Top 5 Surprises from FICO’s Fraud and Digital Banking Survey

Financial Institutions, such as banks, have expended great effort to improve digital security, yet bad actors are multiplying and attacks have increased in scope and frequency. A report released by the FTC in February 2022 indicates a 71% increase in fraud in 2021, which cost consumers roughly $5.8 billion. These statistics are based on roughly 2.8 million consumer fraud and 1.4 million identity theft reports filed in 2021, many of which relate back to banks and lenders.

At the same time, mobile banking, payment and money transfer apps are exploding in popularity, as 89% of respondents to a recent Insider Intelligence study use mobile banking, including 97% of Millennials. Yet along with digital adoption, FIs are also butting up against entrenched consumer thinking that creates security risks. For example, using email or text verification for identity authentication is typically not secure, yet many customers still prefer these methods for the same reasons that made them popular from the start - they are quick and easy to use.

FICO’s 2022 Consumer Fraud survey helped to shed additional light on the sometimes conflicting and always shifting consumer preferences regarding security, ease of use, customer service, and making transactions in digital versus physical channels.

Here are the top 5 surprises from that survey, along with tips for FIs on how to address or capitalize on them.

1. When opening a new financial account, consumers are not as concerned about receiving “good customer service” (35%) as they are about experiencing “ease of use” (61%) and “good fraud protection” (74%).

Optimizing how quickly a consumer can initiate a session and complete a transaction can be at odds with performing effective user authentication and data security, so customer preferences immediately put FIs in a delicate position to balance ease against safety.

Some FIs have simplified sign-in procedures with biometrics or in-app navigation and have led with multi-factor, multi-channel authentication. But these can introduce friction into customer experiences in different ways, like forcing users to navigate out of an app to copy and paste a passcode sent by text message.

To solve the problem, FIs must design and support experiences with the least number of “touches” that still offer strong protection against fraud. These experiences occur across multiple channels: mobile, desktop, bot-assisted chat, social media, automated phone management, and in-branch.  

Further, since consumers initiate and interact with FIs in many different channels, they face challenges in figuring out how to navigate and conduct processes or transactions through different channels. Given our survey indicates strong customer preferences for ease of use, customer education must take a front seat in the customer experience to provide familiarity to customers in any channel.

Lastly, navigation within each channel must be reviewed continuously to ensure it does not degrade ease of use. Third-party P2P apps, like CashApp, use a few icons very effectively to streamline their experiences. And some retailers have shown automated phone support apps can be quick, easy to use, and provide direct two-way communication. Matching channel to transaction type and providing security and ease of use throughout will be a key goal for FIs going forward.

2. Consumers consider branch offices more secure and informative than digital channels like web portals and mobile apps

Consumers indicate security from fraud is a top consideration when selecting a new financial account and continue to view physical branches as the most secure and informative places to do business with their FIs. Respectively, 68% and 69% of customers rate branch offices highest for providing security and information, while just 35% consider web portals secure and just 29% find apps informative.

These biases may result from two factors: customers' concern about digital fraud and the inadequacy of self-service tools to support more complex processes, such as loan applications and mortgage closings. The relationship between a customer’s willingness to conduct business digitally and the complexity and value of the transaction is reflected in the chart below.

More than half of consumers prefer to take out auto loans or mortgages in a physical branch or by phone, rather than by a digital channel, even though most customers consider the physical channel slower (75%) and less easy to use (69%) than digital channels. This is surprising because customers value speed and ease of use most in all other cases. When considering the liability involved in loans and aspects of the transaction that cannot be digitalized easily, it also makes sense.

FIs can act to educate customers online to provide options for accessing complex products outside of the branch. And though many consumers feel comfortable sharing their unfolding life stories on social media, there remains a pervasive belief that data security just isn’t strong enough in digital channels. Yet digital channels can often provide the best experiences at the lowest cost. Some providers have moved to a hybrid model as a result, where customer sign-up processes begin on an app but are completed with a direct call-back, to address cost, security, ease of use, and speed concerns at once.  

3. 40% of consumers “strongly prefer” and another 37% “like” to use fingerprint scans when authenticating payments, more than any other method

Biometric-based authentication has become more popular as mobile devices have made them more available to speed up authentication. Fingerprint scanning and facial recognition can be frictionless, fast, and native to the device, hence requiring no additional app download.

Many FIs have integrated bio authentication, and indeed, consumers in the FICO survey state a strong preference for fingerprint scanning (40%) and facial scanning (36%) over other methods of authentication, as in the chart below.

Simultaneously, the data reveals that many consumers still strongly prefer or like legacy security protocols, which can expose sensitive data and remain vectors for attack. In fact, 70% of consumers surveyed still prefer or like SMS passcodes for authentication, and nearly the same number (68%) like or prefer basic user/password combos for authentication.

There are several lessons for FIs within this data. Consumer education regarding secure online behavior must become an important part of the architecture; FIs must help consumers understand that no internal control at the institution can prevent security problems that originate at the source. Rather, the best way to address a problem is to prevent it from happening. Encouraging customers to take up biometrics because they are faster and easier to use, in addition to being more secure, is a good step. But it may also require education on how to use the technology and why it helps prevent, rather than promote, identity theft.

4. There is no method of sharing personal identity and financial information for loan and mortgage origination that more than half of customers are willing to use if the information is transmitted via web portal or mobile app

Consumers have a wide variety of preferences when faced with sharing financial and identity information, but one thing is certain: there exists no consensus on the “safest” method in the digital world. This points to an overall distrust of the data sharing process, even if the intended recipient is a branch employee. The data also shows that, while no consensus might exist, many preferred channels exist.

This presents a unique challenge for FIs, who must match customers’ varying preferences by offering multiple options, and conversely not requesting consumers to submit data through an untrusted channel. A quick and effective solution is simply offering consumers options for data submission, not unlike processes used by insurance or healthcare providers. These preferences can be established at account setup and changed at any time within a user account preferences screen, which must be easily accessible and intuitive.

Technologically, FIs must build their digital tooling to support multiple channels for secure data transmission. Education on how personal identity and financial data is submitted, delivered in plain speak, can assist consumers in making a choice they feel best matches their needs.

5. When it comes to applying for accounts and loans, people are about as likely to exaggerate their income as they are to brag on social media

There is another potential source of fraud most people might not expect FIs to suffer: consumers themselves. An alarming number of consumers find no ethical dilemma in exaggerating income on applications submitted to FIs.

Nearly 1 in 5 consumers (19%) think it is “normal” to exaggerate income on a bank account application. When applying for a mortgage, 36% responded that it was either normal or acceptable in some cases to exaggerate reported income. There is clearly a disconnect between consumer perceptions, ethics and legal realities. Consumers who engage in this activity can face criminal penalties and consequences that affect their homes, jobs, and families.

When the entertainment content production industry faced similar issues due to pirating, a long-term education campaign was launched which succeeded in changing consumer perceptions to recognize piracy as theft and made it unacceptable across the community. A pan-institutional outreach program from FIs could both drive a similar change in perception while not targeting individual customers, jeopardizing existing customer relationships, or dissuading new customers by adding friction to application and onboarding processes.

This ppst covers the results of the survey across all 14 countries surveyed. To understand the results from the individual countries, see the e-books for:

The United Kingdom
South Africa
Germany
Indonesia
Philippines
Thailand
Malaysia
Brazil
Peru
Colombia
Mexico
USA
Canada

How FICO Can Help You Fight Application Fraud

• Download the white paper on this survey
• Changing Face of Application Fraud Whitepaper: With new attack vectors, evolving customer expectations and data proliferation, is now the time for a new strategy?
• Combatting First-Party and Synthetic Identity Fraud: Five best practices you need now
• Application Fraud – Hot topic Q&A: learn from Andy Pollock, our application fraud expert, about the impact of first-party, third-party and synthetic identity fraud