4 Red Flags of Synthetic ID Fraud
The explosion of synthetic identity fraud on the lending market has made one thing clear, and that is, that the old methodologies of verifying a possible borrowers identity are insufficient. According to an article by “BioCatch”, experts in neural science research, machine learning and cybersecurity, “verifying staticidentity elements is now a largely useless tactic in preventing fraud.” The answer is to replace identity verification with identity proofing, which will provide “certainty that not only is the identity itself valid but also that it belongs to the applicant.”
The Problem with Current Identity Verification Solutions
Despite having credit history based solutions in place, new account fraud continues unabated and will only grow. Cybercriminals have traditional identity verification tools figured out.
The underlying problem is the reliance on personally identifiable information (PII) to establish an individual’s identity. Data breaches have made consumer data a readily available commodity. The exact information fraudsters need to open an account, from a person’s social security number to their home address, can be easily bought or traded for at low cost.
The success of synthetic identity fraud is a symptom of the broken identity verification process. By piecing together real data with fabricated information, fraudsters evade database searches insurers use to confirm information entered into an online policy application. Weeding out fraudulent applications will require a proactive approach to insurance fraud detection that doesn’t depend on static identifiers.
Beating Application Fraud with Behavior-Based Identity Proofing
Recently, independent advisory firm Javelin Strategy and Research released a report on the role applicant behavior has to play in identity proofing. Their conclusion is that “verifying staticidentity elements is now a largely useless tactic in preventing fraud.” The answer is to replace identity verification with identity proofing, which will provide “certainty that not only is the identity itself valid but also that it belongs to the applicant.”
Connecting someone’s online presence to their physical presence is the biggest struggle in verifying online account openings. Behavior-based identity proofing resolves the challenge, focusing on how users enter information into an application to differentiate fraudsters from genuine applicants.
Behavior-based identity proofing looks at specific activity within an online application to determine risk of fraud:
- Fraudsters that repeatedly use compromised or synthetic identities demonstrate a high level of familiarity with the new account opening process.
- Cybercriminals regularly use keyboard shortcuts and function keys that are rarely used by real users. Advanced computer skills are a sign of a fraudster at work.
- When cybercriminals enter stolen personal information, they are far more likely to cut and paste data that would be intuitive to a legitimate user.
- Behavior-based solutions can spot criminal behaviors in the application flow, even if the access is from a new device or IP. Automated attacks also demonstrate unique behavior patterns that can be used as a distinguishing marker.
From the moment someone starts the account opening process, behavior-based identity proofing goes to work to keep future policyholders secure. Not only does it detect malicious automated activity and suspicious applicant activity, behavior-based identity proofing does so without introducing friction into the user experience. While keeping fraudsters out, lenders don’t have to worry about turning legitimate applicants away.
Source: BioCatch
Facebook Comments