Many of us will recall the moment in the film Liar, Liar when lawyer Jim Carrey, unable to speak anything but the truth, must blurt out “It was me!” on leaving an elevator. (If you haven’t seen it, you can watch it on YouTube, but be warned it’s a bit rude.) Surprisingly, many criminals are now abandoning attempts to steal identifies in order to obtain credit fraudulently, and using their own names.
Sound surprising? Welcome to the strange world of first-party fraud.
Thwarted by better customer identification and verification checks, the criminal fraternity and casual opportunities are applying for credit in their own names, with their own credentials, but with malicious intent. Some of the underlying details may be misrepresented, such as increasing their claimed salary, to achieve the provision of a bank account, a loan, social benefits, medical insurance coverage, etc., that the applicant would not otherwise have received in the same way or possibly at all.
I’ve written about first-party fraud here before. Industry analysts AITE estimate it cost the credit card industry alone $18.5 billion in 2012 and is on a trajectory to hit $28.6 billion by 2016. This is a problem that crosses all sectors – anywhere where the criminal or opportunist can access value or benefit.
But there is a way to hit back. Applying sophisticated analytics to bolster traditional onboarding identity and “know your customer” defenses, and combining this risk-weighted output with advances in decision management, rules management and investigative workflows, allows organizations from any sector to get a more precise view on what is traditional identity theft and third-party fraud, but also for the first time to gain insight into those who are demonstrating elements of first-party fraud.
Banks are now taking this very seriously. Just this week, FICO announced a new solution for application fraud, a new first-party fraud score in Russia, and a first-party fraud project with UniCredit Group in Italy.
In my days working in the banking industry, I found that by profiling past customer behavior and applying a robust definition of what constituted first-party fraud it was possible to profile those with the greatest propensity for malicious intent and, through timely intervention, either stop them from on-boarding in the first place or to prevent them from “busting out.”
Maybe we will never get to the point where a first-party fraudster proactively confesses “It was me!” But the new technology brings identification one step closer.