testpage

Digital commerce has changed the way consumers interact with businesses. More people are transacting online versus going into retail stores, and more than half of banking is done via mobile channels. Yet both businesses and consumers still want convenience and security, without increased fraud risk. And as interactions have become more anonymous in an online space, trust is based on businesses protecting consumers from fraud while still providing a great customer experience. So, what does it take to build trusted relationships online? New research from our 2019 Global Identity and Fraud Report shows that 74% of consumers see security as the most important element of their online experience, followed by convenience. In the past, businesses have often invested in one at the expense of the other, and our research suggests that consumers can expect both security and convenience without the trade-off. The availability of information consumers share with businesses make this possible, and consumers are willing to share more personal information if they believe it means greater online security and convenience. In fact, our research found that 70 percent of consumers are willing to share more personal data, particularly when they see a benefit. However, this value exchange of more personal information for a better online experience is the same information that puts consumers at a greater risk for fraud. Instead, businesses need to demand more from the information they already have access to and use more sophisticated authentication strategies and advanced technologies to better identify their customers and deliver tailored, streamlined experiences without increasing their risk exposure. Findings from the study reveal that consumers and business leaders agree that security methods enabled by new technologies and advanced authentication methods instill online trust. In fact, consumer confidence grew from 43 percent to 74 percent when physical biometrics was used to protect their accounts.  The report also found that businesses are beginning to embrace the changing technology, while half of organizations globally reported an increase in their fraud management budget over the past twelve months. And lastly, the report looked at transparency and how that impacts consumer trust. In order to create even more trust online, many businesses are proactively sharing with customers how they use their personal information. The report found that nearly 80 percent of consumers say the more transparent a business is about the use of their information, the greater trust they have in that business. And the good news is that 56 percent of businesses plan to invest more in transparency-inspired programs such as – consumer education, communicating terms more concisely, and helping consumers feel in control of their personal data. Fraud remains a constant threat and it should come as no surprise that nearly 60 percent of consumers worldwide have experienced online fraud at some point. However, both business and consumers are getting smarter about how they manage fraud and it comes down to the important theme of trust. In order for consumers to trust businesses, they need to feel secure. And by adopting better security measures, businesses can embrace the important role of protecting customers and giving them the experience they want and deserve. Download the new Experian 2019 Fraud & Identity report here.

Experian Health has announced a partnership with Change Healthcare, a leading revenue cycle management provider, to jointly provide an identity management solution to solve patient identification and duplication challenges most often occurring during the patient registration process. Accurate identification of patients across care settings is one of the most common challenges in healthcare today. Improper identity management plagues multiple aspects of the healthcare system and all stakeholders, including providers, payers, pharmacies, employers, and consumers. Without accurate record matching, patients can be put at risk. According to statistics cited by Pew Research Center up to 20 percent of patient records are not accurately matched within the same healthcare system—driving up costs, creating inefficiency, and risking patient safety. The solution delivered to the market will leverage Experian Health’s robust identity management capabilities, along with Change Healthcare’s Intelligent Healthcare NetworkTM connecting providers and payers, to accurately identify patients and match records within and across disparate healthcare organizations. With the companies’ extensive footprint across healthcare providers, and Change Healthcare’s ecosystem of over 700 channel partners, the partnership will aim to deliver trusted identity management capabilities that are integrated with healthcare workflow applications across the continuum. “It’s imperative the healthcare industry focus on accurate patient identification and data management to improve overall patient safety,” said Jennifer Schulz, group president, Experian Health. “This new partnership aligns with our commitment to connect and simplify healthcare in a data-driven world, and ultimately deliver an optimal consumer experience.” At launch, the solution is expected to be available to all providers and payers in the United States.  Currently, Experian’s Universal Identity Management solution, in particular, now includes 136.3 million people, representing 42.6% coverage of the U.S. population, and that number continues to grow every month. This partnership will expand the company’s reach even more with partners such as payers and smaller clinics to scale its identity solutions at a quicker pace and benefit the entire industry. “We are pleased to be able to move our business forward with key collaborations that will help us deliver a seamless and scalable identity management solution to more organizations,” added Schulz. “We look forward to working with Change Healthcare and exploring more partnership opportunities with them that can continue to address the healthcare industry’s most pressing operational issues through the power of data and analytics.”

I nearly made a bad mistake a couple of weeks ago after I received an email from a top online retailer stating there was a “problem with my recent order.” I had recently purchased several items and knew that any delay would jeopardize my holiday gift delivery. I was just about to click the “Login” button and then stopped. Thankfully, I had the presence of mind to double-check the sender, and, it wasn’t my favorite shopping site after all – just a really good fake email from a phishy sender. I had almost fallen victim to one of the oldest and most common fraud scams in the books — a phishing email. Phishing is the fraudulent practice of sending emails claiming to be from reputable companies. Fraudsters do this to get recipients to click a link and reveal personal information, like passwords and credit card numbers. Sometimes, they will even install malware on your mobile device or computer, directing you to a fake storefront to pilfer information like bank accounts or create new fraudulent accounts using your identity information. First, I thought, “Wow, what a dumb mistake, especially given our focus at work.” But phishing scams today have become more sophisticated and personal. We are all busy with life – our work, family, commute, and dinner plans, along with keeping up on the latest news cycle. Virtually anyone could be inclined to quickly click on a link stating there is an issue with their recent order. The best phishing scams are those that appear to come from a trusted source and reference real information about you, one of your recent shopping orders, or your personal preferences. Sometimes, a scam can even take the form of an “update” on the delivery of your recent orders, and you might rush into clicking links to resolve the problem. Know then trust What is it about phishing scams that make them so effective? It is the personal nature of the attack. The best ones are those that appear to come from a trusted source and discuss information about you, a recent order, your personal preferences, or even just to provide an “update” on delivery to rush you into clicking based on an issue or delay. One extremely lucrative attack that comes to mind is a recent UK bank attack where fraudsters obtained banking login credentials and accessed accounts in an attempt to submit fraudulent wire transfers. Posing as bank employees, the fraudsters contacted the accountholders to let them know that a fraudulent wire transfer attempt had been made on their account. And in order for the bank to cancel the wire, they needed the accountholders to provide a confirmation code that they would receive instantaneously through their mobile device to confirm their identity. What the accountholders didn’t realize is that the bank’s standard process for any wire transfer was to send a one-time password to the mobile phone number on file to confirm an abnormal transfer’s authenticity – not to stop fraudulent attempts. So, when the accountholders received the passcode, they unknowingly provided them to the fraudsters over the phone, effectively authenticating the transfers with the bank. Oh phishing fraud… Oh phishing fraud… But what about the holidays, you ask? Given our chaotic lives, fraudsters love to use phishing during the holidays. Attackers generally focus on major online retailers to enable the largest possible attack. Many consumers have established two-factor verification for accounts with top online retailers, but fraudsters can use this to their advantage if you’re not vigilant. For example, a scammer might send an email to suggest there is a problem with your recent order, then when you click on a link in the email to check on the issue, you might see a pop-up indicating that you’re using a different device than previously seen in the account. Without thinking too far into it, you’re given a one-time passcode that you enter to confirm your identity. The attacker can use your credentials and passcode to successfully log in as you, purchase goods using on-file payment information, and have the goods shipped to an alternate address. Another effective method for fraudsters is to leverage mediums that billions of consumers around the world use daily, like social media. This is the time of year where everyone is sharing photos and links with their friends and family – which is a prime opportunity for fraudsters to use malware or keyloggers to access social media accounts, masquerade as you, and amplify attacks by reaching out to all of your connections. And since fraudsters can just as easily take advantage of the latest AI and machine learning advances, scams are more sophisticated than ever before. Today’s attacks often use millions of servers worldwide to make attacks appear personal – to look like messages from a friend, family member, or other connection. They know your name, mention something personal that they found on one of your social media posts and ask you to do something – like click on the latest viral video or picture. This can all be done automatically and be sent to millions of people at the touch of a button. Send phishing scams on their way I know this all seems unsurmountable, but there are things that businesses and consumers can do to identify if they’ve been a victim and to avoid becoming a victim in these types of schemes. From a business perspective, the most effective approach is to assess users’ historical behavior. Are you seeing a large number of customers trying to move similar amounts to recently linked accounts or purchasing huge volumes of in-demand items? Perhaps the contact center is getting a lot of calls claiming fraud, which can be a sign of recent fraud attacks. Businesses can closely monitor transactions, educate their employees and customers to not click on untrusted links, and make sure there is more than one person to sign off on any account changes or large money transfers. For consumers, the number one thing you can do is to immediately contact the organization or financial institution where you were victimized. I know this takes time out of an already busy day, but it provides the best chance of recouping any lost funds. The other thing you can do is to immediately notify your social contacts about the scam if you’ve fallen victim. That way, others can protect themselves and help limit the damage and spread of any phishing incident. My experience with an “almost” phishing scam is that no one is immune. But the more everyone is aware of the potential consequences and how they can protect themselves, the less likely phishing attempts will be successful. Check out the Experian Insights blog to learn more about how Experian helps businesses and consumers during the holidays and throughout the year.