SPONSORED CONTENT PRESENTED BY LEXISNEXIS RISK SOLUTIONS
When it comes to identity verification to prevent fraud, financial institutions face a difficult balancing act. Make customers jump through too many hoops and you risk losing them to a bank with a smoother experience. Eliminate all friction, however, and you expose your financial institution and its customers to unacceptable risk.
Cybercriminals and fraudsters are constantly probing financial institutions to identify weaknesses in their systems, and their attacks are becoming increasingly sophisticated. Small and midsized financial institutions typically lack the manpower to develop their own fraud-prevention solutions, manage solutions from multiple vendors and monitor the latest trends in fraud, which complicates matters.
Preventing fraud amid an escalating threat environment may seem daunting, but financial institutions must take action. In the US and Canada, 57% of financial services organizations and 66% of lending organizations reported an increase in overall fraud levels in the prior 12 months, according to the 2023 LexisNexis® True Cost of Fraud™ Study.
For US firms, the study found that every dollar of fraud loss costs $4.41, including fees, interest rates, replacing merchandise, investigations and reporting and liability in refunding customers. Financial institutions also suffer reputational loss following successful attacks.
According to the True Cost of Fraud™ Study, three-quarters of businesses reported that fraud has damaged their brand and customer experience, making it difficult for them to establish trust with customers, reducing customer conversion rates and fueling customer churn.
Despite a steady wave of data breaches at major companies, research shows that customers expect financial institutions to combat fraud while avoiding onerous security checks.
According to the nonprofit Banking Administration Institute, 32% of consumers say a quick and easy process is the most important factor in opening an account and 45% show a strong dislike for companies that require extensive verification checks.
At the same time, 82% of surveyed fraud risk and mitigation strategy leaders at financial services institutions in the US agreed that consumers expect banks or financial institutions to reimburse them for successful scams involving their accounts, according to the Defend Against Authorized Transfer Scams research from LexisNexis Risk Solutions.
While protecting their brands, financial institutions also face increasing pressure from lawmakers to shield customers from fraud. Federal legislators have proposed expanding Regulation E of the Electronic Funds Transfer Act, which mandates that banks reimburse customers for fraudulent or unauthorized transactions, such as when a hacker accesses a customer’s account and transfers money out of it.
The lawmakers propose expanding Regulation E to include authorized transactions that consumers make after fraudsters dupe them into sending money to accounts the fraudsters control. Last year, US consumers lost a record $10 billion to fraud, a 14% increase over the prior year, with fraudulent bank transfers and cryptocurrency scams the most common methods used, according to the Federal Trade Commission.
As artificial intelligence increases the fraudsters’ ability to impersonate real people using fake audio and video clips, the number of fraud victims could rise sharply in the coming years.
Financial institutions face mounting risk from synthetic fraud in addition to third-party fraud resulting from identity theft, according to Kim White, senior director, fraud and identity at LexisNexis Risk Solutions.
“Financial institutions find it more difficult to screen out synthetic user profiles using legacy fraud-prevention strategies and as a result experts project that synthetic fraud will cost US businesses and consumers $23 billion in losses by 2030,” White said.
“Financial institutions are taking action in response to that dire scenario,” she said. “Experienced solutions providers can walk financial institutions through their processes, including account onboarding and management, identify their areas of vulnerability and establish risk-based workflow solutions tailored to their needs.
“Every financial institution I talk to wants to take proactive measures to detect scams and mitigate fraud, but it’s a tough challenge for them,” White said. “It’s a real reputation risk issue and it could be a liability issue down the road.”
A full suite of solutions
LexisNexis Risk Solutions makes it simpler and easier for financial institutions of any size to safeguard their customers’ accounts. Banks can prevent fraud without sacrificing the customer experience, a key factor in client acquisition and retention, by implementing a flexible, multilayered solution.
Financial institutions can assess the fraud risk associated with each customer interaction through multilayered, risk-based workflow solutions. User profiles that pose less risk encounter fewer hurdles in creating and managing accounts, while those with red flags surrounding their identity undergo more rigorous verification procedures.
“Risk-assessment tools and tiered vetting processes from LexisNexis Risk Solutions enable financial institutions to block fraudulent access attempts while promoting positive experiences for genuine customers,” according to David Dayton, director of solution consultants at LexisNexis Risk Solutions. “Fraud capture rates improve wherever customers interact with financial institutions, be it online, through call centers or at local branches.
“There’s no silver bullet to protect financial institutions against fraud, so they need a multilayered approach,” Dayton said. “You need a broad data set to see where fraud is happening and that’s what LexisNexis Risk Solutions provides. Without that broad data set, financial institutions will miss emerging threats.”
Many banks already use in-branch solutions from LexisNexis Risk Solutions such as LexisNexis® TrueID®, to instantly scan driver’s licenses, passports, visas and national IDs, helping verify a customer’s identity. Fraudsters easily obtain fake IDs, which financial institutions find hard to detect, but TrueID® uses forensic testing that doesn’t require human review and can detect fake IDs in seconds.
Customers can also verify their documents remotely using TrueID. Facial-recognition technology adds an extra layer of security by comparing the photo on the ID document with a selfie provided by the customer, making stolen documents less valuable to fraudsters. Since the process is automated, it quickly verifies identities, promoting operational efficiency.
Consumers show a clear preference for banking through digital channels, causing the number of financial transactions occurring online to grow every day. To navigate the associated risks, financial institutions need risk-based workflow solutions such as digital linking technology and behavioral biometrics, which LexisNexis Risk Solutions layers together to filter out fraudsters.
By accessing billions of digital and physical data points from leading consortium-driven networks, LexisNexis® LexID® digital-linking technology covers approximately 98% of the US adult population or about 286 million consumers.
LexisNexis Risk Solutions provide risk insights that include where a device is used and links it to names, addresses and numbers. It also checks the age of an email address.
“Device identification and data analytics make fraudsters easier to recognize,” Dayton said. “Research from LexisNexis Risk Solutions shows that when the applicant’s address differs from the most probable consumer address, the risk of fraud associated with that user is 3.5 times greater than when there are no discrepancies.”
The risk of fraud increases 8.2 times when an applicant’s email address is associated with three or more new devices within a five-month window.
Additionally, the risk of fraud becomes 20 times larger when an application presents both physical- and digital-intelligence risk signals simultaneously.
“We have the biggest breadth of data in the industry, and we have a very well-defined platform,” Dayton said. “You can also use data from other companies and sources on our platform as well, making us data agnostic.
“Billions of transactions flow through our networks globally every day. If a fraudster in Eastern Europe uses a particular email address to commit fraud with banks overseas and then attempts fraud in the US, we will detect it.”
Capturing biometric data
LexisNexis® BehavioSec® behavioral biometrics adds another layer of security by analyzing how a user physically interacts with a digital device. The platform recognizes when a human fills out online forms by manually pressing buttons, typing on a keyboard or repeatedly cutting and pasting the same information, which signals potential fraud.
Similarly, the platform detects when a user completes forms in a highly automated way, suggesting that a bot is probing the system.
If a user’s device, personal data or behavior raises no concerns, the customer experiences a smooth process to sign up for products and access accounts. But if something seems off, risk-based workflow solutions require another step to verify the user’s identity.
Financial institutions can establish their own workflow rules based on their customer base and the types of fraud they typically encounter. For example, a bank might consider any interaction from a foreign jurisdiction suspicious. The same applies to smart devices recently set up or used to apply for multiple credit cards or other financial products in the recent past.
In those cases, programmers can configure the platform to generate a list of questions that only a genuine customer should be able to answer. For instance, based on public records, the platform could ask users questions about prior addresses or their ownership of vehicles and property.
Alternatively, the system could send users a push notification informing them that it has logged them out of the app, requiring them to log in again using their password, fingerprint or facial recognition. The system could also send a one-time password or login code via text message or email.
“Our platform enables financial institutions to examine fraud risk from a 360-degree perspective, as a consortium of networks provides possible signals of fraud. By combining the physical, digital and behavioral signals of fraud, you can effectively assess what’s happening.”
Significantly, call center workers have access to those same tools and may encounter fraudsters trying to take over an account by changing the associated email address or phone number. Equipped with automated questions that only the account holder should know, along with information about the user’s phone, customer service agents can prevent identity theft.
The LexisNexis Risk Solutions platform provides detailed reporting tools, allowing financial institutions to gain insights into where fraud attempts occur. Using that information, they can refine their risk-based workflows to minimize friction for legitimate customers and add more speedbumps for suspicious transactions.
Dayton said that because fraudsters continually adapt their techniques, financial institutions need flexibility in their multilayered fraud-detection solutions. The LexisNexis Risk Solutions platform enables fraud-prevention professionals to quickly adjust their risk-based workflow solutions, allowing a faster response to emerging threats.
“You need access to multiple tools and data sources and the ability to react quickly when the bad guys find a way through,” said Dayton. “Don’t put all your eggs in one basket. With a good platform in place, you control access and can adjust the ease or difficulty of accessing accounts based on what you observe.
“You don’t want your bank to be difficult to do business with or you’ll lose customers,” he added. “But without the right tools in place, you become an easy mark. If your financial institution ignores this issue, it becomes a prime target for fraud.”
This document is for informational purposes only and does not guarantee the functionality or features of any LexisNexis Risk Solutions products identified. LexisNexis Risk Solutions does not represent nor warrant that this document is complete or error free.