Fraud continues to be a challenge for all businesses in all sectors and, as seen in our Global Fraud and Identity report, a significant proportion of companies globally have suffered more than a 20 % increase in fraud rates year on year. Additional research reveals that three out of four businesses see fraud as a growing concern and seven out of 10 struggle to authenticate without impacting the customer experience. The threat of fraud is growing. So much so, that while efforts are being made to protect, the concern is that the pace of fraud is moving quicker than the implementation of new technologies to fight it.
“A significant proportion of companies globally have suffered more than a 20 % increase in fraud rates year on year.”
If we think about this for a second, one of the main reasons for this is that fraud is increasingly fluid. It can occur very quickly, and the methods of attack change regularly too. Today’s rising threat is fuelled by the vast volumes of data that people are sharing across multiple different platforms, be it social media sites, online shopping and email.
Fraudsters are technologically advanced too. They test systems to understand potential gaps in your fraud defences and are often using the most sophisticated, advanced techniques to perpetrate fraud. To better identify and mitigate fraud risks, you need to understand your system vulnerabilities and where the fraud threats are coming from. With this in mind, here are the key trends currently seen across financial services:
Targeting younger Vs older generations
Young people, ‘digital natives’, are the most at risk – two and a half times more at risk to be precise with an increase of 6% since 2014. We’re seeing the nature of fraud change as well, with much more low value, high volume fraud targeting the under 30s, whereas the fraud in the over 50’s is declining but tends to be larger amounts but less frequent. Most of the fraud against younger groups is not surprising with the use of more digital and mobile devices. Younger people are more trusting of the digital environment, and they live their lives online so a lot of information is public through social media.
Physical mail is a channel that isn’t typically favoured by this group, however, it’s still a channel that they are active in as some businesses still use it to send paper documents like cards, renewal letters or generic marketing literature. This can present a risk for those living in rented accommodation with shared mailboxes (which is common in this age group), and opens the vulnerability of their post being intercepted and identity stolen.
“Young people, ‘digital natives’, are the most at risk.”
New channels: new fraud
As we continue into the digital era, we’re seeing that more businesses are looking at different channels as a means of engaging with customers – including mobile apps and microsites. With new channels and new technology comes new vulnerabilities. One of the biggest is that fraud is commonly hard to detect across channels. For example, if someone starts an application online but then phones the business to complete the action.
“With new channels and new technology comes new vulnerabilities.”
Passwords are vulnerable
Passwords are not a great way to control access, not least because remembering them is a challenge for many (four out of ten need to use a password memory service) and therefore they need to recover them. Recovery, therefore, is vulnerable. A new password is often sent via email which may have been hacked by the fraudster. Today, there is no need to rely on passwords as other biometric authentication can replace them, using unique identities which aren’t as easily replicated or hacked, information that isn’t widely accessible, or even further identifying by understanding the device.
“Four out of ten need to use a password memory service.”
Current accounts continue to be targeted
Current accounts are used as a ‘trojan horse’ to access other products. Fraudsters steal a genuine person’s personal information which can then be used to open a current account. Banks will then offer overdrafts and other products, therefore, providing a more significant financial gain for the fraudster. The current account is the door to a fraudster entering which then opens up their potential to commit even more fraud. Today, current accounts continue to be the most threatened financial product for fraud.
“Current accounts continue to be the most threatened financial product for fraud.”
A rise of mule activity
We are seeing mule activity where people are using other people’s identities, with their permission, to commit fraud. This could be all referred to as second party fraud as it enables the fraudster to get access to a current account easily. This type of fraud is often used for money laundering and using the account to get other products. The fraudster could put a note in the corner shop: ‘Want to make £200? phone this number’. £200 is the price for your identity. The fraudster then abuses the identity, but the innocent giver of information has got some quick cash. It can be very tempting for some individuals, and we’re seeing mule cases lighting up in towns with particularly challenging economic conditions, and again across vulnerable ages such as Millennials with low incomes.
Fraud is now organised: at scale
Our research shows that fraud managers believe organised fraud accounts for at least 50 percent of certain types of fraud, showing the migration of fraud from a cottage industry to a big, global business. Fraudsters share and buy data and work in a production line. They will acquire some data, get an accomplice to probe it and pass the compromised identity on to someone else who uses the identity. Different people within the organised gangs will specialise in different things; some will be hackers while others use the data to commit the fraud. It’s a well-organised business, the investment not only contributes to money laundering but investments in new technology to commit even more fraud.
“Our research shows that fraud managers believe organised fraud accounts for at least 50 percent of certain types of fraud.”
Fraudsters utilise new technology
The downside of technology becoming more widely used and more accessible is that fraudsters jump on new technology very quickly and can use it at very low or no cost. They implement it more quickly without the need for due diligence that a reputable business would do such as contracting and compliance, leaving them at risk of being left behind. For example, Artificial Intelligence (AI) and machine learning (ML) are having a huge impact on fraud. There has been a rise in the use of AI and ML methodologies to aid the fight against fraud, but in certain specific scenarios, they could also be used by fraudsters to harm your organisation and customers.
“Artificial Intelligence (AI) and machine learning (ML) are having a huge impact on fraud.”
Recognising these key trends and where the threats originate from can help you to understand your exposure to fraud, and how to plan and prioritise your detection and prevention investments more effectively. Below are 5 things for you to consider:
- Identify people – if you can understand exactly who an individual is, you can simplify the customer journey and securely on board more genuine customers while weeding out the fraudsters. Digital identities could improve your identity verification process.
- The answer lies in data –if businesses become more data-centric and data-driven then they could use the insight from the data to make more accurate predictions of risk. This can be done by verifying device, email addresses, behavioural biometrics and more.
- Multi-layered fraud strategy – create a single customer view by connecting all your fraud controls in one place. This can link your customer and operational data across multiple channels.
- Agile, responsive strategy – if all your fraud controls are linked on one system, this can allow you to be more agile and quick in the digital environment. You can add new innovative solutions to a platform which has already been set up.
- Understand the reality of your problem – if you have a clearer view of what your vulnerabilities are, you can better plan your fraud investments to improve these areas.
All the various trends and considerations may seem daunting but the reality is that everything is connected. An open source platform that can manage your identity and fraud systems can help you to quickly adapt to new threats and challenges and make better, more informed decisions.