When a client is selecting questions to use, Knowledge Based Authentication is always about the underlying data – or at least it should be.  The strength of Knowledge Based Authentication questions will depend, in large part, on the strength of the data and how reliable it is.  After all, if you are going to depend on Knowledge Based Authentication for part of your risk management and decisioning strategy the data better be accurate.  I’ve heard it said within the industry that clients only want a system that works and they have no interest where the data originates.  Personally, I think that opinion is wrong. I think it is closer to the truth to say there are those who would prefer if clients didn’t know where the data that supports their fraud models and Knowledge Based Authentication questions originates; and I think those people “encourage” clients not to ask.  It isn’t a secret that many within the industry use public record data as the primary source for their Knowledge Based Authentication products, but what’s important to consider is just how accessible that public record information is.  Think about that for a minute.  If a vendor can build questions on public record data, can a fraudster find the answers in public record data via an online search? Using Knowledge Based Authentication for fraud account management is a delicate balance between customer experience/relationship management and risk management.  Because it is so important, we believe in research – reading the research of well-known and respected groups like Pew, Tower, Javelin, etc. and doing our own research.  Based on our research, I know consumers prefer questions that are appropriate and relative to their activity.  In other words, if the consumer is engaged in a credit-granting activity, it may be less appropriate to ask questions centered on personal associations and relatives.  Questions should be difficult for the fraudster, but not difficult or perceived as inappropriate or intrusive by the true consumer.  Additionally, I think questions should be applicable to many clients and many consumers.  The question set should use a mix of data sources: public, proprietary, non-credit, credit (if permissible purpose exists) and innovative. Is it appropriate to have in-depth data discussions with clients about each data source?  Debatable.  Is it appropriate to ensure that each client has an understanding of the questions they ask as part of Knowledge Based Authentication and where the data that supports those questions originates?  Absolutely.    

By: Kari Michel What is Basel II?  Basel II is the international convergence of Capital Measurement and Capital Standards. It is a revised framework and is the second iteration of an international standard of laws. The purpose of Basel II is to create an international standard that banking regulators can use when creating regulations about how much capital banks need to put aside to guard against the types of financial and operations risk banks face.  Basel II ultimately implements standards to assist in maintaining a healthy financial system. The business challenge The framework for Basel II compels the supervisors to ensure that banks implement credit rating techniques that represent their particular risk profile.  Besides the risk inputs (Probability of Default (PD), Loss Given Default (LGD) and Exposure at Default (EAD)) calculation, the final Basel accord includes the “use test” requirement which is the requirement for a firm to use an advanced approach more widely in its business and met merely for calculation of regulatory capital. Therefore many financial institutions are required to make considerable changes in their approach to risk management (i.e. infrastructure, systems, processes, data requirements).  Experian is a leading provider of risk management solutions — products and services for the new Basel Capital Accord (Basel II).  Experian’s approach includes consultancy, software, and analytics tailored to meet the lender’s Basel II requirements.  

A recent January 29, 2010 article in the Wall Street Journal * discussing the repurchasing of loans by banks from Freddie Mae and Fannie Mac included a simple, yet compelling statement that I feel is worth further analysis. The article stated that "while growth in subprime defaults is slowing, defaults on prime loans are accelerating." I think this statement might come as a surprise to some who feel that there is some amount of credit risk and economic immunity for prime and super-prime consumers – many of whom are highly sought-after in today’s credit market. To support this statement, I reference a few statistics from the Experian-Oliver Wyman Market Intelligence Reports: • From Q1 2007 to Q1 2008, 30+ DPD mortgage delinquency rates for VantageScore® credit score A and B consumers remained flat (actually down 2%); while near-prime, subprime, and deep-subprime consumers experienced an increase of over 36% in 30+ rates. • From Q4 2008 to Q4 2009, 30+ DPD mortgage delinquency rates for VantageScore® credit score A and B consumers increased by 42%; whereas consumers in the lower VantageScore® credit score tiers saw their 30+ DPD rate increase by only 23% in the same period Clearly, whether through economic or some other form of impact, repayment practices of prime and super-prime, consumers have been changing as of late, and this is translating to higher delinquency rates. The call-to-action for lenders, in their financial risk management and credit risk modeling efforts, is increased attentiveness in assessing credit risk beyond just a credit score…whether this be using a combination of scores, or adding Premier Attributes into lending models – in order to fully assess each consumer’s risk profile. *  http://online.wsj.com/article/SB10001424052748704343104575033543886200942.html

When a client is selecting questions to use, Knowledge Based Authentication is always about the underlying data – or at least it should be.  The strength of Knowledge Based Authentication questions will depend, in large part, on the strength of the data and how reliable it is.  After all, if you are going to depend on Knowledge Based Authentication for part of your risk management and decisioning strategy the data better be accurate.  I’ve heard it said within the industry that clients only want a system that works and they have no interest where the data originates.  Personally, I think that opinion is wrong. I think it is closer to the truth to say there are those who would prefer if clients didn’t know where the data that supports their fraud models and Knowledge Based Authentication questions originates; and I think those people “encourage” clients not to ask.  It isn’t a secret that many within the industry use public record data as the primary source for their Knowledge Based Authentication products, but what’s important to consider is just how accessible that public record information is.  Think about that for a minute.  If a vendor can build questions on public record data, can a fraudster find the answers in public record data via an online search? Using Knowledge Based Authentication for fraud account management is a delicate balance between customer experience/relationship management and risk management.  Because it is so important, we believe in research – reading the research of well-known and respected groups like Pew, Tower, Javelin, etc. and doing our own research.  Based on our research, I know consumers prefer questions that are appropriate and relative to their activity.  In other words, if the consumer is engaged in a credit-granting activity, it may be less appropriate to ask questions centered on personal associations and relatives.  Questions should be difficult for the fraudster, but not difficult or perceived as inappropriate or intrusive by the true consumer.  Additionally, I think questions should be applicable to many clients and many consumers.  The question set should use a mix of data sources: public, proprietary, non-credit, credit (if permissible purpose exists) and innovative. Is it appropriate to have in-depth data discussions with clients about each data source?  Debatable.  Is it appropriate to ensure that each client has an understanding of the questions they ask as part of Knowledge Based Authentication and where the data that supports those questions originates?  Absolutely.    

By: Kari Michel What is Basel II?  Basel II is the international convergence of Capital Measurement and Capital Standards. It is a revised framework and is the second iteration of an international standard of laws. The purpose of Basel II is to create an international standard that banking regulators can use when creating regulations about how much capital banks need to put aside to guard against the types of financial and operations risk banks face.  Basel II ultimately implements standards to assist in maintaining a healthy financial system. The business challenge The framework for Basel II compels the supervisors to ensure that banks implement credit rating techniques that represent their particular risk profile.  Besides the risk inputs (Probability of Default (PD), Loss Given Default (LGD) and Exposure at Default (EAD)) calculation, the final Basel accord includes the “use test” requirement which is the requirement for a firm to use an advanced approach more widely in its business and met merely for calculation of regulatory capital. Therefore many financial institutions are required to make considerable changes in their approach to risk management (i.e. infrastructure, systems, processes, data requirements).  Experian is a leading provider of risk management solutions — products and services for the new Basel Capital Accord (Basel II).  Experian’s approach includes consultancy, software, and analytics tailored to meet the lender’s Basel II requirements.  

A recent January 29, 2010 article in the Wall Street Journal * discussing the repurchasing of loans by banks from Freddie Mae and Fannie Mac included a simple, yet compelling statement that I feel is worth further analysis. The article stated that "while growth in subprime defaults is slowing, defaults on prime loans are accelerating." I think this statement might come as a surprise to some who feel that there is some amount of credit risk and economic immunity for prime and super-prime consumers – many of whom are highly sought-after in today’s credit market. To support this statement, I reference a few statistics from the Experian-Oliver Wyman Market Intelligence Reports: • From Q1 2007 to Q1 2008, 30+ DPD mortgage delinquency rates for VantageScore® credit score A and B consumers remained flat (actually down 2%); while near-prime, subprime, and deep-subprime consumers experienced an increase of over 36% in 30+ rates. • From Q4 2008 to Q4 2009, 30+ DPD mortgage delinquency rates for VantageScore® credit score A and B consumers increased by 42%; whereas consumers in the lower VantageScore® credit score tiers saw their 30+ DPD rate increase by only 23% in the same period Clearly, whether through economic or some other form of impact, repayment practices of prime and super-prime, consumers have been changing as of late, and this is translating to higher delinquency rates. The call-to-action for lenders, in their financial risk management and credit risk modeling efforts, is increased attentiveness in assessing credit risk beyond just a credit score…whether this be using a combination of scores, or adding Premier Attributes into lending models – in order to fully assess each consumer’s risk profile. *  http://online.wsj.com/article/SB10001424052748704343104575033543886200942.html