Four reasons why application fraud needs tackling today
1. Data breaches put personal information in the hands of criminals who use it to commit application fraud.
2. Criminals use technology to commit application fraud on a mass scale.
3. Customers expect to be protected but, crucially, also expect great customer experience.
4. An effective data strategy is at the heart of application fraud prevention.
Application fraud – a crime that is always evolving
The landscape of application fraud used to be fairly predictable. Currently, that is no longer the case.Due to the proliferation of data breaches that put personal data in the hands of criminals and the availability of new technology, the landscape has changed, drastically, and continues to do so.The strategies and tactics required to stay ahead of the curve are now more complex than ever.Previous methods such as the utilization of credit bureau data, and batch processing are now, when used alone, inadequate.
A reactive stance to application fraud increases losses as fraudsters multiply their attacks on systems they’ve found to be weak. Demanding customers, copious amounts of data, and a low barrier to entry for fraudsters have created a perfect storm for application fraud to be carried out. Meanwhile, financial institutions are left with the expensive fallout to manage. Success in preventing application fraud while maintaining customer satisfaction now requires constant analysis and iteration.Read more in our white paper The Changing Face of Application Fraud.
The importance of data in tackling application fraud
Data Proliferation Problem
The mass availability of data and the near ubiquitous adoption of technology can be a double-edged sword with regards to application fraud:
- Organizations now have access to more data than ever —unfortunately, the same can be said for fraudsters.
- Decisions can be better informed due to the availability of data, but these decisions can be more difficult to make for the same reasons.
- Data is an asset but managing it is a huge responsibility and a regulatory burden. The costs of data mismanagement are extremely high.
- Technology makes the lives of customers simpler, but it also makes it easier to steal data. The days of paper-based and in-person fraud are slowly coming to an end.
When preventing application fraud, a data strategy is vital. Not only do you need data to figure out that an application is legitimate, but it’s also the point where key data is collected about your customer.
Constant data breaches and the availability of cheap data for purchase on the dark web make it easier than ever for criminals to steal or fabricate identities and use them to fraudulently open accounts.
This pits providers in an ever-ascending arms race with fraudsters to ensure it’s prohibitively difficult to use a stolen or synthetic identity to commit fraud.
Expansion of Criminal Methods
Today’s fraudsters are more sophisticated and more organized than ever. They often mirror similar strategies of the organizations they target.
As organizations tackle one area, the fraudsters quickly and effectively shift their attention to another. They can harness existing technology and even develop new technology to stay ahead.
This means they aim to commit more fraud faster and access and distribute funds before financial institutions can respond.
Organizations now have to assume that fraudsters could be as capable as their anti-fraud team. They have the ability to commit application fraud en masse in order to overwhelm existing systems, in the hope that some of their applications will make it past security protocols and accounts controlled by fraudsters will be opened.
Changing Customer Expectations
Today’s consumers expect to have ample choice when selecting the products and services they want to purchase.
They also expect to be able to complete fast, frictionless, applications online. These expectations also apply to opening financial accounts.
Financial institutions must constantly balance their duty to protect customers, themselves, and society at large from fraud, while maintaining high customer satisfaction levels. This is a delicate balance and moving too far in either direction can have dire consequences.
To provide a clearer understanding of consumer attitudes toward the impact that fraud and security checks have on them during the application process, FICO commissioned an independent survey across 14 countries. In every country, almost all respondents were prepared to open at least one type of financial account online.
We asked respondents what they would do if during an online application process the provider asked them to carry out a task offline — for example, to take a telephone call, post some documents, or visit a branch to complete the application.
The survey results show that when people start an application online, most expect to complete it online. If they can't, a significant number will abandon the application, and may even switch to a competitor.
The number of people who are willing to spend more than three hours completing an application is low — most expect to finish an application in less than 30 minutes.
Using Data as a Defense Against Application Fraud
Data can now be used as a tool to combat fraudsters who wish to make fraudulent applications.
There are three main methods of data implementation that can drastically minimize the risk of application fraud.
Data ingestion looks at data sources and how they are connected.
Data can come from many sources, including:
- Data from the application itself (either supplied or metadata)
- Purchased data from third parties, for example, a credit reference agency
- Data from identity solutions such as FICO® Falcon® Identity Proofing
- Information from previous interactions with the applicant
- Information from records of other accountholders, e.g., common data points such as an address, telephone number, or email addresses
This abundance of data can be a blessing and a curse. It gives you plenty of information to base fraud decisions on, but any single data element can disproportionately skew the final results. This causes organizations to struggle to correctly analyze all the data they have access to.
Informational siloes mean that data sharing across products, channels, or consumer lifecycle stages can trigger scenarios where, for example, they open an account for a customer whose identity has already been found to be fraudulent by another part of the business.
These issues can be particularly challenging for organizations that don’t have an agile process of adding new sources of data or removing sources that are questionable or are of limited value.
To make your fraud detection accurate so that more fraud is spotted without increasing false positives, it is necessary to utilize data that not only indicates negative behavior but also signifies what good behavior looks like.
This can be extremely difficult to get right. There is often a fine line between the two. Sources of data from both internal sources and shared consortia data, such as that from credit reference agencies, provide good references for known bad actors.
At the same time, they are unlikely to provide examples of what good or normal behavior looks like.
Having obtained the data needed to make fraud decisions, it is now necessary to organize it so that it will work efficiently and effectively. Depending on the type and condition of the data you want to ingest, different activities need to happen to make it more usable. For example:
- Making sure there is commonality across sources for structured data — and using the same structure across all data
- Extracting “sense” from unstructured data, for example, by using natural language processing to identify data elements that are of value to decision making
- Adding context to data, using exemplars to identify data that is indicative of a certain type of behavior, such as fraud or non-fraud
Algorithms and models need to be applied to your data to deliver actionable insights.
The type of models required is dependent on the scenarios faced, and in almost every case, a layered approach will provide optimum results.
The quality of the decisions available from the data you have is determined by the quality and variety of models available to you. The same models do not provide the same level of accuracy in every scenario. For example, if you are facing a new type of application fraud, or an attack on a new channel, models that have been trained to determine fraud through comparison to past attacks will not recognize them. In these scenarios, you need models that are self-learning and can determine outlier behavior that looks suspicious. If you are seeing instances of fraud that have previously been experienced, then models that have been trained using tagged data are valuable.
Annoy Fraudsters, Delight Your Customers
Today, application fraud is a problem that requires proactive, adaptive solutions. This is a trend that will continue into the future. FICO provides solutions to ensure that fraudsters hate trying to do their job on your systems because they will be unsuccessful.
We take a layered approach to tackling application fraud with solutions including:
- Identity proofing — applicants can use their mobile phone “selfie” technology and their identity documents to prove identity documents are valid and belong to them.
- Application fraud detection — machine learning algorithms use behavioral analytics in real time to define the likelihood of an application being fraudulent.
- Identity resolution — advanced fuzzy matching technology works in real time to uncover the links between applications and accounts. Variations on the same name, email address, or home address used in multiple apparently unconnected applications is indicative of criminal activity.
As our solutions work in real time, they facilitate fast account opening, and our advanced AI and machine learning approach ensures that false positive rates are kept to a minimum — all enhancing the experience for legitimate customers.
Click the link below to speak to one of our experts today.
Connect with FICO for answers to all your product and solution questions. We look forward to hearing from you.