Identity & Fraud
Ways Experian is helping reduce fraud and protect consumers
Experian Health has announced a partnership with Change Healthcare, a leading revenue cycle management provider, to jointly provide an identity management solution to solve patient identification and duplication challenges most often occurring during the patient registration process. Accurate identification of patients across care settings is one of the most common challenges in healthcare today. Improper identity management plagues multiple aspects of the healthcare system and all stakeholders, including providers, payers, pharmacies, employers, and consumers. Without accurate record matching, patients can be put at risk. According to statistics cited by Pew Research Center up to 20 percent of patient records are not accurately matched within the same healthcare system—driving up costs, creating inefficiency, and risking patient safety. The solution delivered to the market will leverage Experian Health’s robust identity management capabilities, along with Change Healthcare’s Intelligent Healthcare NetworkTM connecting providers and payers, to accurately identify patients and match records within and across disparate healthcare organizations. With the companies’ extensive footprint across healthcare providers, and Change Healthcare’s ecosystem of over 700 channel partners, the partnership will aim to deliver trusted identity management capabilities that are integrated with healthcare workflow applications across the continuum. “It’s imperative the healthcare industry focus on accurate patient identification and data management to improve overall patient safety,” said Jennifer Schulz, group president, Experian Health. “This new partnership aligns with our commitment to connect and simplify healthcare in a data-driven world, and ultimately deliver an optimal consumer experience.” At launch, the solution is expected to be available to all providers and payers in the United States. Currently, Experian’s Universal Identity Management solution, in particular, now includes 136.3 million people, representing 42.6% coverage of the U.S. population, and that number continues to grow every month. This partnership will expand the company’s reach even more with partners such as payers and smaller clinics to scale its identity solutions at a quicker pace and benefit the entire industry. “We are pleased to be able to move our business forward with key collaborations that will help us deliver a seamless and scalable identity management solution to more organizations,” added Schulz. “We look forward to working with Change Healthcare and exploring more partnership opportunities with them that can continue to address the healthcare industry’s most pressing operational issues through the power of data and analytics.”
I nearly made a bad mistake a couple of weeks ago after I received an email from a top online retailer stating there was a “problem with my recent order.” I had recently purchased several items and knew that any delay would jeopardize my holiday gift delivery. I was just about to click the “Login” button and then stopped. Thankfully, I had the presence of mind to double-check the sender, and, it wasn’t my favorite shopping site after all – just a really good fake email from a phishy sender. I had almost fallen victim to one of the oldest and most common fraud scams in the books — a phishing email. Phishing is the fraudulent practice of sending emails claiming to be from reputable companies. Fraudsters do this to get recipients to click a link and reveal personal information, like passwords and credit card numbers. Sometimes, they will even install malware on your mobile device or computer, directing you to a fake storefront to pilfer information like bank accounts or create new fraudulent accounts using your identity information. First, I thought, “Wow, what a dumb mistake, especially given our focus at work.” But phishing scams today have become more sophisticated and personal. We are all busy with life – our work, family, commute, and dinner plans, along with keeping up on the latest news cycle. Virtually anyone could be inclined to quickly click on a link stating there is an issue with their recent order. The best phishing scams are those that appear to come from a trusted source and reference real information about you, one of your recent shopping orders, or your personal preferences. Sometimes, a scam can even take the form of an “update” on the delivery of your recent orders, and you might rush into clicking links to resolve the problem. Know then trust What is it about phishing scams that make them so effective? It is the personal nature of the attack. The best ones are those that appear to come from a trusted source and discuss information about you, a recent order, your personal preferences, or even just to provide an “update” on delivery to rush you into clicking based on an issue or delay. One extremely lucrative attack that comes to mind is a recent UK bank attack where fraudsters obtained banking login credentials and accessed accounts in an attempt to submit fraudulent wire transfers. Posing as bank employees, the fraudsters contacted the accountholders to let them know that a fraudulent wire transfer attempt had been made on their account. And in order for the bank to cancel the wire, they needed the accountholders to provide a confirmation code that they would receive instantaneously through their mobile device to confirm their identity. What the accountholders didn’t realize is that the bank’s standard process for any wire transfer was to send a one-time password to the mobile phone number on file to confirm an abnormal transfer’s authenticity – not to stop fraudulent attempts. So, when the accountholders received the passcode, they unknowingly provided them to the fraudsters over the phone, effectively authenticating the transfers with the bank. Oh phishing fraud… Oh phishing fraud… But what about the holidays, you ask? Given our chaotic lives, fraudsters love to use phishing during the holidays. Attackers generally focus on major online retailers to enable the largest possible attack. Many consumers have established two-factor verification for accounts with top online retailers, but fraudsters can use this to their advantage if you’re not vigilant. For example, a scammer might send an email to suggest there is a problem with your recent order, then when you click on a link in the email to check on the issue, you might see a pop-up indicating that you’re using a different device than previously seen in the account. Without thinking too far into it, you’re given a one-time passcode that you enter to confirm your identity. The attacker can use your credentials and passcode to successfully log in as you, purchase goods using on-file payment information, and have the goods shipped to an alternate address. Another effective method for fraudsters is to leverage mediums that billions of consumers around the world use daily, like social media. This is the time of year where everyone is sharing photos and links with their friends and family – which is a prime opportunity for fraudsters to use malware or keyloggers to access social media accounts, masquerade as you, and amplify attacks by reaching out to all of your connections. And since fraudsters can just as easily take advantage of the latest AI and machine learning advances, scams are more sophisticated than ever before. Today’s attacks often use millions of servers worldwide to make attacks appear personal – to look like messages from a friend, family member, or other connection. They know your name, mention something personal that they found on one of your social media posts and ask you to do something – like click on the latest viral video or picture. This can all be done automatically and be sent to millions of people at the touch of a button. Send phishing scams on their way I know this all seems unsurmountable, but there are things that businesses and consumers can do to identify if they’ve been a victim and to avoid becoming a victim in these types of schemes. From a business perspective, the most effective approach is to assess users’ historical behavior. Are you seeing a large number of customers trying to move similar amounts to recently linked accounts or purchasing huge volumes of in-demand items? Perhaps the contact center is getting a lot of calls claiming fraud, which can be a sign of recent fraud attacks. Businesses can closely monitor transactions, educate their employees and customers to not click on untrusted links, and make sure there is more than one person to sign off on any account changes or large money transfers. For consumers, the number one thing you can do is to immediately contact the organization or financial institution where you were victimized. I know this takes time out of an already busy day, but it provides the best chance of recouping any lost funds. The other thing you can do is to immediately notify your social contacts about the scam if you’ve fallen victim. That way, others can protect themselves and help limit the damage and spread of any phishing incident. My experience with an “almost” phishing scam is that no one is immune. But the more everyone is aware of the potential consequences and how they can protect themselves, the less likely phishing attempts will be successful. Check out the Experian Insights blog to learn more about how Experian helps businesses and consumers during the holidays and throughout the year.
Most of us have experienced the feeling of frustration when it comes to online security protocols. You need to log-in to an account, but you’ve forgotten your password. When you choose an option to reset your password, you are asked to answer one of your security questions. But you forget which movie you said was your favorite while you were growing up. You take a guess, but unfortunately it’s the wrong one and you find yourself locked out of your account. At this point, you’re annoyed and wonder why accessing your account is so difficult in the first place. Historically, the attempt to balance customer security and convenience has been one of the biggest challenges online businesses have faced. As consumer expectations for smooth online experiences increase, businesses aim to deliver security protocols that make customers feel safe and protected, while allowing for easy and convenient access. According to our recent Global Fraud and Identity Report, 66 percent of consumers like security protocols when they transact online because it makes them feel protected. In fact, the lack of visible security was the number one reason customers abandoned a transaction. However, while consumers may tolerate the nuisance of common barriers to accessing their accounts, including forgetting their password or having to re-renter other security controls like CAPTCHA or two-factor authentication, higher friction doesn’t necessarily mean better security or a better overall experience. If businesses were able to offer a frictionless customer experience that was as secure, if not more secure, than the experience today, they could potentially increase overall revenue and growth. One-third of the consumers we surveyed said they would do more transactions online if there weren\'t so many security hurdles to overcome. And the number rose even higher in different age groups. For instance, the percentage rose to 42 percent when it came to millennials. We believe that a fundamental shift in the thinking is required. No longer, should businesses attempt to balance security against consumer convenience, but rather, we believe that with the right use of technology, analytics and data, both goals can be simultaneously achieved. In the name of both security and convenience independently, we are already seeing data-driven, artificial-intelligence powered systems operating behind the scenes. We believe that a merging of these two functions will yield significant benefits for the business as a whole. For this to work, businesses will need to gain and maintain the customer\'s trust without the familiar perception of security. Customers want to be recognized and businesses want to address the growing fraud they are experiencing. Solutions that combine device and behavioral intelligence with other data points such as biometrics, processed via advanced machine-learning, could help businesses in the future, simultaneously recognize their customers more accurately, and do so without challenging them. Winning companies will move from balancing security against convenience, to achieving both goals via a synergistic approach, and ultimately will evolve trust through technology, data and analytics.
As businesses, we want to know our consumers and their habits so we can offer the best customer experience possible, whether in store or online.
Identity fraud is at an all-time high, and it can have devastating consequences on a person’s life. Victims of identity fraud may have to file for bankruptcy or deal with debt, which can sometimes cause personal relationships to suffer. Elderly people in particular are at the greatest risk of fraud out of any age group, as they tend to more trusting of phone calls, house calls and email scams. It’s my job at Experian to arm them with the tools they need to prevent identity fraud. The number one challenge in helping prevent identity fraud is lack of awareness. People simply don’t know all the risks, so education is a paramount priority. At Experian, we conducted research on the best way to educate different age groups, and found that it varied widely. While younger people are best reached online, older people are more responsive to face-to-face activities, which is part of the reason they are more susceptible to doorstep scams. To help educate elderly people, we found we needed to go out into the community and literally put useful information into people’s hands. As part of these efforts, my team at Experian first worked with the Outreach Solutions organization to help older people in Nottinghamshire, England, understand the dangers of fraud. The pilot campaign, “Tackling Fraud,” reached 15,000 U.K. residents over age 55, teaching them how to tackle the threat of fraud. We armed these individuals with expert advice on how to spot suspicious activity and stop it from happening to them or the people they care about. Given the success and great reception we had in Nottinghamshire, it was clear that this movement could continue growing. According to Experian research, Glasgow is one of the areas with the highest number of identity fraud cases in Scotland. We’d been testing a new television advertisement in Glasgow – marking the first time that identity fraud has ever been advertised on TV in the U.K. – so I made the case to run the next iteration of our Tackling Fraud campaign there, too. In partnership with the Glasgow Council for the Voluntary Sector, we worked with a range of individuals and community groups to provide fraud prevention training to more than 30,000 elderly people in the city. We’re dedicated to helping the elderly with our Tackling Fraud campaign, putting people in control of their lives by giving them the information they need to help them protect themselves. I hope that one day we can take this project throughout the U.K. Written by: Phil Rance, Director of Product Identity, Experian Consumer Services
This morning on my way into the office, I made my usual stop for coffee. Just like every other day, the barista greeted me by name and my usual drink was being made before I got to the counter. Doesn’t it feel nice when you’re recognized? The same holds true when we interact online. We want to be recognized when we transact online, because recognition helps to stimulate trust. And trust is what makes all of us feel safe and protected. New research from our Global Fraud and Identity Report demonstrates that customer recognition also plays a large role in indicators of fraud. Most of the 500 business executives in 11 countries that we interviewed across the globe, said that if they were certain about a customer’s identity, the need for fraud risk mitigation would be reduced. One of the trickiest components to fraud detection, is finding the fine line between turning away good customers and letting the fraudsters slip through. Our global research revealed that most businesses tend to demonstrate suspicion when it comes to preventing fraud, following a route of detection rather than permission or trust. In fact, 71 percent of businesses know that they deny more transactions than they should. The end result isn’t just a loss of sales, but it also may very likely damage the lifetime value of that customer. Business leaders agree that if they were more precise in identifying the customer and avoiding denial of real transactions, they would see an increase in revenue. In addition, the report confirmed what we all already know – as consumers, we expect the companies we do business with to protect us. We surveyed 5,500 people in 11 countries, and many said they equate visual signs of security and the barriers they encounter when accessing their accounts to mean the transaction is more secure. Nearly 7 out of every 10 people like the security protocols when they transact online because it makes them feel protected. As customers, we want to believe that banks and retailers are doing everything they can to protect and secure our online transactions. Our study also found that 72 percent of businesses say fraud is a growing concern, with online fraud continuing to be a top concern across the globe. One of out every 10 businesses are experiencing the same or more fraudulent losses online compared to a year ago. Fraud is always evolving and fraudsters are becoming more resourceful than ever before. And while there is no silver bullet, and good modern fraud detection requires multiple fraud detection strategies, better customer recognition could make an immediate difference. Simply put, the better you recognize the customer, the better you can recognize fraud. Get a copy of the complete Global Fraud and Identity Report
In October, I had the pleasure of joining many industry leaders and fraud risk professionals from around the world at Experian’s Fusion Summit 2017 held in Scottsdale, Arizona. Our annual Fusion Fraud Summit is a great opportunity to hear from industry leaders on what trends and emerging technology they are currently focusing on. This collaboration with other thought leaders is critical to staying ahead of fraudsters and keeping consumers safe, while providing the best experience possible. In addition to enjoying the sunny Arizona venue, I had the opportunity to network and have candid conversations with attendees and speakers about their fraud challenges and how these challenges affect their businesses. One thing I found striking is that in nearly every conversation, the topics centered on one or more of the following four themes. Security As consumers, we want to feel safe and we want to feel that businesses are doing everything they can to protect us: our payment information, our identity, our credit. Similarly, businesses want to help their customers feel safe, but they also want consumers to know that the data entrusted to them will not fall into nefarious hands. As such, the fraud leaders I spoke with at Fusion are more concerned with security than ever before. But they also know that there is no silver bullet to solve the ever-growing fraud problem. Instead, it’s a multi-layered approach that includes a combination of products and strategies that will recognize identities and assess risk of fraud. Those layers will help to provide the right level of confidence for every transaction. Recognition Being recognized by the people we do business with goes a long way. Whether it’s your coffee shop barista or the front desk clerk at your favorite hotel, being recognized makes us feel appreciated and special. The same applies in today’s digital environment. With the lack of face-to-face interaction online, being recognized when transacting and engaging online is even more important. Customers expect to be recognized and welcomed wherever and whenever they do business. The fraud leaders I spoke with said the same; they want to be as certain as they can about who their customers are. The benefits to this are huge - customers are recognized and welcomed, and it is easier for the business to recognize the fraud. Convenience We all lead busy lives, so it’s handy when we can easily pay bills or make purchases online. But it is not convenient when we’re forced to enter in passwords we may not remember, or get a code from our phone just to prove who we are. Worse yet, purchases could be declined unnecessarily. Now that’s inconvenient. Businesses struggle, especially this time of year, to provide a hassle-free experience for their customers while keeping a handle on increased levels of fraud during the holiday buying season. Most of the executives I spoke with at Fusion would like advanced authentication and security measures that don’t impact customers negatively but provide a better way to establish trust. Trust And in the end, it really comes down to trust. As consumers, why do we prefer to do repeat business with people we know? It is because we trust them. You know them, they know you: recognition helps to stimulate trust. As businesses get to know and recognize their customers, even online customers, they become more confident in evolving the level of conversation and engagement. Trust is at the center of every strong, lasting relationship. And trust is what makes all of us feel safe and protected. While at Fusion, I gave attendees a sneak peek into some of the findings of our upcoming annual Global Fraud Report. Over the last several months, we interviewed 5,500 consumers and more than 550 businesses in 11 markets around the world to hear what concerns and priorities they had. We look forward to sharing lots of great information in the next few weeks and throughout 2018, but for now I can tell you 30 percent of businesses are experiencing more fraud losses over the past 12 months. While these same businesses are eager to introduce new and innovative ways for consumers to open accounts or conduct transactions online, they also are keenly aware that new channels present new challenges. In order to make a difference, we need to work together as an industry to find smarter and more efficient ways to protect both the businesses and the customers they serve. Throughout the coming months, we’ll be sharing the 2018 Global Fraud Report and the findings. I’m sure you’ll find – just as we did – some eye-opening research into how consumers view recognition and trust and what businesses need to do to provide that secure and positive customer experience. For more information about how Experian can help you recognize your customers and better detect fraud, visit: https://www.experian.com/decision-analytics/global/fraud/global-identity-fraud.html
A few years back, a friend approached me at church, devastated because his identity had been stolen. His tampered identity made it difficult for him to access credit, and his small business was suffering as a result. I’ve been working at Experian for 9 years, and I’m regularly asked by folks how to effectively build credit and keep identities secure, but this case had me stumped. I ended up directing him to a colleague of mine who helped facilitate his recovery, but I wanted to do more. I started asking around the office how I could help not only friends and family, but anyone in the community who is concerned about their credit. That’s when I joined Experian’s Ambassadors Program. As an Ambassador, I now regularly volunteer my time to share financial literacy presentations on credit and identify theft prevention with people in my community, from students to church groups. One presentation I gave recently really changed my perspective on the power of credit. My son asked me to present at his company, Capital Group, in the Financial District of Los Angeles. Walking into the presentation, I assumed that their work in finance would make them credit experts. I assumed I would be presenting to a small group of people who felt confident about their credit and would ask very few questions. I couldn’t have been more wrong. The group was two times larger than any audience I’d presented to before, and they were incredibly engaged. Many inquired about simple credit concepts: “What should I be aware of regarding my credit report? How can I make my credit better?” It dawned on me that just because someone’s in finance or business doesn’t automatically mean they understand the ins and outs of credit – they work just like you and I do, and it’s not their #1 job to worry about their credit. I realized that everyone could benefit from the information we were providing. During that presentation, I broke the concept of credit down into manageable chunks, explaining things like the consequences of late mortgage payments, how to prevent identity fraud and a person’s credit utilization rate. I drew on the mistakes I made as a young man and the hindsight I now have as a grandfather to 19 children. I wanted to equip them with the tools they needed to adjust to all of life’s events – from divorce to sending a kid off to college – and help them make financial changes that will positively benefit them and their families. One presentation at a time, I want to continue ensuring that families can confidently pursue their dreams and achieve financial milestones.
We developed CrossCore to make the industry’s fraud and identity solutions work better for everyone. We wanted to help organizations prevent more fraud while making it easier for their good customers to do business with them and nearly a year after the launch we’re proud of the reception we’ve had from clients, partners and the industry. Our latest honor is a bronze and gold medal from the American Business Awards for Identity and Access Security Solution Product of the Year and Product Management Department/Team of the Year. “We developed CrossCore to help our clients get the strength they want with the flexibility they need for more effective fraud management,” said Kathleen Peters, Global Vice President, Product Management, Fraud and Identity at Experian. “These latest Stevie Awards validate the feedback we’ve received from the market, and more importantly, from our clients.” CrossCore helps organizations with the ever-changing, complex and challenging world of fraud prevention. Businesses readily add solutions from us, other providers, and even their own solutions, to connect, access and orchestrate decisions across multiple systems. To make this possible for our clients, our teams worked around the clock in offices all around the world. They brought experiences and perspectives together to build and test code in packages that could be installed anywhere and everywhere. Using this “immutable infrastructure” approach, the team built, configured, connected, tested and monitored over 20 different systems to ensure everything was working. And they did it in less than nine months. The Stevie Award judges recognize the efforts of this team and the power of CrossCore. Here are just some of the positive comments we received: “The deployment of a global project such as CrossCore in only 9 months is remarkable, especially with 20 different systems being interconnected to deliver the service. Lots of hard work from the team, congrats!” “Seems like the strongest and the best solution in fraud prevention. Experian is already the industry leader in its respective industry, however CrossCore seems to be a great service, with a beautiful and intuitive UI.” “A good write up on what appears to be a useful platform. This is a great accomplishment and the nomination sounds like a talented team of product developers and software engineers.” “Congratulations on delivering an ambitious product in a relatively short timeframe!” We’re excited about how CrossCore could fit into your fraud strategy and would love to talk to you about it. Learn more ways CrossCore can help your business prevent fraud.