With Fraud Losses Mounting, Learn How to Protect Your Business While Keeping Your Customers Happy
In today’s highly competitive market, financial institutions and businesses must walk a fine line between streamlining customer experiences and preventing fraud. Customers expect interactions to be fast, easy and available on every device – slow them down and they’ll go elsewhere. But fail to properly authenticate them, and fraudulent activity skyrockets.
Financial Losses Are Expected to Double
As online shopping and banking continue to grow at an unprecedented pace, fraud prevention needs to stay front and center. According to The Nilson Report, credit card fraud losses incurred by banks and merchants on all credit, debit, and prepaid general purpose and private label payment cards issued worldwide reached $16.31 billion in 2015 — a number that’s expected to more than double to $35 billion by 2020.
In a recent report from Aite Group losses attributed to U.S. Credit Card Application Fraud alone is expected to almost double from 2016 to 2020 reaching over two billion dollars.
Fraud Damage Goes Deeper than Money
Identify theft and online fraud not only affects financial institutions’ bottom line, directly causing billions of dollars in credit losses – it also affects it indirectly creating losses from wasted collections efforts and lost employee productivity.
Results from a recent Neustar and American Banker survey highlight the additional damage caused by fraud in financial institutions. This research found that direct financial losses due to fraudulent activity only accounted for about a third of the total losses with customer churn. Lost productivity and regulatory action made up equal shares in the remaining losses.
And let’s not forget all the other damage that’s suffered by businesses and consumers. Businesses lose revenue from negative publicity and brand damage, not to mention chargeback fees and the competition from the black market where goods may be resold. Customers suffer dealing with stolen identities, canceled cards, blocked access to credit, and damage to their credit ratings.
What’s Driving Fraud’s Massive Growth?
So why does this fraud problem seem unstoppable? Over the past several years, the nature of fraud has fundamentally changed, forcing businesses to make the tough choice between slowing down transactions and limiting fraud. And from the bad guy’s perspective, if the means, motives, and profit for online fraud exist, it’s guaranteed to grow. In addition to all the PII that’s in the wild recent trends and developments are also contributing to fraud’s explosion.
Consumers Are Embracing the Online Marketplace
The rapid adoption of online banking and shopping is one of the major contributing factors to fraud’s growth.
In recent years, consumers have moved a huge portion of their daily business online, and they’re doing it at a massive scale. During the 2016 holiday season, consumers spent $80.2 billion shopping online, which was a 17% increase from 2015. Moreover, they’re increasingly using their mobile devices to conduct these transactions — mobile commerce grew at nearly double the rate during the 2016 holiday season compared to 2015.
Banks and Businesses Don’t Want to Slow Them Down
As customers take their business online, businesses and banks want to streamline the customer experience. And this often means they sacrifice security to make interactions quick and easy.
Thanks to the examples set by companies like Apple and Amazon, customers have developed exceedingly high expectations when it comes to conducting business online or via a mobile device. Barriers to interactions are business killers with customers who can change who they do business with the click of a mouse. As a result, businesses often make the tough choice between slowing down transactions and limiting fraud at their own expense.
Cybercriminals Are Getting More Organized
As consumer spend moves online and businesses lower their standards, cybercriminals are getting better at exploiting the new environment. It’s a growth market.
Today we’re seeing the rise of the professional cybercriminal. While once operating alone in their proverbial basements, today’s cybercriminals have evolved into highly organized entrepreneurs who run companies in office parks. They are organized by specialty and staffed with product managers and support agents. They sell malware, ransomware and conduct coordinated fraud attacks against businesses of any size. They’re in the business of launching sophisticated attacks for increasingly bigger payoffs – with seemingly very little consequences.
Identity Verification Past and Present
In the days before everything was online, businesses had to verify customers before they could open a new account or were extended credit. This process involved meeting someone face-to-face and providing identification like a driver’s license, a social security card and a utility bill.
Today — thanks to today’s faceless online banking environment and billions of bits of personally identifiable information (PII) available on the dark web — the situation has vastly improved for the bad guys. Breached identity data is accessible with a few clicks. And there’s a much smaller risk of getting caught red-handed because it’s all done anonymously online.
Asking 3 Key Questions
So how do we make it harder for the bad guys to prosper while improving the odds for the good guys?
Well, it’s simple. You basically do what bankers did years ago. When someone opens a new account, you verify their identity. It’s a simple enough concept. However, it’s difficult to put into practice in today’s digital world. When you have devices that essentially act as proxies for people and you combine them with all the stolen PII in the wild, it’s tough to distinguish who’s who.
It’s not impossible, though. The trick to successfully distinguishing a customer from a fraudster is asking three key questions.
- Can the customer’s identity be verified?
- Can the device being used for access be verified?
- What level of trust can be assigned to the identity and device combination?
Connecting the Online and Offline Worlds to Get Answers
In order to answer these questions, you must utilize a combination of online and offline information. Important offline data includes a customer’s name, address, phone number and email address. These data points are used for an initial check, which ensures PII elements match known corroborated sources.
After all this offline data is verified, it should then be matched with known online data. Online data is more than just cookies and IP addresses. It’s comparisons between data from a wide range of sources. It’s IP addresses that demonstrate consistent location patterns. It’s matching this data to a device fingerprint and verifying additional connections between the device and the person.
In the case where a mobile device is used as the proxy device, gathering additional data is essential. The mobile network carrier data should also be checked to look for prepaid status. The last port or SIMM swap date should be established, and other billing information that links the device to its owner should be verified.
Making Connections in Real-Time
The trick is to authenticate all this data and analyze it in real-time. Once of all these connections are made, they can then be used to determine the level of trust that can be associated with all the linkages.
When businesses and financial institutions can gain a clear understanding of who the real customers are behind every interaction, trust levels rise. In this environment, providing customers with fast access to a new account is easy, and allowing them to make changes to an existing account or make purchases can all happen without additional hassles like multifactor authentication.
Neustar Creates Trusted Interactions
The Neustar Identification and Fraud Prevention solution enables you to know exactly who you are doing business with across mobile and online channels so that you can create trusted interactions in today’s connected world.
Neustar identifies your unique customers when they’re creating a new account, logging into an existing account, or accessing customer support. It confirms data connections and enables you to instantly flag any issues at the point of interaction.
Neustar creates a single, trusted customer identity by linking over 200 real-time data sources, like advertising cookies, IP addresses, email addresses, home and business addresses, landline, VoIP, and mobile phone data and device fingerprint data. By combining the industry’s most extensive authoritative offline customer data with online device data, Neustar authenticates every identity in real time, enabling you to distinguish customers from fraudsters.