Apply DA Tag

Loyalty fraud and the customer experience Criminals continue to amaze me. Not surprise me, but amaze me with their ingenuity. I previously wrote about fraudsters’ primary targets being those where they easily can convert credentials to cash. Since then, a large U.S. retailer’s rewards program was attacked – bilking money from the business and causing consumers confusion and extra work. This attack was a new spin on loyalty fraud. It is yet another example of the impact of not “thinking like a fraudster” when developing a program and process, which a fraudster can exploit. As it embarks on new projects, every organization should consider how it can be exploited by criminals. Too often, the focus is on the customer experience (CX) alone, and many organizations will tolerate fraud losses to improve the CX. In fact, some organization build fraud losses into their budgets and price products accordingly — effectively passing the cost of fraud onto the consumers. Let’s look into how this type of loyalty fraud works. The criminal obtains your login credentials (either through breach, malware, phishing, brute force, etc.) and uses the existing customer profile to purchase goods using the payment method on file for the account. In this type of attack, the motivation isn’t to receive physical goods; instead, it’s to accumulate rewards points — which can then be used or sold. The points (or any other form of digital currency) are instant — on demand, if you will — and much easier to fence. Once the points are credited to the account, the criminal cashes them out either by selling them online to unsuspecting buyers or by walking into a store, purchasing goods and walking right out after paying with the digital currency. A quick check of some underground forums validates the theory that fraudsters are selling retailer points online for a reduced rate — up to 70 percent off. Please don’t be tempted to buy these! The money you spend will no doubt end up doing harm, one way or another. Now, back to the customer experience. Does having lax controls really represent a good customer experience? Is building fraud losses into the cost of your products fair to your customers? The people whose accounts have been hacked most likely are some of your best customers. They now have to deal with returning merchandise they didn’t purchase, making calls to rectify the situation, having their personally identifiable information further compromised and having to pay for the loss. All in all, not a great customer experience. All businesses have a fiduciary responsibility to protect customer data with which they have been entrusted — even if the consumer is a victim of malware, phishing or password reuse. What are you doing to protect your customers? Simple authentication technologies, while nice for the CX, easily can fail if the criminal has access to the login credentials. And fraud is not a single event. There are patterns and surveillance activities that can help to detect fraud at every phase of your loyalty program — from new account opening to account logins and updates to transactions that involve the purchase of goods or the movement of currency. As fraudsters continue to evolve and look for the least-protected targets, loyalty programs have come to the forefront of the battleground. Take the time to understand your vulnerability and how you can be attacked. Then take the necessary steps to protect your most profitable customers — your loyalty program members. If you want to learn more, join us MRC Vegas 16 for our session “Loyalty Fraud; It’s Brand Protection, Not Just Loss Prevention” and hear our industry experts discuss loyalty fraud, why it’s lucrative, and what organizations can do to protect their brand from this grey-area type of fraud.

According to Experian’s latest State of the Automotive Finance Market report, auto loan balances reached an all-time high of $987 billion in Q4 2015 — an increase of 11.5% over Q4 2014.

Compliance definitions LOA, CIP, FACTA, KYC — These acronyms seem endless, and navigating compliance can be both confusing and a painful drain on resources. How do you know the best approach for your institution? Should you look at regulations for Know Your Customer (KYC) or the Customer Identification Program (CIP)? What about the levels of assurance (LOAs) or the Fair and Accurate Credit Transactions Act (FACTA) Red Flags Rule? Does the USA PATRIOT Act affect your industry? The myriad guidelines, rules and mandates surrounding fraud compliance are changing the way organizations do business. Let’s start with some brief definitions. CIP/KYC The Customer Identification Program requires banks to form a reasonable belief that they know the true identity of each customer. The CIP must include procedures that specify the identifying information that will be obtained from each customer, along with reasonable and practical risk-based procedures for verifying each customer’s identity. The Know Your Customer provision is a financial regulatory rule mandated by the Bank Secrecy Act and the USA PATRIOT Act. These guidelines focus on prevention of money laundering and the use of financial institutions to finance terrorist activities. This process has three stages: the CIP, customer due diligence (CDD) and enhanced due diligence (EDD). The last two stages address customer risk from an anti–money laundering perspective. LOA/FACTA (Red Flags Rule) Levels of assurance regarding identity focus on the extent to which electronic authentication may be used to verify that the individual identified in the input data truly is the same person engaging in the electronic transaction. This can be a daunting task — even the National Institute of Standards and Technology acknowledges that electronic authentication of individual people is a technical challenge when performed remotely over an open network. To choose the level of assurance that works within your company structure, you must determine what is needed to maintain the internal compliance and risk thresholds for each business requirement. LOAs are based on two categories: trustworthiness of the identity-proofing process and trustworthiness of the credential-management function (which includes technology and implementation/management). There are four LOA levels: Minimal Assurance Moderate Assurance Substantial Assurance High Assurance The FACTA Red Flags Rule requires institutions to establish a program that identifies ecommerce “red flags.” This program should consist of a pattern, practice or specific activity that indicates the possible existence of identity theft applicable to account-opening activities, existing account maintenance and new activity on accounts that have been inactive for two years or more. Don’t be discouraged In this world of compliance regulations that read like alphabet soup, we understand the challenges of meeting regulations while providing a frictionless customer experience. When an organization strikes the perfect balance between compliance and customer service, it has a competitive advantage that can lead to additional revenue opportunities (e.g., profitably acquiring new customers, detecting fraud and reducing charge-offs, minimizing operational costs, and improving operational efficiencies). To achieve this, businesses need cost-effective, flexible tools that allow them to meet current and future guidelines, manage risk and ultimately authenticate as many true customers as possible — all while segmenting out only the real fraudsters and noncompliant identities. You can be assured that new regulations will come, existing regulations will be redefined and communications on how to comply will be difficult to interpret. To find out more about compliance, click here.

A recent Experian survey shows a growing concern over identity theft and tax fraud. 42% of consumers are concerned that someone could access their personal data through their tax return, compared with 35% in 2014 and 38% in 2015 28% of consumers have been a victim or know someone who has been a victim of tax fraud Tax season is a busy time of year for identity thieves. While consumers should take steps to protect themselves, businesses also need to employ ID theft protection solutions in order to safeguard consumer information. >> Identify and prevent multiple types of fraud

Over the next several years, the large number of home equity lines of credit (also known as HELOCs) originated during the boom period of 2005 to 2008, will begin approaching their end of draw periods. Upon entering the repayment period, these 10-year interest-only loans will become amortized to cover both principal and interest, resulting in payment shock for many borrowers. HELOCs representing $265 billion will reach their end of draw between 2015 and 2018. Now is the time for lenders to be proactive and manage this risk effectively. Lenders with HELOC portfolios aren’t the only ones affected by HELOC end of draw. Non-HELOC lenders also are at risk when consumers are faced with payment shock. Experian analysis shows that it is an issue of consumer liquidity — consumers who reach HELOC end of draw are more likely to become delinquent not only on their HELOC, but on other types of debt as well. If consumers were 90 days past due on their HELOC at end of draw, there was a 112 percent, 48.5 percent and 24 percent increase in delinquency on their mortgage, auto and bankcard trade, respectively. With advanced data and analytics, lenders can be proactive in managing the risk associated with HELOC end of draw. Whether your customer has a HELOC with you or with another lender or is a new prospect, having the key data elements to obtain a full view of that consumer’s risk is vital in mitigating HELOC end-of-draw risk. Lenders should consider partnering with companies that can help them develop and deploy HELOC risk strategies in the near future. It is essential that lenders proactively plan and are well-positioned to protect their businesses from HELOC end-of-draw risk. Experian HELOC end of draw study

According to the latest Experian–Oliver Wyman Market Intelligence Report, HELOC originations came in at $43 billion for Q4 2015 — a 22% increase over Q4 2014. HELOC originations for all of 2015 totaled $160 billion — a 21% increase year over year. As HELOC originations continue their growth trend, lenders can stay ahead of the competition by using advanced analytics to target the right customers and increase profitability. >> Revamp your mortgage and HELOC acquisitions strategies

Understanding the behaviors of best-in-class credit risk managers For financial institutions to achieve superior performance, having the appropriate set of credit risk managers is a prerequisite. The ability to gain insight from data and customer behavior and to use that insight for strategic advantage is a critical ingredient for success. At the same time, the risk-management community is under increasing pressure to understand and explain underlying trends in credit portfolios — and to monitor, interpret and explain these trends with ever-greater accuracy. A common problem financial institutions face when confronting staff resource needs is the difficulty in recruiting and retaining experienced risk-management professionals. The risk-management community is notoriously small, and hiring expertise from within this community is extremely difficult. Skilled risk managers truly are a finite resource, but their skill set is in huge demand. Hiring the right talent is crucial to job satisfaction, leading to higher engagement levels and reduced attrition costs. On top of that, employee engagement is vital to an organization’s success. It drives employee productivity and fosters a culture of innovation, which leads to higher profitability for the entire organization. Building, attracting and retaining risk-management resources requires a commitment to engaging in staff personal development. A great way to support employee engagement is to invest in their personal and professional development, including opportunities for training and team building. If an organization can show that it is committed to developing its people and providing opportunities for career growth, employee engagement levels will rise, with all the benefits this entails. Typically, financial institutions bridge the resource skill gap by either hiring skilled statistical and analytical experts or developing in-house resources. Both of these approaches, however, require significant on-the-job training to teach employees how to link raw statistical techniques and procedures to influencing the profit and loss statement of the business line which they support. The challenge is often broadening the understanding of these skill set “silos” and their contribution to the overall portfolio. By opening that view, the organization generates additional value from these resources as lines of communication are improved and insights and opportunities found within the data are shared more effectively across the organizational team. Experian’s Global Consulting Practice provides a solution to this problem. Our two-day Risk and Portfolio Management Essentials training workshop offers the opportunity to understand the behaviors of best-in-class risk managers. What are the tools and enablers required for the role? How do they prepare for the process of managing credit risk? What areas must risk managers consider managers across the Customer Life Cycle? What differentiates the good from the great? To complement the training modules, Experian® offers an interactive, team-based approach that engages course participants in the build options of a defined portfolio. Participants leverage the best-in-class techniques presented in the sessions in a series of competitive, team-based exercises. This set of cross-organizational exercises drives home the best-in-class techniques and further builds understanding that resonates across the organization long after the course is concluded. For our current offerings, locations and to register click here.  

What is blockchain? Blockchain is beginning to get a lot of attention, so I thought it might be time to figure out what it is and what it means. Basically, a blockchain is a permissionless, distributed database that maintains a growing list of records (transactions) in a linear, chronological (and time-stamped) ledger. At a high level, this is how it works. Each computer connected to the network gets a copy of the entire blockchain and performs the task of validating and relaying transactions for the whole chain. The batches of valid transactions added to the record are called “blocks.” A block is the “current” part of a blockchain that records some or all of the recent transactions and once completed goes into the blockchain as a permanent database. Each time a block gets completed, a new block is created, with every block containing a hash of the previous block. There are countless numbers of blocks in the blockchain. To use a conventional banking analogy, the blocks would be a full history of every banking transaction for every person, and the blockchain would be a complete banking history. The entire blockchain is sent to everyone who has access, and every user validates the information in the block. It’s like if Tom, Bob and Harry were standing on the street corner and saw a cyclist hit by a car. Individually, all three men will be asked if the cyclist was struck by the car, and all three will respond “yes.” The cyclist being hit by the car becomes part of the blockchain, and that fact cannot be altered. Blockchain generally is used in the context of bitcoin, where similar uses of the structure are called altchains. Why should I care or, at the very least, pay attention to this movement? Because the idea of it is inching toward the tipping point of mainstream. I recently read an article that identified some blockchain trends that could shape the industry in coming months. The ones I found most interesting were: Blockchain apps will be released Interest in use cases outside payments will pick up Consortia will prove to be important Venture capital money will flow to blockchain start-ups While it’s true that much of the hype around blockchain is coming from people with a vested interest, it is beginning to generate more generalized market buzz as its proponents emphasize how it can reduce risk, improve efficiency and ultimately provide better customer service. Let’s face it, the ability to maintain secure, fast and accurate calculations could revolutionize the banking and investment industries, as well as ecommerce. In fact, 11 major banks recently completed a private blockchain test, exchanging multiple tokens among offices in North America, Europe and Asia over five days. (You can read The Wall Street Journal article here.) As more transactions and data are stored in blockchain or altchain, greater possibilities open up. It’s these possibilities that have several tech companies, like IBM, as well as financial institutions creating what has become known as an open ledger initiative to use the blockchain model in the development of new technologies that will enable a wider array of services. There is no doubt that the concept is intriguing — so much so that even the SEC has approved a plan to issue stock via blockchain. (You can read the Wired article here.) The potential is enough to make many folks giddy. The idea that risk could become a thing of the past because of the blockchain’s immutable historical record — wow. It’s good to be aware and keep an eye on the open ledger initiative, but let’s not forget history, which has taught us that (in the wise words of Craig Newmark), “Crooks are early adopters.” Since blockchain’s original and primary usage has been with bitcoin, I don’t think it is unfair to say that there will be some perceptions to overcome — like the association of bitcoin to activities on the Dark Web such as money laundering, drug-related transactions and funding illegal activities. Until we start to see the application across mainstream use cases, we won’t know how secure blockchain is or how open business and consumers will be to embracing it. In the meantime, remind me again, how long has it taken to get to a point of practical application and more widespread use of biometrics? To learn more, click here to read the original article.  

According to a recent Experian Marketing Services study, 36% of companies interact with customers in five or more channels.

Ensure you’re protecting consumer data privacy Data Privacy Day is a good reminder for consumers to take steps to protect their privacy online — and an ideal time for organizations to ensure that they are remaining vigilant in their fight against fraud. According to a new study from Experian Consumer Services, 93 percent of survey respondents feel identity theft is a growing problem, while 91 percent believe that people should be more concerned about the issue. Online activities that generate the most concern include making an online purchase (73 percent), using public Wi-Fi (69 percent) and accessing online accounts (69 percent). Consumers are vigilant while online Most respondents are concerned they will fall victim to identity theft in the future (71 percent), resulting in a generally proactive approach to protecting personal information. In fact, almost 50 percent of respondents say they are taking more precautions compared with last year. Ninety-one percent take steps to secure physical information, such as shredding documents, while also securing digital information (using passwords and antivirus software). Many consumers also make sure to check their credit report (33 percent) and bank account statements (76 percent) at least once per month. There’s still room for consumers to be safer Though many consumers are practicing good security habits, some aren’t: More than 50 percent do not check to see if a Website is secure Fifty percent do not have all their Web-enabled devices password-protected because it is a hassle to enter a password (30 percent) or they do not feel it is necessary (25 percent) Fifty-five percent do not close the Web browser when they are finished using an online account Additionally, 15 percent keep a written record of passwords and PINs in their purse or wallet or on a mobile device or computer Businesses need to be responsible when it comes data privacy  Customer-facing businesses must continue efforts to educate consumers about their role in breach and fraud prevention. They also need to be responsible and apply comprehensive, data-driven intelligence that helps thwart both breaches and the malicious use of breached information and protect all parties’ interests. Nearly 70 percent of those polled in a 2015 Experian–Ponemon Institute study said that the increased visibility and media reporting of breaches, including payment-related incidents, have caused their organizations to step up data security efforts. Experian Fraud & ID is uniquely positioned to provide true customer intelligence by combining identity authentication with device assessment and monitoring from a single integrated provider. This combination provides the only true holistic view of the customer and allows organizations to both know and recognize customers and to provide them with the best possible experience. By associating the identities and the devices used to access services, the true identity can be seen across the customer journey. This unique and integrated view of identity and device delivers proven superior performance in authentication, fraud risk segmentation and decisioning. For more insights into how businesses are responding to breach activities, download our recent white paper, Data confidence realized: Leveraging customer intelligence in the age of mass data compromise. For more findings from the study, view the results here.

For marketers, the start of a new year is an opportunity to look ahead.

Attract and retain high-value demand deposit accounts The excitement of the new year has ended, and now the big question remains: What will 2016 hold for our market and the economy? So far, we’ve seen this election year bring a volatile financial market: The Federal Reserve increased short-term interest rates by 25 basis in December, and there is uncertainty if and when future increases will come China’s gross domestic product is forecasted at 6.5 percent, the lowest in a quarter century The Dow Jones industrial average is down 10 percent to start the year, signaling a lot of uncertainty for banks and consumers It’s hard to find answers in a shifting financial landscape with a long list of mixed signals. The average consumer is looking on and wondering if we face another Great Recession or if the current economy is spiking a fever just before it is completely cured. The reality, for those of us in the banking industry, is that the modest economic recovery is likely to continue as part of a new normal pattern. In 2016, banks that remain competitive in a more digital world will be those that have frictionless products and processes to attract and retain high-value, highly sought-after consumer deposits and loans. Banks should expect the competition for deposits to intensify, and they will need to ensure that new deposit customers are on boarded effectively and cross-sold loan products quickly to reduce first-year attrition. Cross-selling at the point of origination for the demand deposit account (DDA) customers is the best way to ensure that new customers keep the institution as their primary bank. Financial institutions can exceed consumer expectations and ensure a competitive business model by leveraging modernized technology capabilities fully in combination with making relevant decisions to deliver consumer-friendly experiences. First-year DDA attrition rates will demonstrate how the consumer’s expectations were met and if the new bank got the account-opening process right or wrong. Experian® suggests three capabilities clients should consider: A deposits technology platform that offers frictionless change to data, origination strategies and instant cross-sell to loan products that yield sticky customers Strategies that comply with current and evolving regulatory demands, such as those being sought by the Consumer Financial Protection Bureau (CFPB) Business planning to identify execution gaps and a road map to ensure that gaps are addressed, confirming continued competitive ability to attract high-value deposit and loan customers DDA-account opening effectiveness can be achieved by using a consumer’s life stage, affordability considerations, unique risk profile and financial needs to on board optimally and grow those high-value consumers effectively and efficiently. Financial institutions that are nimble and fast adopters of these critical capabilities will reduce operating expenses for their organizations, grow sustainable revenue from new prospects and customers, and delight those new customers along the way. This is a win-win for banks and consumers. Join me next week as we discuss best practices across the entire demand deposit account life cycle.

As millennials continue to experience challenges in obtaining credit, Experian’s latest research finds that this population is very receptive to nonbank lenders for the ease, speed and accessibility they provide.

The new year has started, the champagne bottles recycled. Bye-bye holidays, hello tax season. In fact, many individuals who are expecting tax refunds are filing early to capture those refunds as soon as possible. After all, a refund equates to so many possibilities – paying down debt, starting a much-needed home improvement project or perhaps trading up for a new vehicle. So what does that mean for lenders?  As consumers pocket tax refunds, the likelihood of their ability to make payments increases. By the end of February 2014, more than 48 million tax refunds had been issued according to the IRS – an increase of 5.6 percent compared to the same time the previous year. As of Feb. 28, the average refund in 2014 was $3,034, up 3 percent compared to the average refund amount for the same time in 2013. To capitalize on this time period, introducing collection triggers can assist lenders with how to manage and collect within their portfolios. Aggressively paying down a bankcard, doubling down on a mortgage payment or wiping out a HELOC signal to the lender a change in positive behavior, but without a trigger attached, it can be hard to pinpoint which customers are shifting from their status quo payments. Experian actually offers around 100 collection triggers, but lenders do not need all to seek out the predictive insights they require. A “top 20” list has been created, featuring the highest percentages in lift rates, and population hit rates. Experian has done extensive analysis to determine the top-performing collection triggers. Among the top 15 to 20 triggers, the trigger hit rate ranged from 2 to 8 percent on an average client’s total portfolio, taking into consideration liquidation rates, average percent of payment lifts, lift in liquidation rates over the baseline liquidation, percent of overall portfolio that triggered, percent of overall portfolio that triggered only on the top-selected triggers, and percent of volume by trigger on the total customers that had a trigger hit. With that said, it is essential to implement the right strategy that includes a good mixture of the top-performing triggers. The key is diversifying and balancing trigger selection and setting triggers up during opportune times. Tax season is one of those times. Some of the top-ranked triggers include: Closed-Zero Balance Triggers: This is when a consumer’s account is reported as closed after being delinquent for a certain number of days. Specifically, the closed-zero balance trigger after being delinquent for 120 days has the highest percent of payment lift over an average payment that you would receive from a customer (at a 710 percent lift rate). These triggers are good indicators the consumer is showing positive improvement, thus having a higher likelihood for collections. Paid Triggers: This is when a consumer’s account is reported as paid after being delinquent, in collections, etc. Five of the top 20 triggers are paid triggers. These triggers have good coverage and a good balance between high lift rates (100 percent to 500 percent) and percent of the triggered population. These triggers are also good indicators the consumer is showing positive improvement, thus having a higher likelihood for collections. Inquiry Triggers: This is when a consumer is applying for an auto loan, mortgage loan, etc. The lift rates for these triggers are lowest within the Top 20, but on the other hand, these triggers have the highest hit rates (up to a 33 percent hit rate). These triggers are good indicators consumers are seeking to open additional lines of credit. Home Equity Loan Triggers: These triggers indicate the credit available on a consumer’s home equity loan. They are specifically enticing to collectors due to the fact that home equity lines of credit are usually larger than your average credit on your bank card. The larger the line of credit, the more you are able to potentially collect. To learn more about collection triggers, visit https://www.experian.com/consumer-information/debt-collection.html

Looking at true fraud rate I’ve talked with many companies over the years about their fraud problems. Most have a genuine desire to operate under the fraud prevention model and eliminate all possible fraud from their systems. The impact on profit is often the primary motivation for implementing solutions, but in reality most companies employ a fraud management schema, offsetting the cost of fraud with the cost of managing it. There are numerous write-ups and studies on the true cost of fraud. What most people don’t realize is that, for each item lost to fraud, a business operating on 10 percent net profit margins will need to sell 10 times the amount of product in order to recover the expense associated with the loss. These hard costs don’t include the soft dollar costs, such as increased call center expenses to handle customer calls. Recently, some organizations have started to add reputational risk into their cost-of-fraud equation. With the proliferation of social media, a few unhappy customers who have been victims of fraud easily can impact an organization’s reputation. This is an emerging fuzzy cost that eventually can be tied back to lost revenue or a drop in share price. Most companies say with pride that their acceptable fraud rate is zero. But when it comes time to choose a partner in fraud detection, it almost always comes down to return on investment. How much fraud can be stopped — and at what price? More informed organizations take all operational expenses and metrics into consideration, but many look at vendor price as the only cost. It’s at this point that they start to increase their acceptable fraud rate. In other words, if — hypothetically — Vendor A can stop only 80 percent of the fraud compared with Vendor B, but Vendor A costs less than 80 percent of what Vendor B costs, they’ll choose Vendor A. All of a sudden, their acceptable fraud rate is no longer zero. This method of decision making is like saying we’ll turn off the security cameras for 20 percent of the day because we can save money on electricity. On the surface, I understand. You have to be accountable to the shareholders. You have to spend and invest responsibly. Everyone is under pressure to perform financially. How many executives, however, take the time to see where those lost dollars end up? If they knew where the money went, would they change their view? We must be vigilant and keep our acceptable fraud rate at zero.