Businesses operating in regulated industries, especially in the financial services sector, are facing greater fraud risks than ever before. According to Javelin Strategy & Research, new account fraud increased 40% in 2016 to reach a record high. Fraud detection firm ThreatMetrix reported stopping more than 80 million fraud attempts using fake or stolen identity credentials targeting financial institutions in 2016.
Unfortunately, fraud rates are only expected to increase further. Widespread data breaches like those at Equifax, Yahoo and Anthem have flooded the black market with millions of consumers’ personally identifiable information (PII), such as birthdates, addresses, Social Security numbers and other sensitive data that criminals use to fraudulently open new accounts. As a result, the most common methods of digital identity verification—those that rely on PII and knowledge-based authentication—are no longer adequate or secure.
At the same time, the regulatory environment is becoming increasingly stringent. According to the United Nations Office on Drugs and Crime, the amount of money laundered globally in one year is estimated to be between 2% and 5% of global GDP, or $800 billion to $2 trillion. In an effort to combat this, companies operating in financial services, payments, lending, insurance, securities and commodities, and other related sectors must comply with strict anti-money laundering (AML) and know your customer (KYC) regulations. Between 2009 and 2015, the U.S. government alone fined banks a total of $5.2 billion for failing to comply with AML and KYC requirements.
Given the rise in fraud and the increasingly heavy fines for compliance failures, it has never been more urgent for businesses to digitize and strengthen their digital fraud prevention methods.
Digital Identity-Proofing Methods
As business and banking transactions increasingly move online, fraud and financial crimes follow suit. With so much consumer information available to criminals from mega-breaches, companies can no longer rely on PII or knowledge-based methods for identity verification. Fortunately, there are many other reliable digital options for identity-proofing that businesses can use to mitigate the risk of fraud:
Sanctions check tools. These compare potential customer lists to government lists of people with criminal track records as well as politically exposed persons (individuals entrusted with a prominent public function who may thus be at higher risk for potential involvement with bribery or corruption).
Device analysis. This technology leverages the wealth and breadth of available device reputation data, as well as carrier billing data associated with the device being used, as a means of identity-proofing and risk assessment.
Data analytics. Whether provided by an external vendor or engineered internally, big data analytics tools can analyze customer transaction data and flag unusual behavior patterns such as attempting to log in from an atypical location.
Data bureaus. These solutions involve collaboration between several institutions that share information about their customers, offering a means enlarging databases and gathering information about customers.
Digital identity document verification. These tools combine the trust and security of physical, government-issued identity documents with the ease and convenience of digital technology. Consumers can use a smartphone camera to scan their ID document, such as a driver’s license or passport. Advanced machine learning algorithms then scan for security features embedded within the IDs to instantly determine if the document is authentic.
Biometrics. Smartphones also make it easier for consumers to submit their biometric identifiers for verification. Companies can leverage the fingerprint readers on smartphones and can even combine digital identity document verification solutions with facial recognition technology to not only verify that the individual is a real person, but also that the user matches the person pictured on the ID.
Businesses can also combine any of these methods with additional information from customers’ mobile phones, such as geolocation data, carrier network data and device reputation data, for further identity assurance or to flag potential fraud.
By adopting digital fraud prevention methods, businesses can achieve AML and KYC compliance while reducing the costs associated with fraud. Indeed, the most recent AML legislation passed in the European Union (4.1AMLD) essentially paves the way for organizations to embrace digital identity verification as an effective way of responding to the demands of an increasingly mobile-first consumer population. At the same time, these tools can help meet consumers’ desire for fast and easy digital processes. All of these benefits help contribute positively to a company’s bottom line and enable businesses to securely verify users.