Tag: fraud

The multitude of modern fraud strategies available today necessitates applying an appropriate level of confidence to increase the likelihood of catching fraudsters without disrupting legitimate customers’ experiences. This approach is known as “rightsizing” your fraud solution. Here’s how fraud detection rates can be improved while reducing the number of false positives and disruption of legitimate customers: A right-size approach means tackling your fraud problem with a highly tailored solution that enables your business rather than crippling it. Next week, we’ll discuss this forward-looking approach to fighting fraud, or you can jump ahead and read our latest tip sheet. Tip sheet>

Published: January 8, 2018 by Guest Contributor

Traditional verification and validation parameters alone are not enough to stop identity fraud. Fortunately, there are many emerging trends and best practices for modern fraud and identity strategies: Applying right-sized fraud and identity proofing solutions to reduce user friction and manage fraud risk appropriately. Maintaining a universal user view by employing diverse breadth and depth of data assets and applied analytics. Expanding the user view through a blended ecosystem by collaborating with vendors, peer agencies, and partners in identity and fraud management. The future of identity proofing is more than just verifying individual identities. Check out our tip sheet linked below for more strategies. Modernize your fraud and identity strategies>

Published: December 7, 2017 by Guest Contributor

Sophisticated criminals work hard to create convincing, verifiable personas they can use to commit fraud. Here are the 3 main ways fraudsters manufacture synthetic IDs: Credit applications and inquiries that build a synthetic credit profile over time. Exploitation of authorized user processes to take over or piggyback on legitimate profiles. Data furnishing schemes to falsify regular credit reporting agency updates. Fraudsters are highly motivated to innovate their approaches rapidly. You need to implement a solution that addresses the continuing rise of synthetic IDs from multiple engagement points. Learn more

Published: November 17, 2017 by Guest Contributor

  Juniper Research recently recognized Experian as a Fraud Detection and Prevention Market Leader in its Online Payment Fraud Whitepaper. Juniper also shared important market insights in the report. The transactional value of card-not-present fraud is estimated to reach $19.3 billion in 2022. Online payment fraud is anticipated to grow 13.7% annually from 2017 to 2022. Digital banking fraud should reach $7.9 billion by 2022. $50.9 billion is expected to be spent on fraud detection and prevention software between 2017 and 2022. Fraud’s not going away anytime soon. Protecting your organization and customers is the new cost of doing business. Don’t wait until 2022 to start protecting yourself. Read the report>

Published: November 3, 2017 by Guest Contributor

The data to create synthetic identities is available. And the marketplace to exchange and monetize that data is expanding rapidly. The fact that hundreds of millions of names, addresses, dates of birth, and Social Security numbers (SSNs) have been breached in the last year alone, provides an easy path for criminals to surgically target new combinations of data. Armed with an understanding of the actual associations of these personally identifiable information (PII) elements, fraudsters can better navigate the path to perpetrate identity theft, identity manipulation, or synthetic identity fraud schemes on a grand scale. Using information such as birth dates and addresses in combination with Social Security numbers, criminals can target new combinations of data to yield better results with lower risk of detection. Some examples of this would be: identity theft, existing account takeovers, or the deconstruction and reconstruction of those PII elements to better create effective synthetic identities. Experian has continued to evolve and innovate against fraud risks and attacks with an understanding of attack rates, vectors, and the shifting landscape in data availability and security. In doing so, we’ve historically operated under the assumption that all PII is already compromised in some way or is easily done so. Because of this, we employ a layered approach, providing a more holistic view of an identity and the devices that are used over time by that identity. Relying solely on PII to validate and verify an identity is simply unwise and ineffective in this era of data compromise. We strive to continuously cultivate the broadest and most in-depth set of traditional, innovative and alternative data assets available. To do this, we must enable the integration of diverse identity attributes and intelligence to balance risk, while maintaining a positive customer experience. It’s been quite some time since the use of basic PII verification alone has been predictive of identity risk or confidence.  Instead, validation and verification is founded in the ongoing definition and association of identities, the devices commonly used by those individuals, and the historical trends in their behavior. Download our newest White Paper, Synthetic Identities: Getting real with customers, for an in-depth Experian perspective on this increasingly significant fraud risk.

Published: November 1, 2017 by Keir Breitenfeld

Despite rising concerns about identity theft, most Americans aren’t taking basic steps to make it harder for their information to be stolen, according to a survey Experian conducted in August 2017: Nearly 3 in 4 consumers said they’re very or somewhat concerned their email, financial accounts or social media information could be hacked. This is up from 69% in a similar survey Experian conducted in 2015. Nearly 80% of survey respondents are concerned about using a public Wi-Fi network. Yet, barely half said they take the precaution of using a password-protected Wi-Fi network when using mobile devices. 59% of respondents are annoyed by safety precautions needed to use technology — up 12% from 2015. When your customer’s identity is stolen, it can negatively impact the consumer and your business. Leverage the tools and resources that can help you protect both. Protect your customers and your business>

Published: October 26, 2017 by Guest Contributor

Synthetic identity fraud is on the rise across financial services, ecommerce, public sector, health and utilities markets. The long-term impact of synthetic identity remains to be seen and will hinge largely upon forthcoming efforts across the identity ecosystem made up of service providers, institutions and agencies, data aggregators and consumers themselves. Making measurement more challenging is the fact that much of the assumed and confirmed losses are associated with credit risk and charge offs, and lack of common and consistent definitions and confirmation criteria. Here are some estimates on the scope of the problem: Losses due to synthetic identity fraud are projected to reach more than $800 million in 2017.* Average loss per account is more than $10,000.* U.S. synthetic credit card fraud is estimated to reach $1.257 billion in 2020.* As with most fraud, there is no miracle cure. But there are best practices, and topping that list is addressing both front- and back-end controls within your organization. Synthetic identity fraud webinar> *Aite Research Group

Published: October 26, 2017 by Guest Contributor

Earlier this week, Javelin Strategy & Research announced its inaugural edition of the 2017 Identity Proofing Platform Awards. We were honored to see CrossCore as the leader – taking the award for the best overall identity proofing platform. According to the report, “Experian’s identity proofing platform is a strong performer in every category of Javelin’s FIT model. It is functional. It is innovative. And, most important, it is tailored toward the advisory’s expectations. The comprehensive nature of CrossCore makes it the market-leading solution for identity proofing.” It’s harder than ever to confidently identify your customers in today’s digital economy. You have lots of vendor solutions to choose from in the identity proofing space. And, now Javelin has made it much easier for you to select the partner that is right for your needs. Javelin’s newly minted Identity Proofing Platform Scorecard assesses current capabilities in the market to help you make that decision. And they have done a lot of the heavy lifting, looking across 23 vendors and scoring them based on three categories of their FIT model – functional, innovative, and tailored. Protecting customers is a priority for you – and for us. Here at Experian, we have a range of capabilities to help businesses manage identity proofing, and our CrossCore platform brings them all together. We launched CrossCore last year, with the goal of making the industry’s fraud and identity solutions work better for everyone. CrossCore delivers a future-proof way to modify strategies quickly, catch fraud faster, improve compliance and enhance the customer experience. We’re proud of the work we’ve done so far, integrating our products as well as adding more than 10 partners to the program. We’re pleased to see so many of our partners included in Javelin’s report. We’re working closely with our clients to pull in more partner capabilities, and further enhance our own platform to create a layered approach that supports a risk-based, adaptable strategy. As highlighted in the Javelin report, a reliance on traditional identity verification approaches are no longer sufficient or appropriate for digital channels. With CrossCore, our clients can choose the capabilities they want, when they want them, to dial in the right confidence level for each and every transaction. This is because CrossCore supports a layered approach to managing risk, allowing companies to connect multiple disparate services through a common access point. We are committed to making it easier for you to protect consumers against fraud. CrossCore is helping us all do just that.

Published: October 11, 2017 by David Britton

Evolution of first-party fraud to third Third-party and first-party schemes are now interchangeable, and traditional fraud detection practices are less effective in fighting these evolving fraud types. Fighting this shifting problem is a challenge, but it isn’t impossible. To start, incorporate new and more robust data into your identity verification program and provide consistent fraud classification and tagging. Learn more>

Published: September 22, 2017 by Guest Contributor

We recently analyzed millions of online transactions from the first half of 2017 to identify fraud attack rates. Here are the top 3 riskiest states for e-commerce billing and shipping fraud for H1 2017: Riskiest states for billing fraud Oregon Delaware Washington, D.C. Riskiest states for shipping fraud Oregon Delaware Florida Fraudsters are extremely creative, motivated and often connected. Protect all points of contact with your customers to prevent this growing type of fraud. Is your state in the top 10?

Published: September 18, 2017 by Guest Contributor

Cybersecurity cannot be successful if siloed. The entire organization must be part of the effort. Take these steps to ensure a more engaged relationship between cybersecurity teams, C-suite executives and other departments: Make the company’s chief information officer accountable directly to the chief executive officer and/or the board. Train employees at every level to spot security risks and to understand their role in protecting the entire organization from cyberattacks. Put cybersecurity on the agenda for every board and executive-level meeting, and incorporate it into quarterly state-of-the-company, all-hands meetings. With cybersecurity threats evolving and escalating daily, companies need to make engagement a priority that starts at the top and continues through every level of the organization. Increasing engagement in cybersecurity >

Published: September 7, 2017 by Guest Contributor

Since the advent of the internet, our lives have changed drastically for the better. We can perform many of life’s daily activities from the comfort of our own home. According to Aite, in 2016 alone 36 million Americans made some form of mobile payment — paying a bill, purchasing something online, paying for fast food or making a mobile wallet purchase at a retailer. Simply put, the internet has made our lives easier. But with the good also comes the bad. While most consumers have moved to the digital world, so have fraudsters. With minimal risk and high reward at stake, e-commerce fraud attacks have increased dramatically over the last few years, with no signs of slowing down. We recently analyzed millions of transactions from the first half of 2017 to identify fraud attack rates based on billing and shipping addresses and broke down the findings into various geographic trends. Fraud attack rates represent the attempted fraudulent e-commerce transactions against the population of overall e-commerce orders. Consumers living out West and in the South have experienced more than their fair share of fraud. During the first half of 2017, the West and the South were the top two regions for both billing and shipping attacks. While both regions were at the top during the same time last year, the attacks themselves have increased substantially. Given the proximity to seaports and major international airports, this is somewhat unsurprising — particularly for shipping fraud — as many fraudsters will leverage reshippers to transport goods soon after delivery. .dataTb{margin:20px auto;width:100%}.dataTb:after{clear:both}.dataTb table{}.dataTb td,.dataTb th{border:1px solid #ddd;padding:.8em}.dataTb th{background:#F4F4F4}.tbL{float:left;width:49%}.tbR{float:right;width:49%;margin:0 0 0 2%} Shipping: Riskiest Regions Region Attack rate West 38.1 South 32.1 Northeast 27.0 North Central 20.7 Billing: Riskiest Regions Region Attack rate West 37.2 South 32.9 Northeast 27.3 North Central 24.0   At the state level, the top three shipping fraud states remained the same as 2016 — Delaware, Oregon and Florida — but the order changed. Oregon was the most targeted, with a fraud rate of 135.2 basis points, more than triple its rate at in the end of 2016. Though no longer in the top spot, Delaware saw alarming spikes as well, with shipping attack rates nearly triple last year’s rate at 128.6 basis points and billing attacks at 79.6 basis points. .dataTb{margin:20px auto;width:100%}.dataTb:after{clear:both}.dataTb table{}.dataTb td,.dataTb th{border:1px solid #ddd;padding:.8em}.dataTb th{background:#F4F4F4}.tbL{float:left;width:49%}.tbR{float:right;width:49%;margin:0 0 0 2%} Shipping: Riskiest States State Attack rate Oregon 135.2 Delaware 128.2 Florida 57.4 New York 45.0 Nevada 36.9 California 36.9 Georgia 33.5 Washington, D.C 30.8 Texas 29.6 Illinois 29.4 Billing: Riskiest States Region Attack rate Oregon 87.5 Delaware 79.6 Washington, D.C. 63.0 Florida 47.4 Nevada 38.8 California 36.9 Arkansas 36.6 New York 35.5 Vermont 34.2 Georgia 33.4     Diving a bit deeper, ZIPTM codes in Miami, Fla., make up a significant portion of the top 10 ZIP CodeTM lists for shipping and billing attacks — in fact, many of the same ZIP codes appear on both lists. The other ZIP Code that appears on both lists is South El Monte, Calif., which has a high percentage of industrial properties — common targets for fraudsters to ship packages, then reship overseas. You can download the top 100 riskiest Zip Codes in the U.S. for H1 2017. .dataTb{margin:20px auto;width:100%}.dataTb:after{clear:both}.dataTb table{}.dataTb td,.dataTb th{border:1px solid #ddd;padding:.8em}.dataTb th{background:#F4F4F4}.tbL{float:left;width:49%}.tbR{float:right;width:49%;margin:0 0 0 2%} Shipping: Top 10 riskiest ZIP™ Codes ZIP Code Attack rate 33122 [Miami, Fla.] 2409.4 91733 [South El Monte, Calif.] 1655.5 33198 [Miami, Fla.] 1295.2 33166 [Miami, Fla.] 1266.0 33195 [Miami, Fla.] 1037.3 33192 [Miami, Fla.] 893.9 97251 [Portland, Ore.] 890.6 07064 [Port Reading, NJ] 808.9 89423 [Minden, Nev.] 685.5 77072 [Houston, Tex.] 629.3 Billing: Top 10 riskiest ZIP™ Codes ZIP Code Attack rate 77060 [Houston, Tex.] 1337.6 33198 [Miami, Fla.] 1215.6 33122 [Miami, Fla.] 1106.2 33166 [Miami, Fla.] 1037.4 91733 [South El Monte, Calif.] 780.1 33195 [Miami, Fla.] 713.7 97252 [Portland, Ore.] 670.8 33191 [Miami, Fla.] 598.8 33708 [St. Petersburg, Fla.] 563.6 33792 [Miami, Fla.] 493.0   As e-commerce fraud continues to grow, businesses need to be proactive to keep themselves and their customers safe. That means incorporating multiple, layered fraud prevention strategies that work together seamlessly — for example, understanding details about users and their devices, knowing how users interact with the business and evaluating previous transaction history. This level of insight can help businesses distinguish real customers from nefarious ones without impacting the customer experience. While businesses are ultimately responsible for the safety of customers and their data, the onus doesn’t rest solely with them. Consumers should also be vigilant when it comes to protecting their digital identities and payment information. That means creating strong, unique passwords; actively monitoring online accounts; and using two-factor authentication to secure account access. At the end of the day, e-commerce fraud is a challenge that businesses and consumers will experience for the foreseeable future. But rising attack rates don’t have to spell doom and gloom for the industry. E-commerce growth is still extremely strong, as consumers interact through multiple channels (in-store, mobile and web) and expect a personalized experience. Establishing trust and verifying digital identities are key to meeting these latest expectations, which provide new opportunities for businesses and consumers to interact seamlessly and transact securely. With multiple safeguards in place, businesses have a variety of options to protect their customers and their brand reputation.   Experian is a nonexclusive full-service provider licensee of the United States Postal Service®. The following trademarks are owned by the United States Postal Service®: ZIP and ZIP Code. The price for Experian’s services is not established, controlled or approved by the United States Postal Service.

Published: September 6, 2017 by Mike Gross

We live in a digital world where online identities are ubiquitous. But with the internet’s inherent anonymity, how do you know you’re interacting with a legitimate individual rather than an imposter? Too often we hear stories about consumers who see unauthorized purchases on their credit cards, enable access to their devices based on an imposter claiming to be a security vendor or send money to someone they met online only to learn they’ve been “catfished” by a fraudster. These are growing problems, as more consumers transition to digital services and look to businesses to protect them, enable seamless trusted interactions and maintain their privacy. I recently chatted with MarketWatch about how consumers can protect themselves and their privacy when using online dating apps, as well as what businesses are doing to safeguard digital data. As part of the discussion, I mentioned that a simple, standard verification process companies of all sizes can leverage is vital to our rapidly evolving digital economy. Today, companies have their own policies, processes and definitions of identity verification, depending on the services they offer. This ranges from secure access requiring strong identity proofing, document verification, multifactor authentication and biometric enrollment to new social profiles that do little more than validate receipt of an email to establish an online account. To satisfy those diverse risk-based needs, more organizations are turning to federated identity verification options. A federated system allows businesses to leverage trusted, reputable, third-party sources to validate identity by cross-referencing the information they’ve received from a consumer against these sources to determine whether to establish an account or allow a transaction. While some organizations have attempted to develop similar identity verification capabilities, many lack a trusted identity source. For example, there are solutions that leverage data from social media accounts or provide multifactor fraud and authentication options, but they often become easily compromised because of the absence of verifiable data. A trusted solution aggregates data across multiple providers that have undergone thorough security and data quality vetting to ensure the identity data is accurately submitted in accordance with business and compliance requirements. In fact, there are only a handful of trusted identity sources with this level of due diligence and oversight. At Experian, we assess verification requests against an aggregate of hundreds of millions of records that include identity relationships, profile risk attributes, historical usage records and demographic data assets. With decades of knowledge about identity management and fraud prevention, we help companies of all sizes balance risk mitigation and maintain compliance requirements — all while ensuring consumer data privacy. Trust takes years to build and mere seconds to lose, and the industry has made undeniable progress in security. But there is much left to do. Consumers are increasingly involved in the protection and use of their data. However, they often don’t realize downloading a hot new app and entering personal details or linking to their friends exposes them to unnecessary risk. It’s important for businesses to be clear about their identity verification processes so consumers can make educated decisions before electing to provide invaluable identity data. The most effective fraud prevention and identity strategy is one that quickly establishes trust without inconveniencing the consumer. By staying up to date on verification methods, businesses can ensure customers have a smooth, personalized and engaging online experience.

Published: August 8, 2017 by Mike Gross

A combination of mass identity data compromise and the increasing abilities of organized fraud rings has created a synthetic identity epidemic that is impacting all markets. Here are the three ways that synthetic identities are generally created: Credit applications and inquiries that result in synthetic credit profile creation or build. Exploitation of the authorized user process designed to take over or piggyback on legitimate credit profiles. Data furnishing schemes that falsify regular credit reporting agency updates. When it comes to fighting synthetic fraud, we all need to be a part of the solution – or we are just a part of the problem. Mitigate synthetic identity fraud >

Published: July 13, 2017 by Guest Contributor

Mitigating synthetic identities Synthetic identity fraud is an epidemic that does more than negatively affect portfolio performance. It can hurt your reputation as a trusted organization. Here is our suggested 4-pronged approach that will help you mitigate this type of fraud: Identify how much you could lose or are losing today to synthetic fraud. Review and analyze your identity screening operational processes and procedures. Incorporate data, analytics and cutting-edge tools to enable fraud detection through consumer authentication. Analyze your portfolio data quality as reported to credit reporting agencies. Reduce synthetic identity fraud losses through a multi-layer methodology design that combats both the rise in synthetic identity creation and use in fraud schemes. Mitigating synthetic identity fraud>  

Published: June 22, 2017 by Guest Contributor