In 2020, new trends emerged, driven by a continued shift in consumer preferences. Let’s take a closer look at how the industry fared during the year.
For the last several months, Experian has participated as the only credit bureau in the pilot of the electronic Consent Based Social Security Number (SSN) Verification (eCBSV) service. As we move forward to general rollout and expanded availability later this year, it’s time to review the benefits of eCBSV and how it helps businesses prevent synthetic identity fraud. Service and program overview The eCBSV service combats synthetic identity fraud by comparing data provided electronically by approved financial institutions against the Social Security Administration’s (SSA) database in real time. This service helps financial institutions verify SSNs more efficiently and enables improved experiences for identifying legitimate or possibly synthetic identities applying for your products. The verification process begins with consent from the SSN holder – and with eCBSV this consent is provided electronically rather than via a wet signature. Then, the SSN is checked against the SSA database to validate the SSN, name, and date of birth combination are or are not a match. The verification will also indicate if the SSN is listed as deceased with the SSA. Together, these factors can help flag whether or not an identity is synthetic. By managing this process electronically, it is faster, more secure, and more efficient than before, offering an improved experience for consumers and the financial institutions that service them. Layering solutions While eCBSV is an excellent step forward in the fight against the rising threat of synthetic identity fraud, a layered fraud mitigation strategy is still necessary. It’s only by layering solutions that financial institutions can accurately identify different types of fraud and provide them with the correct treatment, which is especially important when it comes to rooting out fraud when it’s already embedded in a portfolio. To learn more about how Experian is helping to combat synthetic identity fraud and how eCBSV can benefit your financial institution, request a call. Request a call
Perhaps your loan origination system (LOS) doesn’t have the flexibility that you require. Perhaps the rules editor can’t segment variables in the manner that you need. Perhaps your account management system can’t leverage the right data to make decisions. Or perhaps your existing system is getting sunset. These are just some of the many reasons a company may want to investigate the marketplace for new credit decisioning software. But RFIs and RFPs aren’t the only way to find new decisioning software. After working in credit services decisioning for over 20 years — and seeing hundreds of RFPs and presenting thousands of solutions and proposed architectures — I’ve formed a few opinions about how I would go about things if I were in the customer’s seat and have broken that into a three-part series. Part 1 will cover everything up to issuing an RFI or RFP. Part 2 will discuss writing an RFP or RFI. Part 3 will cover evaluating vendors. Let’s go. If you’re looking to buy new decisioning software, your first inclination might be to issue an RFI or an RFP. However, that may not be the best idea. Here’s an issue that I frequently see. Vendors are constantly evolving their products. How a product did feature X two years ago might be completely different now. The terminology that the industry uses might have changed, and new capabilities (like machine learning) might have come about and changed whole sets of functionalities. The first decision point is to ask yourself a question, “Do I know exactly what I want or am I trying to generally learn what is out there?” An RFI or RFP isn’t always the greatest way to exchange information about a product. From a vendor’s standpoint, a feature-rich, complex system has to be reduced down to a few text answers or (worst yet) a series of yes or no answers. It all boils down to nuance. On many occasions, I’ve faced a dilemma when answering an RFP question, “This question is unclear; if the customer means X, the answer is yes; if they mean Y, the answer is no.” If I were in a room with the customer, I could ask them the question, they could provide clarification and I could then provide the accurate answer. There would be more opportunity to have a back and forth, “Oh when you said X, this is what you meant ….” All of that back and forth is lost with an RFI or RFP, or at least delayed until the (hopefully selected) vendor gets a chance to present in front of a live audience. Also, consider that vendors are eager to educate you about their product. They know exactly how the product works and they’re happy to answer your questions. It’s perfectly reasonable to go to a vendor with prewritten questions and thoughts and to pose those questions during a call or demonstration with the vendor. Nothing would prevent a customer from using the same questions for each vendor and evaluating them based on their answers. All of this can be done without issuing an RFI or RFP. In conclusion, I’d offer the following points to think about before issuing an RFI or RFP: A customer can provide questions that they want answered during a demonstration of a credit decisioning product. These same questions can be used to provide an initial assessment of several vendors. A customer’s understanding of a vendor’s capabilities is likely 10x faster and deeper with an interactive session versus reading the answers in a questionnaire. Nuanced and follow-up questions can be asked to gather a complete understanding. Alternative solutions can be explored. This exercise doesn’t have to replace an RFP but instead can better inform the customer about the questions they need answered in order to issue an RFP. Don’t be afraid to talk to a vendor, even if you’re not sure what you want in a new product. In fact, talk to several vendors. More than likely, you’ll learn a lot more via a discussion than you will via an RFI questionnaire. What’s good about an RFI or RFP is coming in with prepared questions. That way, you can judge each vendor using the same criteria but, if possible, get the answers to those questions via an interactive session with the vendors. Next: How to write an effective RFP or RFI.
Preventing fraud losses requires an understanding of each individual fraud type—including third-party, first-party, synthetic identity, and account takeover fraud—and how they differ from one another. It’s only with a multi-layered fraud strategy that businesses can adequately detect and treat each type of fraud while maintaining the customer experience. When’s the last time you reviewed your existing fraud strategy? Download infographic Review your fraud strategy
According to Experian’s latest Global Insights Report, 38% of consumers expect to increase their online activity in the next 12 months. The report also found that consumers continue to have high expectations for their online experience, and businesses are re-imagining the customer journey to reflect that need. This January, Experian surveyed 3,000 consumers and 900 businesses to explore the changes in consumer behavior and business strategy pre- and post-COVID-19. As consumers have embraced life online, they’ve continued to emphasize their feelings regarding the importance of protecting their information. More than half of consumers still consider security to be the most important factor in their digital experience – the same experience they have such high expectations of. Business are acting in turn, with more than half investing in fraud detection methods or software to reduce friction in the customer experience. Digital transformation is also highlighting the need to: Manage regulatory compliance Integrate security measures Ensure access to AI models Attract and manage customers Integrate automation solutions Download the report to get all the latest insights into consumer desires and business behaviors, and keep visiting the Insights blog for a deeper dive into US-specific findings. Download report
Last year is a testament to how quickly trends can shift, and entire industries can be turned upside down.
Millennials and Gen Z consumers have proven to be future trend shapers for the auto industry.
Experian Automotive Market Insights includes an in-depth analysis of auction volume across the United States.
Experian Automotive Market Insights helps dealers efficiently identify potential conquest opportunities in their region and beyond.
It’s obvious that 2020 was a year of unprecedented change and created brand new opportunities for fraud. In 2021, fraudsters will continue to iterate on new and old methods of attack, requiring businesses to remain flexible and proactive to prevent losses. We created the 2021 Future of Fraud Forecast to help businesses anticipate new types of fraud and prepare and protect consumers on the road ahead. Here are the trends we expect to see over the coming year: Putting a Face to Frankenstein IDs: Synthetic identity fraud will start to rely on “Frankenstein faces” for biometric verification. “Too Good to Be True” COVID Solutions: The promise of at-home test kits, vaccines and treatments will be used as means for sophisticated phishing and social engineering schemes. Stimulus Fraud Activity, Round Two: Fraudsters will take advantage of additional stimulus funding by using stolen data to intercept payments. Say ‘Hello’ to Constant Automated Attacks: Once the stimulus fraud attacks run their course, hackers will increasingly turn to automated methods. Survival of the Fittest for Small Businesses: In 2021, businesses with lackluster fraud prevention tools will suffer large financial losses. To learn more about how to protect your business and customers, download the Future of Fraud Forecast and check out Experian’s fraud prevention solutions. Future of Fraud Forecast Request a call
Experian Automotive Market Insights dashboard provides a variety of insights to help dealers tackle their biggest challenges.
Previously, we discussed the risks of account takeover and how a Defense in Depth strategy can protect your business. Before implementation it’s important to understand the financial benefits of the strategy. There are a few key steps to assessing and quantifying the value of Defense in Depth. Transaction risk assessment: This requires taking inventory of all possible transactions. Session-level risk analysis: With the transactions categorized by risk level, the next step is to review session history based on the highest risk activity within the session. Quantify the cost of a challenge: There are multiple costs associated with challenging a user using step-up authentication. Consider both direct and indirect costs – failure rate, contact center operational cost, and attrition rate following failed challenges (consider lifetime value of account) Quantify the expected challenge rate: This can be done by comparing the Defense in Depth approach to a traditional approach. Below is a calculator that will help determine the cost of the reduced challenges associated with a Defense in Depth strategy versus a traditional strategy. initIframe('5f039d2e4c508b1b0aafa4bd'); In addition to the quantitative benefits, it is important to consider some of the qualitative benefits of this approach: Challenging at moments that matter: Customers appreciate and expect protection in online banking, especially when moving money externally or updating contact information. This is a great way to achieve both convenience and security. Improved fraud management: By staging the risk decision at the transaction level, the business can balance the type of challenge with the transaction risk. There are incremental cost considerations to include in the business case as well. For instance, there is an increase in transaction calls for a risk assessment at the medium/high risk transactions – about 10% in the example above. Generally, the increased transaction cost is more than offset by the reduction in cost of challenges alone. A Defense in Depth strategy can help businesses manage fraud risk and prevent account takeover in online banking without sacrificing user experience. If you are interested in assistance with building your business case and understanding the strategies to implement a successful Defense in Depth strategy, contact us today. Contact us 1Identity Fraud in the Digital Age, Javelin Strategy & Research, September 2020
Preventing account takeover (ATO) fraud is paramount in today’s increasingly digital world. In this two-part series, we’ll explore the benefits and considerations of a Defense in Depth strategy for stopping ATO. The challenges with preventing account takeover Historically, managing fraud and identity risk in online banking has been a trade-off between customer experience and the effectiveness of fraud controls. The basic control structure relies on a lock on the front door of online banking front door—login—as the primary authentication control to defend against ATO. Within this structure, there are two choices. The first is tightening the lock, which equals a higher rate of step-up authentication challenges and lower fraud losses. The second is loosening the lock, which results in a lower challenge rate and higher fraud loses. Businesses can layer in more controls to reduce the false positives, but that only allows marginal efficiency increases and usually represents a significant expense in both time and budget to add in new controls. Now is the perfect time for businesses reassess their online banking authentication strategy for a multitude of reasons: ATO is on the rise: According to Javelin Strategy & Research, ATO increased 72% in 2019.1 Users’ identities and credentials are at more risk than ever before: Spear phishing and data breaches are now a fact of life leading to reduced effectiveness of traditional authentication controls. Online banking enrollments are on the rise: According to BioCatch, in the months following initial shelter-in-place orders across the country, banks have seen a massive spike in first time online banking access. Users expect security in online banking: Half of consumers continue to cite security as the most important factor in their online experience. Businesses who reassess the control structure for their online banking will increase the effectiveness of their tools and reduce the number of customers challenged at the same time – giving them Defense in Depth. What is Defense in Depth? Defense in Depth refers to a strategy in which a series of defense mechanisms are layered in order to protect data and information. The basic assumptions underlying the value of a Defense in Depth strategy are: Different types of transactions within online banking have different levels of inherent risk (e.g., external money movement is considerably higher risk compared to viewing recent credit card transactions) At login, the overall transaction risk associated with the session risk is unknown The risk associated with online banking is concentrated in relatively small populations – the vast majority of digital transactions are low risk This is the Pareto principle at play – i.e., about 80% of online banking risk is concentrated within about 20% of sessions. Experian research shows that risk is even more concentrated – closer to >90% of the risk is concentrated in <10% of transactions. This is relatively intuitive, as the most common activities within online banking consist of users checking their balance or reviewing recent transactions. It is much less common for customers to engage in higher risk transaction. The challenge is that businesses cannot know the session risk at the time of challenge, thus their efficiency is destined to be sub-optimal. The benefits of Defense in Depth A Defense in Depth strategy can really change the economics of an online banking security program. Adopting a strategy that continuously assesses the overall session risk as a user navigates through their session allows more efficient risk decisions at moments that matter most to the user. With that increased efficiency, businesses are better set up to prevent fraud without frustrating legitimate users. Defense in Depth allows businesses to intelligently layer security protocols to protect against vulnerability – helping to prevent theft and reputational losses and minimize end-user frustration. In addition to these benefits, a continuous risk-based approach can have lower overall operational costs than a traditional security approach. The second part of this series will explore the cost considerations associated with the Defense in Depth strategy explored above. In the meantime, feel free to reach out to discuss options. Contact us 1Identity Fraud in the Digital Age, Javelin Strategy & Research, September 2020
COVID-19 is not only shifting the way we work, live and think, but it is also reframing the conversation behind which metrics successful companies focus on. Having worked in marketing for various lenders, origination and funding milestones were prevalent in their marketing. However, during this unique time in mortgage when most lenders are shattering previous origination records, focus is now drawn to new performance indicators. Providing a seamless digital process A recent McKinsey survey determined that consumer and business digital adoption vaulted five years forward in a matter of eight weeks at the beginning of the pandemic. And while this is generally true for business, many mortgage lenders may not have had the time or resources to update and modernize their processes due to massive origination volumes. When volume is good, companies wait to update their technology – either due to an “if it isn’t breaking why fix it” mentality, or, in the case of unmanageable volume, lenders can’t fathom disrupting their processes. Lenders that proactively streamlined technology and focused on digital adoption before the pandemic are leveraging and benefitting from the current mortgage environment. For lenders that did not digitize in time, the high-volume environment highlights their inefficiencies and unscalable processes. Providing meaningful customer experiences Forward-thinking, resilient mortgage lenders are also tracking how effectively they can provide meaningful customer experiences, for both their borrowers as well as their internal customers – their employees. For borrowers, it could come in the form of enjoying a seamless mortgage experience, being proactively kept abreast of their loan status, and the ability to interact and communicate with the lender in a manner that works best for their style. For employees of the company, this can come from feeling valued and listened to, with relevant and useful communications and resources to rely on during these uncertain times. It also comes in the form of providing the right resources for employees to perform at a high level during these times when it matters the most and working efficiently without sacrificing quality. Investing in technology and your greatest asset, your employees, is the answer to how mortgage lenders can achieve these metrics which will help them stand out among their competition. As the refi heyday starts to show signs of impermanence, these differentiators will become more important than ever – and all lenders should be taking a proactive look now at how they can bridge their digital gaps. Mortgage lenders are coming out of 2020 with strong earnings and should look to allocate a part of these earnings towards ‘future-proofing’ through scalable technology that will ultimately reduce costs and continue to bring in qualified volume. Join Experian Mortgage in accelerating the mortgage evolution and learn how we can help bridge your technology gaps. Learn More
It’s clear that the digital transformation we experienced this year is here to stay. While there are many positives associated with this transformation – innovation, new ways to work, and greater online connectedness – it’s important that we review the risks associated with these trends as well. In late 2019 and throughout 2020, Experian surveyed consumers and businesses. We asked about online habits, expectations for information security and plans for future spending. Unsurprisingly, about half of consumers think they’ll continue to spend more online in the coming year. Those same consumers now have a higher expectation for their online experience than before the onset of COVID-19. Hand-in-hand with the online activity trends come increased risks associated with identity theft and fraud as criminals find new chances to steal information. In response to both of these trends, businesses and consumers want a balance between security and convenience. Our latest trends report dives into the new opportunities 2020 has created for fraud, and the opportunities to prevent identity theft or manipulation and the associated losses while building stronger relationships. Download the full North America Trends Report for a look into North American trends over the last year and to learn how fraud prevention and positive customer relationships are actually two sides of the same coin. North America Trends Report