It’s an age-old story: If burglars find your front door deadbolted, they’re going to look for an unlocked window.
Just like brick-and-mortar criminals, identity thieves are highly adaptive, and have once again shifted the way they gain access to consumers’ personal credentials. While the Identity Theft Resource Center says we’re on track to break a new record for corporate data compromises in 2021 if we continue at our current pace, we also need to be worried about the increase in scams that target consumers directly. Last year, direct-to-consumer scams resulted in a whopping $43 billion in losses, according to the 2021 Fraud Study by Javelin Strategy & Research.
Whether data is gained via breaches or directly from unsuspecting consumers, the result is the same: a criminal gains unauthorized access to the account and has free reign to use the account for criminal activities. While brick-and-mortar criminals may wear black to remain unseen at night, identity fraudsters go undetected by changing the account’s address, email, and phone number. In doing so, they have effectively disconnected the real account holder (aka the victim) from any financial institution communication.
Financial institutions use identity verification and authorization methods during account login in an attempt to keep criminals out. However, the industry is finding that these solutions do not provide 100-percent protection from unauthorized access. These days, fraudsters have a wealth of data and sophisticated technology (e.g., bots) that can fool many of the identity verification and authorization systems currently in use.
When these first lines of defense fail, giving the fraudster accesses the victim’s account, there must be another level of protection. Solutions from Kevari, or Fiserv’s Notifi Detect, or FIS FraudChex ATO are needed to help ensure that the fraudster doesn’t change the consumer’s contact information.
What happens if the contact information is successfully changed? Think about the two-factor authorization used to verify the authenticity of financial transactions. If the phone number and email have been changed to the fraudster’s phone number and email the one-time code will be sent to the fraudster. There is nothing stopping the fraudster from using the code to initiate the movement of money to digital cards, P2P payments, cryptocurrency, etc.
How can financial institutions keep a step ahead of fraudsters?
While it is true that fraudsters have upped their game and changed their strategies, fraud-detection platforms have as well. Kevari and its many data, development, and distribution partners are innovating faster than the speed of fraud. That said, reality is that a single fraud solution will never be able to stop all of the fraud all of the time. To stay a step ahead of current and emerging fraud schemes, financial institutions must have a multi-layered, comprehensive, centralized network of fraud-detection solutions that cover non-monetary and financial access points throughout the customer journey.
Additionally, financial institutions should be finding ways to improve collaboration as a means of keeping identity fraud out of the financial services sector. For example, information and insights should be shared across various fraud-fighting departments within a single organization, and also with other institutions across the financial services industry.
To help with collaboration, Kevari enhanced its Fraud intelligence Platform to include a Fraud Investigation Network. The network, which launched in January 2021, represents the level of industry collaboration that is needed to detect and shut down fraud rings and schemes that target financial institutions.
With the Fraud Investigation Network, fraud investigators nationwide now easily and automatically benefit from the investigative efforts and insights of their industry peers as they fight together to prevent and detect account takeover and new-account fraud. Investigation insights around suspicious behavior from other institutions in the network are automatically shared in real-time as alerts and messages to the entire network, bringing added authority to every inquiry result and further strengthening the multi-layered approach that is needed to stop fraud.
At home, it makes sense to lock your doors and windows, put your lights on an automatic timer, and turn on your security system. A multi-layered, comprehensive, centralized fraud-detection approach creates similar protection for your financial institution. Regardless of the other fraud and identity solutions you may be using, adding a platform that prevents fraudsters from changing the victim’s address, email, and phone number can help stop fraudsters before they get away with the goods.