Fraud on the Attack: ID Theft
Fraud is an intentional perversion of truth in order to induce another to part with something of value, as defined by Merriam-Webster’s Dictionary. The cyber-attacks on companies like Citi and Sony, where hundreds of thousands of account holders’ personal information has been stolen and exposed is the type of fraud that has gotten the biggest press over the last year. There is no doubt that this kind of ID Theft is a major problem, and can lead to numerous types of fraud that infiltrate the financial industry, but there are others too. With Mobile fraud, Empty Envelope Deposits, and Friendly Fraud (fraud from a known person) there is no doubt that fraud is on the attack.
Historically, there is an inverse correlation between a recession and fraud. When the economy is down; fraud goes up. The distinction by FI’s between those individuals in a difficult financial situation and those who are committing fraud becomes gray. They may end up treating everyone as though they are a fraudster during a recession and start alienating potentially their best customers. Let’s use empty envelope fraud as an example. Someone opens a checking account by depositing a paycheck. She uses the account and maintains the minimum requirements. She deposits another paycheck equal in amount in two weeks and then another always keeping the minimum balance. After a couple months she makes another deposit, but with an empty envelope for the same amount as previous paychecks. It looks like a mistake. But is it?
Understanding the different types of fraud is the first step towards better fraud management. In order to understand the vast universe of financial industry fraud, you need to narrow it down by looking at specific products and channels. What types of fraud are common to credit cards compared to checking accounts? What are some of the unique fraud concerns associated with newer channels like online and mobile? Narrowing fraud down even further requires a differentiation between new account opening and authorization. Additionally, motive plays a role in this as well, as is indicated by the empty envelope deposit example. This is the first in a series of blog posts that I will be writing on the different types of fraud and what can be done to manage them. For this article, let’s focus on ID Theft during new account opening.
ID Theft can be used to gain credit whether renting an apartment or signing up for a credit card. Interestingly according to Javelin survey, ID Theft in 2010, claimed fewer victims than in previous years, but the dollar amount that impacted individual consumers (or out-of-pocket expense) increased. I think it is safe to say that the overall numbers of consumers who were extended credit of any kind also declined last year, so that could be a direct link to the decline since there are likely fewer credit candidates out there. However, the interesting fact is that the dollar amount stolen is greater, especially in the new account opening process.
One conclusion from this is that fraudsters are taking advantage of the fact that FI’s don’t know their prospective customers very well in the new account opening process. Banks and card issuers are willing to take some risk to acquire a potentially very profitable customer. Additionally the fraudulent behavior is harder to detect immediately, because of the lack of knowledge around that customer. So fraudsters can accumulate quite a stash of cash from one ID before they have to get out. ID Theft is a full time job for some and enables fraudsters to branch from a credit card to a home equity line to a mortgage product stealing thousands of dollars before an FI can shut it down. The silos that enable FIs to focus on their expertise and product offers are the same silos that enable enterprise vulnerability from a fraud perspective. Adopting an enterprise strategy for fraud in order to share information and understand each consumer plays a critical role for FI’s today to find and retain their best customers without treating them like criminals.
Therefore, data (or knowledge) about an individual becomes key. There are multiple data providers for fraud out there. But which one holds the magic key? The answer is none. Banks need specific data for specific types of fraud. For example, a score from ID Analytics may eliminate up to 25% of credit losses while maintaining booked accounts. Utilizing all fraud data providers in every transaction is cost prohibitive and also weighs down the speed of the transaction/decision. So, connecting the dots to the fraud puzzle requires integrating internal relationship data with rules to identify the type of fraud and then incorporating the appropriate external data provider when needed. This is a detailed, complex decisioning process that, at new account opening, needs to be done sub-second.
Consumers want FI’s to know who they are so their banking transactions do not get declined, but don’t want them to know too much. There is a delicate balance in understanding the consumer (identifying who he is) and invading his privacy (knowing what merchant he bought from yesterday). The key is to eliminate him as a potential fraud threat and let him continue his financial transactions in confidence with your products regardless of the channel.