Tag: fraud

Fraud and address manipulation (Part 1) Identifying an address as incorrect seems simple enough. But in reality, address mismatches between an application and credit bureau data aren’t uncommon. Here are several legitimate reasons why this may occur: Change of residence. Credit bureau’s unique logic for determining which address is the "best." New/Emerging consumers often have fluctuating address data. Issuers that employ risk-based approaches allowing incorrect addresses to pass and those that use self-reported data for verification face the highest level of risk for this type of fraud. Next week, we’ll let you know how you can avoid these types of losses. Or you can get ahead and read our latest paper. Address manipulation fraud>

We’re excited to announce Family Account Management: a new feature available for our partners that makes it easy for their subscribers to extend identity protection services to family and friends. Family Account Management allows our partners to offer quick and easy enrollment, enabling new subscribers to opt in to a family plan by inputting family or friends’ email addresses within their portal. Subscribers can invite anyone of the age of 18 to join. Every family has different security needs and preferences. This feature offers plan options that can be configured to match the primary subscriber’s current enrolled services, or customized to include a set of services that best suits each family’s needs. The Consumer Sentinel Network, a division of the Federal Trade Commission, reported over 1.2 million fraud-related complaints in 2015. With identity fraud on the rise, we need to be more vigilant than ever before and take steps to improve our own security and the security of our loved ones. We all have unique identity elements, including birthday, email address, and Social Security number, and monitoring one person’s identity elements won’t minimize risk for other family members. That’s why Family Account Management is so important, allowing subscribers to extend coverage for what matters most – family. “Families are more connected than ever before, but with more ways to stay connected, there are new threats putting families at risk of identity theft,” said Joe Ross, Experian President and Co-Founder. “With Family Account Management, businesses can provide their subscribers with an easy and convenient way to extend identity protection services to their loved ones.” Visit our website for more information on identity protection products you can offer your customers and stay up to date with all Experian news on LinkedIn.

Internet-connected devices provide endless possibilities, but they rely on technology and collected data to deliver on their promises. This can compromise your network security. Follow these tips to enjoy the conveniences provided by Internet of Things devices while keeping your network safe. Look for devices that use end-to-end encryption. Change default passwords before connecting devices to your network. Enable two-factor authentication, when available. Leverage all security options, such as passwords, encryption, firewalls and firmware. The Internet of Things is only as strong as its weakest link. That's why it’s so important to understand and treat each connected device as part of a broader network. More security tips

Experian shares five trends and twists coming over the next 12 months, that could push new boundaries and in many cases improve the customer experience as it pertains to the world of credit and finance.

Fraud and cybersecurity are two of the biggest risks challenging organizations and the economy today. Fraud has become its own industry, to the tune of $500 billion in estimated losses annually. To strengthen your fraud risk strategies, you need: A multilayered authentication and risk-based approach to prevent fraud. A comprehensive approach to identity with true customer intelligence. To avoid silos and recognize the value of combining your solutions into one platform. The rapid growth of fraud-related activity only reinforces the need for aggressive fraud prevention strategies and the adoption of new technology to prepare for the latest emerging cybersecurity threats. Want to know more?

Technology sharing can unlock a more effective strategy in fighting fraud. Experian’s multi-layered and risk-based approach to fraud management is discussed as many businesses are learning that combining data and technology to strengthen their fraud risk strategies can help reduce losses. Evolving fraud schemes, changes in regulatory requirements and the advent of new digital initiatives make it difficult for businesses to manage all of the tools needed to keep up with the relentless pace of change.

Experian is recognized as a leading security solution provider for fraud and identity solutions in order to protect customers and financial institutions

It’s been a wild ride for the financial services industry over the past eight years. After the mortgage meltdown, the Great Recession and a stagnant economy … well, one could say the country had seen better days. Did you watch The Big Short last winter? It all came crumbling down. And then President Barack Obama entered the scene. Change was needed. More oversight introduced. Suddenly, we had the Affordable Care Act, the Dodd-Frank Wall Street Reform Act and the creation of the Consumer Financial Protection Bureau (CFPB). Taxes were raised on the country’s highest earners for the first time since the late-1990s. In essence, the pendulum swung hard and fast to a new era of tightened and rigorous regulation. Fast forward to present day and we find ourselves on the cusp of transitioning to new leadership for the country. A new president, new cabinet, new leaders in Congress. What will it all mean for financial services regulations? It’s helpful to initially take a look back at the key regulations that have been introduced over the past eight years. Mortgage Reform: Long gone are the days of obtaining a quick mortgage.  New rules have required loan originators to verify and document the consumer’s income and assets, including employment status (if relied upon), existing debt obligations, mortgage-related obligations, alimony and child support. The CFPB has also expanded foreclosure protections for struggling borrowers and homeowners. Maintaining the health of the mortgage industry is important for the entire country, and updated rules have enhanced the safety and transparency of the mortgage market. Home values have largely recovered from the darkest days, but some question whether the underwriting criteria have become too strict. Combatting Fraud: The latest cyber-attack trends and threats come fast and furious. Thus, regulators are largely addressing the challenge by expecting banks to adhere to world-class standards from organizations such as the National Institute of Standards and Technology (NIST). The Federal Trade Commission (FTC) and the National Credit Union Administration (NCUA) implemented the Red Flags Rule in November 2008. It requires institutions to establish policies and procedures to identify and recognize red flags — i.e., patterns, practices or specific activities that indicate the possible existence of identity theft — that occur during account-opening activities, existing account maintenance and new activity on an account that has been inactive for two or more years. Loss Forecasting: The Dodd-Frank Act Requires the Federal Reserve to conduct an annual stress test of bank holding companies (BHCs), savings and loan holding companies, state member banks, and nonbank financial institutions. In October 2012, the Fed Board adopted the Comprehensive Capital Analysis and Review (CCAR) rules. This requires banks with assets of $50 billion or more to submit to an annual review centered on a supervisory stress test to gauge capital adequacy. In January 2016, Dodd-Frank Act Stress Testing (DFAST) was introduced, requiring bank holding companies with assets of $10 billion or more to conduct separate annual stress tests known as “company-run tests” using economic scenarios. Every year regulators expect to see continued improvement in stress-testing models and capital-planning approaches as they raise the bar on what constitutes an acceptable practice. CFPB: No longer the new kids on the block, the CFPB has transitioned to an entity that has its tentacles into every aspect of consumer financial products. Mortgage lending was one of their first pursuits, but they have since dug into “ability-to-pay underwriting” and servicing standards for auto loans, credit cards and add-on products sold through third-party vendors. Now they are looking into will likely be the next “bubble,” – student lending – and educating themselves about online marketplace lending. Data Quality: Expectations related to data quality, risk analytics, and regulatory reporting have risen dramatically since the financial downturn. Inaccuracy in data is costly and harmful, slows down the industry, and creates frustration. In short, it’s bad for consumers and the industry. It’s no secret that financial institutions rely on the accuracy of credit data to make the most informed decisions about the creditworthiness of their customers. With intense scrutiny in this area, many financial institutions have created robust teams to handle and manage requirements and implement sound policies surrounding data accuracy. --- This is merely a sliver of the multiple regulations introduced and strengthened over the past eight years. Is there a belief that the regulatory pendulum might take a swing to other side with new leadership? Unlikely. The agenda for 2017 largely centers on the need to improve debt collections practices, enhance access to credit for struggling Americans, and the need for ongoing monitoring of the fintech space. Only time will tell, but one thing is certain. Anyone involved in financial services needs to keep a watchful eye on the ever-evolving world of regulation and Washington.

As we approach the one-year anniversary of the EMV liability shift, we have seen an increase in e-commerce fraud — to the tune of 15% higher than last year. Additional insights from Experian’s biannual analysis on e-commerce fraud include: 44% of e-commerce billing fraud came from Florida, California and New York* 52% of e-commerce shipping fraud came from Florida, New York and California* Miami, Fla., is the most dangerous city in the United States for e-commerce merchants* As fraudsters continue to perpetrate card-not-present fraud, ensure you are prepared. You’ll be thankful if fraudsters come calling. >> E-commerce Attack Rates

Historically, the introduction of EMV chip technology has resulted in a significant drop in card-present fraud, but a spike in card-not-present (CNP) fraud. CNP fraud accounts for 60% to 70% of all card fraud in many countries and is increasing. Merchants and card issuers in the United States likely will see a rise in CNP fraud as EMV migration occurs — although it may be more gradual as issuers and merchants upgrade to chip-based cards. As fraud continues to evolve, so too should your fraud-prevention strategies. Make a commitment to stay abreast of the latest fraud trends and implement sophisticated, cross-channel fraud-prevention strategies. >>Protecting Growth Ambitions Against Rising Fraud Threats

Unfortunately, identity theft can happen to anyone and has far-reaching consequences for its victims. According to the US Department of Justice (DOJ)’s most recent study, 17.6 million people in the US experience some form of identity theft each year. This includes activities such as fraudulent credit card transactions or personal information being used to open unauthorized accounts. The most obvious consequence that identity theft victims encounter is financial loss, which comes in two forms: direct and indirect. Direct financial loss refers to the amount of money stolen or misused by the identity theft offender. Indirect financial loss includes any outside costs associated with identity theft, like legal fees or overdraft charges. The DOJ’s study found that victims experienced a combined average loss of $1,343. In total, identity theft victims lost a whopping $15.4 billion in 2014. Beyond money lost, identity theft can negatively impact credit scores. While credit card companies detect a majority of credit card fraud cases, the rest can go undetected for extended periods of time. A criminal’s delinquent payments, cash loans, or even foreclosures slowly manifest into weakened credit scores. Victims often only discover the problem when they are denied for a loan or credit card application. Last year, Experian found that these types of fraud take the longest time to resolve. Identity theft doesn’t just impact victims financially; it also often takes a significant emotional toll. A survey from the Identity Theft Research Center found that 69 percent felt fear for their personal financial security, and 65 percent felt rage or anger. And, almost 40 percent reported some sleep disruption. These feelings increased over time when victims were unable to settle the issue on their own, according to the report, which can result in problem as work or school, and add stress to relationships with friends and family. Thankfully, consumers are getting smarter about the best ways to protect their information, like using monitoring services or following security best practices. How are you protecting yourself against identity theft? Learn more about our Identity Protection Services

Did you know that identities can shift (for better or worse) in just 30 days? To succeed in today’s multichannel, mobile environment, businesses must have a broader, more dynamic identity management strategy that includes: Identity proofing: Point-in-time verification (e.g., account opening) Authentication: Ongoing verification (e.g., account login) Identity management: Continual monitoring throughout the Customer Life Cycle Minimize your identity fraud risk, increase customer engagement and provide a satisfying customer experience by shifting to a strategy focused on identity relationship management. >>The three pillars of identity relationship management  

Experian has been selected as one of the leading players in the fraud detection and prevention space in Juniper Research’s Online Payment Fraud strategies report.

Fraudsters invited into bank branches The days of sending an invitation in the mail have for the most part gone by the wayside. Aside from special invitations for weddings and milestone anniversaries, electronic and email invitations have become the norm. However, one major party planner has refused to change practices — banks inviting fraudsters into their banking centers. As a fraud consultant I have the privilege of meeting many banking professionals, and I hear the same issues and struggles over and over again. It’s clear that the rapid increase of fraudulent account-opening applications are top of mind to many. What the executives making policy don’t realize is they’re facing fraud because they’re literally inviting the fraudsters into their branches. Think I’m exaggerating? Let me explain. I often encounter bank policymakers who explain their practice of directing a suspicious person into a banking center. Yes, many banks still direct applicants who cannot be properly verified over the phone or online into their banking center to show proof of identity. Directing or inviting criminals into your bank instead of trying to keep them out is an outdated, high-risk practice — what good can possibly come of it? The argument I typically hear from non-fraud banking professionals: “The bad guys know that if they come into the bank we will have them on film.” Other arguments include that the bad guys are not typically bold enough to actually come into the banking center or that their physical security guards monitor high-traffic banking centers. But often that is where bank policies and employee training ends. Based on my years of experience dealing with banks of all sizes, from the top three global card issuers to small regional banks, let me poke a few holes in the theory that it is a good deterrent to invite perpetrators into your banking center. Let’s role-play how my conversation goes: Me: “When an underwriter with limited fraud training making the decision to direct a suspicious applicant into a banking center, what is the policy criteria to do so?” Bank policymaker: (typical response) “What do you mean?” Me: “What high-risk authentication was used by the underwriter to make the decision to extend an invitation to a high-risk applicant to come into the banking center? If the applicant failed your high-risk authentication questions and you were not able to properly identify them, what authentication tools do the branch managers have that the underwriters do not?” Bank: “Nothing, but they can usually tell when someone is nervous or seems suspicious.” Me: “Then what training do they receive to identify suspicious behaviors?” (You guessed it …) Bank: “None.” (I then switch to the importance of customer experience.) Me: “How do you notify the banking center in advance that the suspicious applicant was invited to come in to provide additional verification?” Bank: “We do not have a policy to notify the banking center in advance.” Me: “What is considered acceptable documentation? And are banking center employees trained on how to review utility statements, state ID cards, drivers’ licenses or other accepted media?“ Bank: “We do not have a list of acceptable documentation that can be used for verification; it is up to the discretion of the banking center representative.” Me: “How do you ensure the physical safety of your employees and customers when you knowingly invite fraudsters and criminals into your banking center? How do you turn down or ask the suspicious person to leave because they do not have sufficient documentation to move forward with the original application for credit? If a suspicious person provides your employee with a possible stolen identification card, is that employee expected to keep it and notify police or return it to the applicant? Are employees expected to make a photocopy of the documentation provided?” The response that I usually receive is, “I am not really sure.” I hope by now you are seeing the risk of these types of outdated practices on suspicious credit applications. The fact is that technology has allowed criminals to make fairly convincing identification at a very low cost. If employees in banking centers are not equipped, properly trained, and well-documented procedures do not exist in your fraud program — perhaps it’s time to reconsider the practice or seek the advice of industry experts. I have spent two decades trying to keep bad guys out of banks, but I can’t help but wonder — why do some still send open invitations to criminals to come visit their bank? If you are not yet ready to stop this type of bad behavior, at the very least you must develop comprehensive end-to-end policies to properly handle such events. This fraud prevention tactic to invite perpetrators into banks was adopted long before the age of real-time decisions, robust fraud scores, big data, decision analytics, knowledge-based authentication, one-time passcodes, mobile banking and biometrics. The world we bank in has changed dramatically in the past five years; customers expect more and tolerate less. If a seamless customer experience and reducing account-opening and first-party fraud are part of your strategic plan, then it is time to consider Experian fraud solutions and consulting.

Experian’s annual global fraud report reveals trends that can help organizations mitigate fraud and improve the customer experience: Apply the right-sized fraud solutions to reduce unnecessary customer disruption Ensure you have a universal consumer view Select fraud solutions that are future-proof As fraudsters evolve, losses are climbing and the status quo is no longer effective. Organizations should be as forward-looking in fighting fraud as they are in business operations and marketing. >> Global Business Trends: Protecting Growth Ambitions Against Rising Fraud Threats