity protection, and call center support.”   We are continuously working to create and integrate innovative and robust solutions to prevent and manage different types of data breaches and fraud. Read the full article Contact us

Published: November 13, 2020 by Alison Kray

The shift created by the COVID-19 pandemic is still being realized. One thing that we know for sure is that North American consumers’ expectations continue to rise, with a focus on online security and their digital experience.   In mid-September of this year, Experian surveyed 3,000 consumers and 900 businesses worldwide—with 300 consumers and 90 businesses in the U.S.—to explore the shifts in consumer behavior and business strategy pre- and post-COVID-19.   More than half of consumers surveyed continue to expect more security steps when online, including more visible security measures in place on websites and more knowledge about how their data is being protected and stored. However, those same consumers aren’t willing to wait more than 60 seconds to complete an online transaction making it more important than ever to align your security and experience strategies.   While U.S. consumers are optimistic about the economy’s recovery, they are still dealing with financial challenges and their behaviors have changed. Future business plans should take into account consumers’:   High expectations of their online experience Increases in online spending Difficulty paying bills Reduction in discretionary spending   Moving forward, businesses are focusing on use of AI, online security, and digital engagement. They are emphasizing revenue generation while looking into the future of online security. Nearly 70% of businesses also plan to increase their fraud management budgets in the next 6 months.   Download the full North America Insights Report to get all of the insights into North American business and consumer needs and priorities and keep visiting the Insights blog in the coming weeks for a look at how trends have changed from early in the pandemic. North America Insights Report Global Insights Report

Published: November 12, 2020 by Alison Kray

In the wake of unprecedented unemployment fraud since the start of COVID-19, Experian announced it was selected as the exclusive partner for identity and fraud verification for the Unemployment Insurance (UI) Integrity Center’s centralized Identity Verification (IDV) capability. IDV is available to state agencies at no cost through UI Integrity Center, which is operated by the National Association of Workforce Agencies (NASWA) in partnership with the U.S. Department of Labor.   With the Federal Bureau of Investigations (FBI) reporting a spike in fraudulent unemployment insurance claims complaints related to COVID-19, it’s more important than ever for state agencies to use innovative solutions to verify identities that are applying for unemployment insurance to protect consumers. If improper unemployment insurance payments are made to fraudsters, the efforts of the CARES Act could be largely wasted.   The IDV capability leverages Experian’s Precise IDTM to provide a centralized identity verification and proofing solution. Precise ID combines identity analytics with advanced fraud risk models to distinguish various types of fraud, which can help state agencies maximize time and resources. When state agencies submit claims, the IDV solution will return ID theft scoring and associated cause codes, enabling them to assess whether a claim may be fraudulent.   “Due to the COVID-19 health crisis, unemployment is high, with over roughly 60 million Americans filing for unemployment since March,” said Robert Boxberger, president of Experian’s Decision Analytics in North America. “At Experian, we’re proud to have a strong culture dedicated to continuous innovation that helps protect consumers’ financial health. We’re taking that same consumer focus and helping make the unemployment insurance application process more efficient and safer for constituents.”   The Integrity Data Hub (IDH) is a robust, multi-state data system that contains a continuously expanding set of sources to provide advanced cross-matching and analytic capabilities to states. It is designed to be easily implemented by any state Unemployment Insurance agency, regardless of claim volume, technology, or access to internal resources. The IDH was designed and built using the latest National Institute of Standards and Technology IT security standards, including the use of asymmetric encryption and other techniques to ensure the security of sensitive data.   “We’re excited to partner with Experian and utilize its Precise ID solution to assist states in mitigating fraud during these unprecedented times,” said Scott Sanders, NASWA Executive Director. “States are finding this to be a very valuable tool and we are pleased that we can offer this solution to states through our partnership with the U.S. Department of Labor.” Read Press Release Learn More About Precise ID

Published: November 11, 2020 by Eric Thompson

Synthetic identity fraud, otherwise known as SID fraud, is reportedly the fastest-growing type of financial crime. One reason for its rapid growth is the fact that it’s so hard to detect, and thus prevent. This allows the SIDs to embed within business portfolios, building up lines of credit to run up charges or take large loans before “busting out” or disappearing with the funds. In Experian’s recent perspective paper, Preventing synthetic identity fraud, we explore how SID differs from other types of fraud, and the unique steps required to prevent it. The paper also examines the financial risks of SID, including: $15,000 is the average charge-off balance per SID attack Up to 15% of credit card losses are due to SID 18% - the increase in global card losses every year since 2013 SID is unlike any other type of fraud and standard fraud protection isn’t sufficient. Download the paper to learn more about Experian’s new toolset in the fight against SID. Download the paper

Published: October 15, 2020 by Alison Kray

The CU Times recently reported on a nationwide synthetic identity fraud ring impacting several major credit unions and banks. Investigators for the Federal and New York governments charged 13 people and three businesses in connection to the nationwide scheme. The members of the crime ring were able to fraudulently obtain more than $1 million in loans and credit cards from 10 credit unions and nine banks. Synthetic Identity Fraud Can’t Be Ignored Fraud was on an upward trend before the pandemic and does not show signs of slowing. Opportunistic criminals have taken advantage of the shift to digital interactions, loosening of some controls in online transactions, and the desire of financial institutions to maintain their portfolios – seeking new ways to perpetrate fraud. At the onset of the COVID-19 pandemic, many financial institutions shifted their attention from existing plans for the year. In some cases they deprioritized plans to review and revise their fraud prevention strategy. Over the last several months, the focus swung to moving processes online, maintaining portfolios, easing customer friction, and dealing with IT resource constraints. While these shifts made sense due to rapidly changing conditions, they may have created a more enticing environment for fraudsters. This recent synthetic identity fraud ring was in place long before COVID-19. That said, it still highlights the need to have a prevention and detection plan in place. Financial institutions want to maintain their portfolios and their customer or member experience. However, they can’t afford to table fraud plans in the meantime. “72% of FI executives surveyed believe synthetic identity fraud to be more challenging than identity theft. This is due to the fact that it is harder to detect—either crime rings nurture accounts for months or years before busting out with six-figure losses, or they are misconstrued as credit losses, and valuable agent time is spent trying to collect from someone who doesn’t exist,” says Julie Conroy, Research Director at Aite Group. Prevention and Detection Putting the fraud strategy discussion on hold—even in the short term—could open up a financial institution to potential risk at time when cost control and portfolio maintenance are watch words. Canny fraudsters are on the lookout for financial institutions with fewer protections. Waiting to implement or update a fraud strategy could open a business up to increased fraud losses. Now is the time to review your synthetic identity fraud prevention and detection strategies, and Experian can help. Our innovative new tool in the fight against synthetic identity fraud helps financial institutions stop fraudsters at the door. Learn more  

Published: October 7, 2020 by Alison Kray

In 2015, U.S. card issuers raced to start issuing EMV (Europay, Mastercard, and Visa) payment cards to take advantage of the new fraud prevention technology. Counterfeit credit card fraud rose by nearly 40% from 2014 to 2016, (Aite Group, 2017) fueled by bad actors trying to maximize their return on compromised payment card data. Today, we anticipate a similar tsunami of fraud ahead of the Social Security Administration (SSA) rollout of electronic Consent Based Social Security Number Verification (eCBSV). Synthetic identities, defined as fictitious identities existing only on paper, have been a continual challenge for financial institutions. These identities slip past traditional account opening identity checks and can sit silently in portfolios performing exceptionally well, maximizing credit exposure over time. As synthetic identities mature, they may be used to farm new synthetics through authorized user additions, increasing the overall exposure and potential for financial gain. This cycle continues until the bad actor decides to cash out, often aggressively using entire credit lines and overdrawing deposit accounts, before disappearing without a trace. The ongoing challenges faced by financial institutions have been recognized and the SSA has created an electronic Consent Based Social Security Number Verification process to protect vulnerable populations. This process allows financial institutions to verify that the Social Security number (SSN) being used by an applicant or customer matches the name. This emerging capability to verify SSN issuance will drastically improve the ability to detect synthetic identities. In response, it is expected that bad actors who have spent months, if not years, creating and maturing synthetic identities will look to monetize these efforts in the upcoming months, before eCBSV is more widely adopted. Compounding the anticipated synthetic identity fraud spike resulting from eCBSV, financial institutions’ consumer-friendly responses to COVID-19 may prove to be a lucrative incentive for bad actors to cash out on their existing synthetic identities. A combination of expanded allowances for exceeding credit limits, more generous overdraft policies, loosened payment strategies, and relaxed collection efforts provide the opportunity for more financial gain. Deteriorating performance may be disguised by the anticipation of increased credit risk, allowing these accounts to remain undetected on their path to bust out. While responding to consumers’ requests for assistance and implementing new, consumer-friendly policies and practices to aid in impacts from COVID-19, financial institutions should not overlook opportunities to layer in fraud risk detection and mitigation efforts. Practicing synthetic identity detection and risk mitigation begins in account opening. But it doesn’t stop there. A strong synthetic identity protection plan continues throughout the account life cycle. Portfolio management efforts that include synthetic identity risk evaluation at key control points are critical for detecting accounts that are on the verge of going bad. Financial institutions can protect themselves by incorporating a balance of detection efforts with appropriate risk actions and authentication measures. Understanding their portfolio is a critical first step, allowing them to find patterns of identity evolution, usage, and connections to other consumers that can indicate potential risk of fraud. Once risk tiers are established within the portfolio, existing controls can help catch bad accounts and minimize the resulting losses. For example, including scores designed to determine the risk of synthetic identity, and bust out scores, can identify seemingly good customers who are beginning to display risky tendencies or attempting to farm new synthetic identities. While we continue to see financial institutions focus on customer experience, especially in times of uncertainty, it is paramount that these efforts are not undermined by bad actors looking to exploit assistance programs. Layering in contextual risk assessments throughout the lifecycle of financial accounts will allow organizations to continue to provide excellent service to good customers while reducing the increasing risk of synthetic identity fraud loss. Prevent SID

Published: August 19, 2020 by Stacey Wishowsky

The COVID-19 pandemic created a global shift in the volume of online activity and experiences over the past several months. Not only are consumers increasing their usage of mobile and digital channels to bank, shop, work and socialize — and anticipating more of the same in the coming months — they’re closely watching how businesses respond to their needs.   Between late June and early July of this year, Experian surveyed 3,000 consumers and 900 businesses to explore the shifts in consumer behavior and business strategy pre- and post-COVID-19.   More than half of businesses surveyed believe their operational processes have mostly or completely recovered since COVID-19 began. However, many consumers fear that a second wave of COVID-19 will further deplete their already strained finances. They are looking to businesses for reassurance as they shift their behaviors by:   Reducing discretionary spending Building up emergency savings Tapping into financial reserves Increasing online spending   Moving forward, businesses are focusing on short-term investments in security, managing credit risk with artificial intelligence, and increasing online customer engagement.   Download the full report to get all of the insights into global business and consumer needs and priorities and keep visiting the Insights blog in the coming weeks for a deeper dive into US-specific findings. Download the report

Published: August 6, 2020 by Alison Kray

Experian’s Chris Ryan and Bobbie Paul recently re-joined David Mattei from Aite to discuss how emerging fraud trends and changes in consumer behavior will have long-term impacts on businesses. Chris, Bobbie, and David have combined experience of more than 60 years in the world of fraud prevention. In this discussion, they bring that experience to bear as they review how businesses should revise their long-term fraud strategy in response to COVID-19 and the subsequent economic shifts, including: The requirements to authenticate a digital customer Businesses’ technology challenges Differentiating between first party and third party fraud The importance of businesses’ technology investment How to build a roadmap for the next 90 days and beyond Experian · Make Your Fraud Plan Recession-Ready: Your 90 Day and Beyond Plan

Published: July 9, 2020 by Alison Kray

Pre COVID-19, operations functions for retailers and financial institutions had not typically consisted of a remote (stay at home) workforce. Some organizations were better prepared than others, but there is a firm belief that retail and banking have changed for good as a result of the pandemic and resulting economic and workforce shifts. Market trends and implications When stay at home orders were issued, non-essential brick and mortar businesses closed unexpectedly. What were retailers to do with no traffic coming through the doors at their physical locations? The impact on big-box retailers like Best Buy, Dick’s Sporting goods, Sears, JCPenney, Nike, Starbucks, Macy’s, Neiman Marcus, Nordstrom, Kohl’s to name a few, has been unprecedented; some have had to shut their doors for good. Over the past several months global retail has seen e-commerce sales grow over 81% compared to the same period last year, according to Card Not Present. Some sectors have seen triple-digit growth year over year. Most online retailers have been ill-prepared to handle this increase in transactional volume in such a short amount of time, which has resulted in rapid fraud loss increases. A recent white paper from Aite Group reported that prior to COVID-19, a large financial institution forecasted an 8% decrease in fraud for 2020, but has since revised the projection to increase 10-15%. What does this all mean?  Bad actors are taking advantage of the pandemic to exploit the online retail channel. The increased remote channel usage—online, mobile, and contact centers in particular—continues to be an area where retailers are exposed. Account takeover, through phishing and relaxed call center controls, is rising as well. Increases in phishing attacks are leading to compromised and stolen identities and synthetic identity fraud. Account takeover (ATO) fraud has increased 347% since 2019 according to PYMNTS.com. A recent survey found more than a quarter of merchants (27%) admit that they don’t have measures to prevent ATO. 24% of merchants can’t identify an ATO during a purchase. 14% of merchants say they are not even aware that an ATO has occurred unless a customer contacts them. When criminals use these compromised accounts to make fraudulent purchases, the merchant loses revenue and the value of the goods. They can also suffer from damage to brand reputation and a loss of customer confidence. A lack of account security can have lasting effects as 65% of customers surveyed say they would likely stop buying from a merchant if their account was compromised, according to that same Card Not Present study. So how can retailers start to identify bad actors with malicious intent? This will be a constant struggle for retailers. Rather than a one size fits all solution, retailers must move toward a strategy that is nimble and dynamic and can address multiple areas of exposure. A fraudster could easily slip by one verification method—for instance with a stolen credential—only to be foiled by a secondary authentication tactic like device identity. A layered fraud strategy continues to be the industry best practice, where both passive and active authentication methods are leveraged to frustrate fraudsters without applying undue friction to “good” consumers. The layered solution should also utilize device risk, identity verification and fraud analytics, with tailoring to each businesses’ needs, risk tolerance, and customer profiles. Learn more about how to build a layered fraud strategy today. Learn more

Published: July 8, 2020 by Marc Mosman

Every few months we hear in the news about a fraud ring that has been busted here in the U.S. or in another part of the world. In May, I read about a fraud ring based in Georgia and Louisiana that bought 13,000 stolen identities of children who were on the Louisiana Medicaid program and billed the government for services not rendered. This group defrauded the Medicaid program of more than $500,000.   This is just one of many stories that we hear about fraud rings, and given the rapidly changing economic environment, now is the time for businesses to think about how to protect against fraud rings. There are a number of challenges that organizations may have when it comes to sharing trends and collaborations, understanding the ways to tie fraud rings together, creating treatments for identifying fraud rings and ways to store and catalogue fraud ring experiences so they can be easily recognized.   The trouble with identifying fraud rings   It’s important to understand the challenges that organizations have because they see the fraud rings through their own internal lens. Here are a few of the top things businesses should work on:   Think like a fraudster. This will help businesses become more creative in their approach to fraud prevention. Facilitate internal collaboration. Share with in-organization partners. Sometimes this can be difficult due to organizational structure. Promote external collaboration. Intel-sharing groups are a great way for businesses to network within their industries and learn about the fraud that others are seeing. An organization that I’ve worked with in the past is the National Cyber Forensic and Training Alliance (NCFTA).   Putting the pieces together   How do businesses identify a fraud ring? There are three steps to get started. The first is reviewing and understanding the data. Fraudsters are lazy and want to replicate the process over and over again, and because of this there is always some piece of information that is repeated. It could be a name, an email address, device fingerprint, or similar.   The second step is tying the fraud ring together. This is done by creating rules to help identify the trends. Having rules in place to identify fraud rings allows businesses to easily pull stats together for their leadership.   Lastly, applying an acronym or name to the particular fraud ring and adding comments to the cases associated with a particular ring will help with post-investigation analysis.   Learning from the past   Before I became a consultant, I remember identifying a fraud ring that was submitting events with the same language pack and where the device fingerprint was staying consistent. Those events were being referred out for review and marked with the same note. At a post-mortem review, I was able to talk to the fraud ring we had seen, and it was easy to pull all events associated with this fraud ring because my team had marked the events with the same comments.   Another fraud ring example happened a few years ago. A client called me and said that they were under a fraud attack and this fraud ring was rotating the email handle. I reviewed the data and came up with a rule to catch this activity. Fraud rings will use email handle rotation to help them keep track of accounts that are opened or what emails they used in the past. By coupling the email handle rotation with an email verification service like Emailage, this insight could be very telling. I would assume that when fraud rings use email handle rotation these emails are new and have just been created.   These are just a few of the many fraud rings that I’ve encountered over the course of my career and I’m sure there will be a lot more in the years to come. The best advice I can give to anyone that reads this post is to understand the data that you are reviewing, look for anomalies within the data, ask questions and test your theories by running queries on the data that you’re reviewing. I would love to hear about the different fraud rings that you’ve encountered over your career.   Stay safe.   Contact us

Published: July 1, 2020 by Jeramie Driessen

Experian’s own Chris Ryan and Bobbie Paul recently joined David Mattei from Aite to discuss the latest research and insights into emerging fraud schemes and how businesses can combat them in light of COVID-19 and the resulting economic changes. Between them, Chris, Bobbie, and David have more than 60 years of experience in the world of fraud prevention. Listen in as they discuss how businesses can shape their fraud prevention plan in the short term, including: The impacts of the health crisis and physical distancing The rise of e-commerce and consumer digital engagement Changes in criminal activity Fraud attack vectors 2020 fraud loss projections Critical next steps for the 30-60 day time frame Experian · Make Your Fraud Plan Recession-Ready: 2020 Fraud Trends

Published: June 29, 2020 by Alison Kray

The COVID-19 pandemic and resulting rush to transition to a remote lifestyle made it clear that many businesses need a refreshed digital authentication and fraud prevention strategy that includes an investment in technology and provides consumer assurance. This is particularly important when it comes to identity, as many of the standard in-person verification methods and tools are currently unavailable. The meaning of identity is growing and shifting Technology trends are intersecting with social trends to create heightened awareness, and a whole new public conversation has emerged around customer trust and privacy. Attitudes and ideas are changing—even to the point of what we mean by “identity.” An identity is no longer just a name, date of birth, and SSN. Now, there are digital manifestations everywhere you look: screen names, email addresses, mobile phone numbers, device identifiers, and the other “exhaust” we leave behind as we travel the internet. This leads to concerns about what an identity is, who owns it, and who manages and protects it. Businesses have to be able to prove to their ability to protect their customers’ identities through investment in technology and a robust fraud strategy. Consumer attitudes are changing Several years ago, consumers were excited by all the new digital capabilities and the speed, ease, and convenience they provided. Last year, Experian found that consumers still wanted those things, with 70% willing to provide more information to businesses if there was a perceived benefit. However, they also wanted more security in the balance. In Experian’s most recent Global Identity and Fraud Report, we found that 74% of consumers say that security is the most important factor when deciding to engage with a business. Consumers are particularly more tolerant of friction during the enrollment process—as a means of building trust. But, when they return to the app or website, they want to be recognized. This means achieving a balance by using layered technologies, some of which are active and visible to the consumer, and some of which are invisibly working in the background to confirm the identity of returning consumers. Consumer attitudes vs. regulatory pressure The drivers behind the business changes are twofold: shifting consumer attitudes and regulatory changes. While regulations are becoming stricter on a national and global level, they’re not keeping pace with technology and social change. The digital world is evolving at a rapid pace, opening up more new ways for companies to collect information about consumers and use it to identify and verify, and also to target goods and services. With all of this data available, it’s important for businesses to use the tools in the market to help protect identity information. Next steps in technology The bottom line is, businesses can’t wait for regulations to dictate how best to protect information. Instead, they should be looking to technologies like physical and behavioral biometrics to help provide identity authentication and protection – layering those solutions with information from the user and from third parties to give a holistic consumer view. Businesses should adopt a platform approach for identity and fraud in order to be able to adapt quickly, whether to incorporate new kinds of technology or to prevent emerging types of fraud. By investing in technology now, even in the midst of the COVID-19 pandemic, businesses can build the flexibility needed to respond to future crises and help offset future fraud losses. In turn, those fraud-loss savings can then be used to help grow the business in the future. Learn more about Experian’s commitment to helping businesses maximize their investment in technology to safeguard against fraud. Learn more

Published: June 9, 2020 by Kathleen Peters

To combat the growing threat of synthetic identity fraud, Experian recently announced the launch of Sure ProfileTM, a revolutionary change to the credit profile that gives lenders peace of mind with Experian’s commitment to share in losses that result from an identity we’ve assured.   “Experian has always been a leader in combatting fraud, and with Sure Profile, we’re proud to deliver an industry-first fraud offering integrated into the credit profile that mitigates lender losses while protecting millions of consumers’ identities,” said Robert Boxberger, President of Decision Analytics, Experian North America.   Synthetic identity fraud is expected to drive $48 billion in annual online payment fraud losses by 2023. Between opportunistic fraudsters and a lack of a unified definition for synthetic identity theft it can be nearly impossible to detect—and therefore prevent—this type of fraud.   This breakthrough solution provides a composite history of a consumer’s identification, public record, and credit information and determines the risk of synthetic fraud associated with that consumer. It’s not just a fraud tool, it’s a comprehensive credit profile that utilizes premium data so lenders can make positive credit decisions.   Sure Profile leverages the capabilities of the Experian Ascend Identity PlatformTM and uses Experian’s industry-leading data assets and data quality to drive advanced analytics that set a higher level of protection for lenders. It’s powered by newly-developed machine learning and AI models. And it offers a streamlined approach to define and detect synthetic identities early in the originations process.   Most importantly, Sure Profile differentiates between real people and potentially risky applicants so lenders can increase application approvals with greater assurance and less risk.   “Experian can confidently define and help detect synthetic fraud. That\'s why we can help stop it,” said Craig Boundy, CEO of Experian North America. “Experian stands behind our data with assurance given to our clients. It’s better for lenders and it’s better for consumers.”   Sure Profile is a complement to our robust set of identity protection and fraud management capabilities, which are designed to address fraud and identity challenges including account openings, account takeovers, e-commerce fraud and more. This first-of-its kind profile is the future of underwriting and portfolio protection and it’s here now. Read press release Learn More About Sure Profile

Published: June 2, 2020 by Alison Kray