Trending
  • OCC, FDIC Propose New Regulatory Framework for CRA
  • FDIC Budget, Headcount to Decrease in 2020
  • J.D. Power: TD Bank Receives Top Customer Rating Among Nationwide Banks
  • DOL Issues ‘Regular Rate of Pay’ Final Rule
  • FDIC Issues Proposal to Reform Brokered Deposit Regulations
  • Fed Makes Annual Adjustment to Asset Threshold for Dividend Cut
  • ABA, Industry Groups Call on Senate to Pass SAFE Banking Act
  • Basel Committee Taking a Look at Crypto-Assets, Virtual Currencies
  • FHLB Advances Fall, Collateral Rises in 2018
  • Amid Strong Conditions, OFR Flags Cyber Threats, Corporate Debt
ABA Banking Journal
Navigate
  • Magazine
    • Subscribe
    • Advertise
    • Magazine Archive
    • Newsletter Archive
    • Sponsored Archive
    • Podcast Archive
  • Newsbytes
  • Podcast
  • ABA Banking Journal
  • ABA Bank Marketing
  • More Topics
    • Ag Banking
    • Commercial Lending
    • Community Banking
    • Compliance and Risk
    • Cybersecurity
    • Economy
    • Human Resources
    • Insurance
    • Legal
    • Mortgage
    • Mutual Funds
    • Payments
    • Policy
    • Retail and Marketing
    • Tax and Accounting
    • Technology
    • Wealth Management
  • Aba.com

New Account Fraud Creates Friction for Banks

on September 19, 2019 Compliance and Risk, Cybersecurity, Technology

By Adam Elliott

Banks are getting better at making digital account opening faster, easier and more efficient. But improvements to reduce the friction for customers can also open the door to new ways of gumming up the works with fraud.

According to Aite Group, new account fraud rates in the online channel are “eight times that of accounts opened in the branch.” With Aite projecting that digital and mobile demand deposit account applications will represent 45 percent of total account opening volume by 2020, it’s critical that banks have multilayered methods of fraud screening.

One of the reasons NAF losses soared from $3 billion in 2017 to $3.4 billion in 2018, according to Javelin, is that many banks are not screening for out-of-pattern behaviors that only become evident when combining identity attributes with other data elements: otherwise hidden insights from phones, addresses and emails, for example.

Without integrating these data elements, fraudsters have the advantage. Because they have access to compromised data, their applications can look completely legitimate to traditional ID verification systems. If the applicant name, Social Security and mailing address match credit header data, then fraudsters can bypass the system.

Use email data to enhance fraud detection

With online account openings, there should always be an email address provided in the application process, and that’s where fraudsters can become vulnerable to detection. They typically do not use the email address of the legitimate consumer. To do so would risk victims receiving communication that would alert them to fraudulently opened new accounts. Instead, they must have a new or different email addresses to perpetrate their fraud schemes.

By examining email account data, institutions can uncover multiple characteristics that increase the risk of a digital application. The email may be disposable; perhaps it can’t be verified in association with the account holder’s name or has never been observed before; or maybe the email domain server is located overseas in a high-risk country.

ID Insight conducted retrospective research of digital account openings that were later identified as fraudulent and forcibly closed. The data confirmed many cases where traditional identity credentials matched completely. Therefore, the information provided on input did not raise any suspicion among institutions using traditional ID verification systems.

However, when integrating data on the email addresses—and combining it with other data associated with the applicant—there was clear evidence of out-of-pattern behavior. In hindsight, these accounts should have been flagged as potentially fraudulent. Knowing this information, financial institutions could have limited account access or privileges until the flagged application could be investigated further. Otherwise, ID thieves can use all the right data (name, SSN, date of birth, and the like) to get an account application approved, then alter the communications channels (address, email and phone) to disconnect the victim from the bank.

Communication channels are predictive

Just as email-specific data enhances fraud screening, so does IP, phone, and physical address information. These additional data sets, when brought together and compared to account application data, help to identify anomalies and out-of-pattern behavior, thus making fraud-scoring processes more accurate and predictive.

For example, for DDA applications via a mobile app, a cell phone number will be required. Again, to prevent detection, fraudsters cannot open new accounts in a mobile app using phone numbers that belong to legitimate consumers. They must submit new or unique numbers (or spoof the customer’s phone number) to prevent consumers from receiving texts or calls about the fraudulently opened accounts. Fortunately, financial institutions can use this necessary part of the fraud scheme for detection purposes.

For years, ID Insight has analyzed phone number data looking for risky patterns. The data reveal patterns that make intuitive sense—the phone is a burner phone with an area code nowhere near the applicant’s physical address, the phone number has been recently ported to a new service provider, or the phone number has not previously been associated with the applicant’s name.

These patterns alone may not prove to be risk factors. However, when used in combination with other identity-related data points, they help influence the risk assessment and become actionable for fraud investigators.

Fraudsters are using massive data sets and cutting-edge technology to update their schemes in the digital space. Banks must build a powerful arsenal of new tools to protect their investments in innovative new services.

Adam Elliott is founder and president of ID Insight, which provides verification, authentication, market research and fraud solutions to banks and other financial companies.

Account opening Big data Digital lending Fraud Identity fraud Predictive analytics
Share. Twitter Facebook Google+ Pinterest LinkedIn Tumblr Email

Related Posts

  • December 12, 2019

    OCC, FDIC Propose New Regulatory Framework for CRA

  • December 12, 2019

    Basel Committee Taking a Look at Crypto-Assets, Virtual Currencies

  • December 11, 2019

    Amid Strong Conditions, OFR Flags Cyber Threats, Corporate Debt

  • Newsbytes

    Dec 12 OCC, FDIC Propose New Regulatory Framework for CRA
    Dec 12 FDIC Budget, Headcount to Decrease in 2020
    Dec 12 J.D. Power: TD Bank Receives Top Customer Rating Among Nationwide Banks
    Dec 12 DOL Issues ‘Regular Rate of Pay’ Final Rule
  • Sponsored Content

    • December 1, 2019 0 As Synthetic Identity Fraud Rises, so does KYC/CDD Compliance Cost
    • November 1, 2019 0 Debunking Compliance Myths
    • October 14, 2019 0 Squeezing More Margin From Your Portfolio: It’s All About Relationships
    • October 1, 2019 0 So, You Think You’re Finished with Reg. E Outreach? You’re Not!
  • Podcast

    Dec 11 Podcast: Consciously Cultivating an Internal Talent Pipeline
    Dec 04 Podcast: A Risk Manager Moves Into the Corner Office
    Nov 20 Podcast: Celebrating Bankers’ Community Commitment
    Nov 13 Podcast: Enlisting Trusted Caregivers to Help Prevent Elder Fraud
  • American Bankers Association
    1120 Connecticut Ave NW
    Washington, DC 20036
    1-800-BANKERS (800-226-5377) | www.aba.com
    Contact ABA

  • About
    Privacy Policy
    Advertising
    Subscribe
    Media Kit
    Sponsored Archive
    Podcast Archive
    Magazine Archive

© Copyright 2015-2019, American Bankers Association. All Rights Reserved