By Christina Luttrell, IDology
The approach of the new year is a good time to reflect on the fraud landscape and its impact on businesses and consumers. Fraudsters continue to push the envelope, exploring new tactics and expanding the tried and true. At the same time, businesses have deployed more identity verification and anti-fraud technologies, more companies are sharing fraud data in consortiums, and Americans are doing more to protect themselves.
However, it’s still important to understand the advances in fraud schemes and tactics, their potential impact, the best methods for protecting against them, and how to successfully manage customer expectations in their wake.
Recent IDology research captures the fraud trends that dominated in 2019 and offers a glimpse into fraud in 2020.
Card-funded fraud, phishing, and account takeover. Credit, debit, and prepaid card fraud remain the most predominant form of fraud. This is closely followed by phishing, which includes business email compromise (BEC) and accounts takeover. In addition, the emergence of real-time ACH payment initiatives and higher adoption rates of person-to-person (P2P) payments are driving increases in ACH/wire fraud.
Mobile fraud vulnerabilities. While mobile devices provide an effective means of delivering authentication and biometric capabilities, they also create points of vulnerability. The level of mobile fraud stayed the same this year for 50% and increased for 28% of respondents to the IDology report. As more consumers utilize one-time mobile passcodes for multi-factor authentication, circumventing and intercepting them becomes more lucrative for fraudsters, especially with orchestrated multi-channel attacks.
Elusive small-dollar fraud. Criminals are always on the hunt for new ways to commit fraud at scale, but they also don’t want to get caught. Over the last 12 months, the average transactional dollar value of attempted fraud attacks in the under $500 range increased by 31%. These low dollar amounts are likely to be missed by consumers as they scan their card statements; when these schemes are carried out on a large scale, they add up to a lot of money for fraudsters who aren’t afraid to nurture a fraud scheme over time in order to get the biggest benefit.
Challenging synthetic identity fraud. Synthetic identity fraud (SIF) ranks as the top fraud type that executives believe will be most severe in the next three years. Why? By nature, SIF is difficult to detect, stop, and report. There are no real people from whom to recoup losses. Businesses simply don’t know how many cases of seemingly real accounts are synthetic identities incubating until a “bust out” occurs. And because businesses are unable to accurately determine and report synthetic fraud, regulators are asking how well they can apply to Know Your Customer (KYC) regulations.
Declining consumer trust. Businesses are still working to understand the implications of large-scale chronic breaches and related fines and settlements. IDology found that companies see the biggest casualty of large-scale breaches and settlements as the loss of customer trust. Protecting against fraud doesn’t always equate to “easy” customer experience, and deploying a safe and easy process can prove elusive. Maintaining the delicate balance between strong fraud prevention and seamless user experience is the number one challenge fraud executives and professionals say they face.
Balancing it all in 2020
While their defenses may be improving, businesses are bracing for more attacks. SIF, mobile attacks, card-funded fraud, phishing, new account fraud, account takeover, and faster ACH fraud are looming threats.
Fraudsters continue to push the envelope and expand mobile tactics, such as SMS text interception while fighting anti-fraud machine learning with their own machine learning and credential-stuffing technologies. They’re also collaborating and sharing best practices on the dark web while they continue to avoid detection by lowering transaction amounts and opting for larger-scale attacks.
While it’s logical that a higher number of hurdles for users to clear corresponds to greater fraud deterrence, there’s also a higher likelihood of frustration and abandonment, leading consumers to move to a competitor. In this balancing act, most businesses lean toward frictionless experiences at the risk of more fraud. While the decision to capture revenue over stopping fraud is not surprising, it could result in greater material risks down the road.
Basic identity proofing and data matching are no longer sufficient methods for verifying identities. Leveraging multiple layers of data, including mobile network data, device information, and geolocation, as well as the integration of machine learning and artificial intelligence to improve the processing of that data, is the key to balancing fraud and customer experience. By utilizing smart layers of identity attributes and analyzing disparate identity characteristics behind the scenes, businesses escalate to additional authentication methods only when necessary and can quickly greenlight legitimate customers.
About the Author
Christina Luttrell is the chief operating officer for IDology, a GBG company and a leader in multi-layered identity verification and fraud prevention. In her 10 years at IDology, Luttrell has significantly advanced the company’s technology, forged close relationships with IDology customers and driven the development of technological innovations that help organizations stay ahead of constantly shifting fraud tactics without impacting the customer experience. Luttrell has been recognized as one of the Top 100 influencers in identity by One World Identity.