Fraud & Identity Management

Know Your Customer (KYC) procedures are a requirement for banks and other financial institutions to collect and verify the identity of their customers. When a bank verifies the identity of another organization or its owners, the process may be called Know Your Business (KYB) instead.  As part of banks’ anti-money laundering (AML) programs, KYC can help stop corruption, money laundering and terrorist financing. Creating and maintaining KYC programs is also important for regulatory compliance, reputation management and fraud prevention.  READ: How to Build a Know Your Customer Checklist – Everything You Need to Know The three components of KYC programs Banks can largely determine how to set up their KYC and AML programs within the applicable regulatory guidelines. In the United States, KYC needs to happen when banks initially onboard a new customer. But it’s not a one-and-done event—ongoing customer and transaction monitoring is also important.  Customer Identification Program (CIP) Creating a robust Customer Identification Program (CIP) is an essential part of KYC. At a minimum, a bank’s CIP requires it to collect the following information from new customers: Name Date of birth Address Identification number, such as a Social Security number (SSN) or Employer Identification Number (EIN) Banks' CIPs also have to use risk-based procedures to verify customers’ identities and form a reasonable belief that they know the customer's true identity.1 This might involve comparing the information from the application to the customer’s government-issued ID, other identifying documents and authoritative data sources, such as credit bureau databases. Additionally, the bank's CIP will govern how the bank:  Retains the customer’s identifying information Compares customer to government lists  Provides customers with adequate notices Banks can create CIPs that meet all the requirements in various ways, and many use third-party solutions to quickly collect data, detect forged or falsified documents and verify the provided information.  INFOGRAPHIC: Streamlining the Digital Onboarding Process: Beating Fraud at its Game Customer due diligence (CDD)  CIP and CDD overlap, but the CIP primarily verifies a customer’s identity while customer due diligence (CDD) helps banks understand the risk that each customer poses. To do this, banks try to understand what various types of customers do, what those customers’ normal banking activity looks like, and in contrast, what could be unusual or suspicious activity.  Financial institutions can use risk ratings and scores to evaluate customers and then use simplified, standard or enhanced due diligence (EDD) processes based on the results. For example, customers who might pose a greater risk of laundering money or financing terrorism may need to undergo additional screenings and clarify the source of their funds. Ongoing monitoring Ongoing or continuous monitoring of customers’ identities and transactions is also important for staying compliant with AML regulations and stopping fraud.  The monitoring can help banks spot a significant change in the identity of the customer, beneficial owner or account, which may require a new KYC check. Unusual transactions can also be a sign of money laundering or fraud, and they may require the bank to file a suspicious activity report (SAR). Why is KYC important in banking? Understanding and implementing KYC processes can be important for several reasons:  Regulatory compliance: Although the specific laws and rules can vary by country or region, many banks are required to have AML procedures, including KYC. The fines for violating AML regulations can be in the hundreds of millions— a few banks have been fined over $1 billion for lax AML enforcement and sanctions breaching. Reputation management: In some cases, enforcement actions and fines were headline news. Banks that don’t have robust KYC procedures in place risk losing their customers' trust and respect.  Fraud prevention: In addition to the regulatory requirements, KYC policies and systems can also work alongside fraud management solutions for banks. Identity verification at onboarding can help banks identify synthetic identities attempting to open money mule accounts or take out loans. Ongoing monitoring can also be important for identifying long-term fraud schemes and large fraud rings.  ON-DEMAND WEBINAR: Fraud Strategies for a Positive Customer Experience KYC in a digital-first world Many financial institutions have been going through digital transformations. Part of that journey is updating the systems and tools in place to meet the expectations of customers and regulators.  An Experian survey found that about half of consumers (51 percent) consider abandoning the creation of a new account because of friction or a less-than-positive experience — that increased to 69 percent for high-income households.2 The survey wasn’t specific to financial services, but friction could be a problem for banks wanting to attract new account holders. Just as access to additional data sources and machine learning help automate underwriting, financial institutions can use technological advances to add an appropriate amount of friction based on various risk signals. Some of these can be run in the background, such as an electronic Consent Based Social Security Number Verification (eCBSV) check to verify the customer’s name, SSN and date of birth match the Social Security Administration’s records. Others may require more customer involvement, such as taking a selfie that’s then compared to the image on their photo ID — Experian CrossCore® Doc Capture enables this type of verification.  Experian is a leader in identity and data management  Experian's identity verification solutions use proprietary and third-party data to help banks manage their KYC procedures, including identity verification and Customer Identification Programs. By bundling identity verification with fraud assessment, banks can stop fraudsters while quickly resolving identity discrepancies. The automated processes also allow you to offer a low-friction identity verification experience and use step-up authentications as needed.  Learn more about Experian’s identity solutions.  1FDIC (2021). Customer Identification Program 2Experian (2023). Experian's 2023 Identity and Fraud Report

Ensuring the reliability of tenant applications is paramount to running a successful property management business. But with an exponential rise in prospective residents using fake financial documents to inflate income and employment status, how do property managers navigate and detect fake paystubs without stepping on a landmine of liability? The marketplace of deception Paystub generator websites As you embrace the commitment to diligence, be aware that some legitimate websites can be unknowingly used by fraudsters to create counterfeit financial documents. Knowledge is your ally here. At the touch of a button, even the minimally tech inclined can produce pay stubs that appear convincing. There are dozens of sites that offer paystub generator software, including: Design and editing software websites that are accessible to people beyond just creative professionals. Popular e-commerce platform stores that host apps capable of creating paystubs. Mobile app stores that allow users to download apps for use on all major mobile devices. Key indicators of a fake paystub Remember, as a property manager or owner, you are responsible for scrutinizing these documents to protect your business interests. Use your awareness to be vigilant, verifying every piece of information to ensure the credibility of prospective tenants. While some of these falsified paystubs may appear to be legitimate, they are usually not perfect. Here are some quick checks which may help you spot a fake or trigger a deeper review quickly. Watch out for elusive typos Erroneous spelling, particularly in company names and financial terms, is a big red flag. Keep your eyes peeled for these unruly characters. Distorted watermarks A legitimate paystub should carry official watermarks or specific symbols that indicate its authenticity. However, be on the lookout for watermarks that seem off — sometimes, they're too conspicuous or amateurish, which can be a tell-tale sign of forgery. Authentic watermarks should be subtle and consistent with the company's brand. Crunching the numbers Inaccurate calculations can unravel a fake paystub. If the numbers just don't add up or pay dates vary inexplicably, you should investigate further. Inconsistent font Professional payroll systems stick to a consistent font. If you notice various font styles and sizes, it's worth investigating further. Authenticity lies in uniformity. Going logo-less? A missing company logo, or one that looks like it was copied from a low-resolution image on the internet, should trigger suspicion. Unusual tax deductions Abnormal tax deductions could indicate someone's fiddling with the figures. Brush up on your tax knowledge or consult with an expert if something seems off-the-wall. Final food for thought Remember, having the right knowledge and tools empowers you to make informed decisions, safeguarding your property from potential fraudsters. Be diligent, stay informed, and leverage technology to support your processes. Action steps to take today Educate your team: Make sure everyone involved in the application review process knows what to look for. Develop a standard operating procedure: Update your existing (or develop) Standard Operating Procedures: As new ways of gaming the system arise, make sure your particular procedures are keeping up with the times. For example, include steps for the following: Understand tenant screening laws in your area. Create consistent resident screening criteria. Check credit report and background. Verify employment and income. Review rental history and evictions (if any). Check criminal record with multi-state search. Interview residents before signing a lease. Follow a consistent policy when accepting or rejecting applicants. Embrace technology: Income and employment verification solutions can verify income directly from a trusted data source and avoid the paystub predicament altogether. Consider implementing a verification system that leaves no room for guesswork. Our verification solution, Experian VerifyTM, provides accurate, efficient, and compliant income and employment verification services. With Experian Verify, property managers can navigate the complexities of tenant-related income and employment verification with ease, ensuring they are adhering to Fair Housing laws and detecting fraudulent behavior. To learn more about how Experian Verify can benefit your property business, please contact us and visit us online. Learn more

In the ever-expanding financial crime landscape, envision the most recent perpetrator targeting your organization. Did you catch them? Could you recover the stolen funds? Now, picture that same individual attempting to replicate their scheme at another establishment, only to be thwarted by an advanced system flagging their activity. The reason? Both companies are part of an anti-fraud data consortium, safeguarding financial institutions (FIs) from recurring fraud. In the relentless battle against fraud and financial crime, FIs find themselves at a significant disadvantage due to stringent regulations governing their operations. Criminals, however, operate without boundaries, collaborating across jurisdictions and international borders. Recognizing the need to level the playing field, FIs are increasingly turning to collaborative solutions, such as participation in fraud consortiums, to enhance their anti-fraud and Anti-Money Laundering (AML) efforts. Understanding consortium data for fraud prevention A fraud consortium is a strategic alliance of financial institutions and service providers united in the common goal of comprehensively understanding and combatting fraud. As online transactions surge, so does the risk of fraudulent activities. However, according to Experian’s 2023 U.S. Identity and Fraud Report, 55% of U.S. consumers reported setting up a new account in the last six months despite concerns around fraud and online security. The highest account openings were reported for streaming services (43%), social media sites and applications (40%), and payment system providers (39%). Organizations grappling with fraud turn to consortium data as a robust defense mechanism against evolving fraud strategies. Consortium data for fraud prevention involves sharing transaction data and information among a coalition of similar businesses. This collaborative approach empowers companies with enhanced data analytics and insights, bolstering their ability to combat fraudulent activities effectively. The logic is simple: the more transaction data available for analysis by artificial-intelligence-powered systems, the more adept they become at detecting and preventing fraud by identifying patterns and anomalies. Advantages of data consortiums for fraud and AML teams Participation in an anti-fraud data consortium provides numerous advantages for a financial institution's risk management team. Key benefits include: Case management resolution: Members can exchange detailed case studies, sharing insights on how they responded to specific suspicious activities and financial crime incidents. This collaborative approach facilitates the development of best practices for incident handling. Perpetrator IDs: Identifying repeat offenders becomes more efficient as consortium members share data on suspicious activities. Recognizing patterns in names, addresses, device fingerprints, and other identifiers enables proactive prevention of financial crimes. Fraud trends: Consortium members can collectively analyze and share data on the frequency of various fraud attempts, allowing for the calibration of anti-fraud systems to effectively combat prevalent types of fraud. Regulatory changes: Staying ahead of evolving financial regulations is critical. Consortiums enable FIs to promptly share updates on regulatory changes, ensuring quick modifications to anti-fraud/AML systems for ongoing compliance. Who should join a fraud consortium? A fraud consortium can benefit any organization that faces fraud risks and challenges, especially in the financial industry. However, some organizations may benefit more, depending on their size, type, and fraud exposure. Some of the organizations that should consider joining a fraud consortium are: Financial institutions: Banks, credit unions, and other financial institutions are prime targets for fraudsters, who use various methods such as identity theft, account takeover, card fraud, wire fraud, and loan fraud to steal money and information from them. Fintech companies: Fintech companies are innovative and disruptive players in the financial industry, who offer new and alternative products and services such as digital payments, peer-to-peer lending, crowdfunding, and robot-advisors. Online merchants: Online merchants are vulnerable to fraudsters, who use various methods such as card-not-present fraud, friendly fraud, and chargeback fraud to exploit their online transactions and payment systems. Why partner with Experian? What companies need is a consortium that allows FIs to collaboratively research anti-fraud and AML information, eliminating the need for redundant individual efforts. This approach promotes tighter standardization of anti-crime procedures, expedited deployment of effective anti-fraud/AML solutions, and a proactive focus on preventing financial crime rather than reacting to its aftermath. Experian Hunter is a sophisticated global application fraud and risk management solution. It leverages detection rules to screen incoming application data for identifying and preventing fraudulent activities. It matches incoming application data against multiple internal and external data sources, shared fraud databases and dedicated watch lists. It uses client-flexible matching rules to crossmatch data sources for highlighting data anomalies and velocity attempts. In addition, it looks for connections to previous suspected and known fraudulent applications. Hunter generates a fraud score to indicate a fraud risk level used to prioritize referrals. Suspicious applications are moved into the case management tool for further investigation. Overall, Hunter prevents application fraud by highlighting suspicious applications, allowing you to investigate and prevent fraud without inconveniencing genuine customers. To learn more about our fraud management solutions, visit us online or request a call. Learn more This article includes content created by an AI language model and is intended to provide general information.

Finding a reliable, customer-friendly way to protect your business against new account fraud is vital to surviving in today's digital-driven economy. Not only can ignoring the problem cause you to lose valuable money and client goodwill, but implementing the wrong solutions can lead to onboarding issues that drive away potential customers. The Experian® 2023 Identity and Fraud Report revealed that nearly 70 percent of businesses reported fraud loss in recent years, with many of these involving new account fraud. At the same time, problems with onboarding caused 37 percent of consumers to drop off and take their business elsewhere. In other words, your customers want protection, but they aren't willing to compromise their digital experience to get it. You need to find a way to meet both these needs when combating new account fraud. What is new account fraud? New account fraud occurs any time a bad actor creates an account in your system utilizing a fake or stolen identity. This process is referred to by different names, such as account takeover fraud, account creation fraud, or account opening fraud. Examples of some of the more common types of new account fraud include: Synthetic identity (ID) fraud: This type of fraud occurs when the scammer uses a real, stolen credential combined with fake credentials. For example, they might use someone's real Social Security number combined with a fake email. Identity theft: In this case, the fraudster uses personal information they stole to create a new scam account. Fake identity: With this type of fraud, scammers create an account with wholly fake credentials that haven't been stolen from any particular person. New account fraud may target individuals, but the repercussions spill over to impact entire organizations. In fact, many scammers utilize bots to attempt to steal information or create fake accounts en masse, upping the stakes even more. How does new account fraud work? New account fraud begins at a single weak security point, such as: Data breaches: The Bureau of Justice reported that in 2021 alone, 12 percent of people ages 16 or older received notifications that their personal information was involved in a data breach.1 Phishing scams: The fraudster creates an email or social media account that pretends to be from a legitimate organization or person to gain confidential information.2 Skimmers: These are put on ATMs or fuel pumps to steal credit or debit card information.2 Bot scrapers: These tools scrape information posted publicly on social media or on websites.2 Synthetic ID fraud: 80 percent of new account fraud is linked to synthetic ID fraud.3 The scammer just needs one piece of legitimate information. If they have a real Social Security number, they might combine it with a fake name and birth date (or vice versa.) After the information is stolen, the rest of the fraud takes place in steps. The fake or stolen identity might first be used to open a new account, like a credit card or a demand deposit account. Over time, the account establishes a credit history until it can be used for higher-value targets, like loans and bank withdrawals. How can organizations prevent new account fraud? Some traditional methods used to combat new account fraud include: Completely Automated Public Turing Tests (CAPTCHAs): These tests help reduce bot attacks that lead to data breaches and ensure that individuals logging into your system are actual people. Multifactor authentication (MFA): MFA bolsters users' password protection and helps guard against account takeover. If a scammer tries to take over an account, they won't be able to complete the process. Password protection: Robust password managers can help ensure that one stolen password doesn't lead to multiple breaches. Knowledge-based authentication: Knowledge-based authentication can be combined with MFA solutions, providing an additional layer of identity verification. Know-your-customer (KYC) solutions: Businesses may utilize KYC to verify customers via government IDs, background checks, ongoing monitoring, and the like. Additional protective measures may involve more robust identity verification behind the scenes. Examples include biometric verification, government ID authentication, public records analysis, and more. Unfortunately, these traditional protective measures may not be enough, for many reasons: New account fraud is frequently being perpetrated by bots, which can be tougher to keep up with and might overwhelm systems. Institutions might use multiple security solutions that aren't built to work together, leading to overlap and inefficiency. Security measures may create so much friction in the account creation process that potential new customers are turned away. How we can help Experian's fraud management services provide a multi-layered approach that lets businesses customize solutions to their particular needs. Advanced machine learning analytics utilizes extensive, proprietary data to provide a unique experience that not only protects your company, but it also protects your customers' experience. Customer identification program (CIP) Experian's KYC solutions allow you to confidently identify your customers via a low-friction experience. The tools start with onboarding, but continue throughout the customer journey, including portfolio management. The tools also help your company comply with relevant KYC regulations. Cross-industry analysis of identity behavior Experian has created an identity graph that aggregates consumer information in a way that gives companies access to a cross-industry view of identity behavior as it changes over time. This means that when a new account is opened, your company can determine behind the scenes if any part of the identity is connected to instances of fraud or presents actions not normally associated with the customer's identity. It's essentially a new paradigm that works faster behind the scenes and is part of Experian's Ascend Fraud Platform™. Multifactor authentication solutions Experian's MFA solutions utilize low-friction techniques like two-factor authentication, knowledge-based authentication, and unique one-time password authentication during remote transactions to guard against hacking. Synthetic ID fraud protection Experian's fraud management solutions include robust protection against synthetic ID fraud. Our groundbreaking technology detects and predicts synthetic identities throughout the customer lifecycle, utilizing advanced analytics capabilities. CrossCore® CrossCore combines risk-based authentication, identity proofing, and fraud detection into one cloud platform, allowing for real-time decisions to be made with flexible decisioning workflows and advanced analytics. Interactive infographic: Building a multilayered fraud and identity strategy Precise ID® The Precise ID platform lets customers choose the combination of fraud analytics, identification verification, and workflows that best meet their business needs. This includes machine-learned fraud risk models, robust consumer data assets, one-time passwords (OTPs), knowledge-based authentication (KBAs), and powerful insights via the Identity Element Network®. Account takeover fraud represents a significant threat to your business that you can't ignore. But with Experian's broad range of solutions, you can keep your systems secure while not sacrificing customer experience. Experian can keep your business secure from new account fraud Experian's innovative approach can streamline your new account fraud protection. Learn more about how our fraud management solutions can help you. Learn more References 1. Harrell, Erika. "Just the Stats: Data Breach Notifications and Identity Theft, 2021." Bureau of Justice Statistics, January 2024. https://bjs.ojp.gov/data-breach-notifications-and-identity-theft-2021 2. "Identity Theft." USA.gov, December 6, 2023. https://www.usa.gov/identity-theft 3. Purcell, Michael. "Synthetic Identity Fraud: What is It and How to Combat It." Thomson Reuters, April 28, 2023. https://legal.thomsonreuters.com/blog/synthetic-identity-fraud-what-is-it-and-how-to-combat-it/

This article was updated on March 4, 2024. If you steal an identity to commit fraud, your success is determined by how long it takes the victim to find out. That window gets shorter as businesses get better at knowing when and how to reach an identity owner when fraud is suspected. In response, frustrated fraudsters have been developing techniques to commit fraud that does not involve a real identity, giving them a longer run-time and a bigger payday.  That's the idea behind  synthetic identity (SID) fraud — one of the fastest-growing types of fraud.  Defining synthetic identity fraud Organizations tend to have different  definitions of synthetic identity fraud, as a synthetic identity will look different to the businesses it attacks. Some may see a new account that goes bad immediately, while others might see a longer tenured account fall delinquent and default. The qualifications of the synthetic identity also change over time, as the fraudster works to increase the identity’s appearance of legitimacy. In the end, there is no person to confirm that fraud has occurred, in the very best case, identifying a synthetic identity is inferred and verified. As a result, inconsistent reporting and categorization can make tracking and fighting SID fraud more difficult.  To help create a more unified understanding and response to the issue, the Federal Reserve and 12 fraud experts worked together to develop a definition. In 2021, the  Boston Federal Reserve  published the result, “Synthetic identity fraud is the use of a combination of personally identifiable information to fabricate a person or entity to commit a dishonest act for personal or financial gain."1 To break down the definition, personally identifiable information (PII) can include:  Primary PII:  Such as a name, date of birth (DOB), Social Security number (SSN) or another government-issued identifier. When combined, these are generally unique to a person or entity. Secondary PII:  Such as an address, email, phone number or device ID. These elements can help verify a person or entity's identity.   Synthetic identities are created when fraudsters establish an identity from scratch using fake PII. Or they may combine real and fake PII (I.e., a stolen SSN with a fake name and DOB) to create a new identity. Additionally, fraudsters might steal and use someone's SSN to create an identity - children, the  elderly  and incarcerated people are popular targets because they don't commonly use credit.4 But any losses would still be tied to the SID rather than the victim. Exploring the Impact of SID fraud The most immediate and obvious impact of SID fraud is the fraud losses. Criminals may create a synthetic identity and spend months  building up its credit profile, opening accounts and increasing credit limits. The identities and behaviors are constructed to look like legitimate borrowers, with some having a record of on-time payments. But once the fraudster decides to monetize the identity, they can apply for loans and max out credit cards before ‘busting out’ and disappearing with the money.  Aite-Novaric Group estimates that SID fraud losses totaled $1.8 billion in 2020 and will increase to $2.94 billion in 2024.2 However, organizations that do not identify SIDs may classify a default as a credit loss rather than a fraud loss.  By some estimates, synthetic identity fraud could account for up to 20 percent of loan and credit card charge-offs, meaning the annual charge-off losses in the U.S. could be closer to $11 billion.3 Additionally, organizations lose time and resources on collection efforts if they do not identify the SID fraud.  Those estimates are only for unsecured U.S. credit products. But fraudsters use synthetic identities to take out secured loans, including auto loans.   As part of schemes used to steal relief funds during the pandemic, criminals used synthetic identities to open demand deposit accounts to receive funds. These accounts can be used to launder money from other sources and commit peer-to-peer payment fraud. Deposit account holders are also a primary source of cross-marketing for some financial institutions. Criminals can take advantage of vulnerable onboarding processes for deposit accounts where there’s low risk to the institution and receive offers for lending products. Building a successful SID prevention strategy Having an effective SID prevention strategy is more crucial than ever for organizations. Aside from fraud losses, consumers listed identity theft as their top concern when conducting activities online. And while 92% of businesses have an identity verification strategy in place, 63% of consumers are "somewhat confident" or "not very confident" in businesses' ability to accurately identify them online. Read: Experian's 2023 Identity and Fraud Report Many traditional fraud models and identity verification methods are not designed to detect fake people. And even a step up to a phone call for verification isn't enough when the fraudster will be the one answering the phone. Criminals also quickly respond when organizations update their fraud detection methods by looking for less-protected targets. Fraudsters have even signed their SIDs up for social media accounts and apps with low verification hurdles to help their SIDs pass identity checks.5  Understand synthetic identity risks across the lifecycle  Synthetic Identities are dynamic. When lending criteria is tightened to synthetics from opening new accounts, they simply come back when they can qualify. If waiting brings a higher credit line, they’ll wait. It’s important to recognize that synthetic identity isn’t a new account or a portfolio management problem - it’s both.    Use analytics that are tailored to synthetic identity  Many of our customers in the financial services space have been trying to solve synthetic identity fraud with credit data. There’s a false sense of security when criteria is tightened and losses go down—but the losses that are being impacted tend to not be related to credit. A better approach to synthetic ID fraud leverages a larger pool of data to assess behaviors and data linkages that are not contained in traditional credit data.  You can then escalate suspicious accounts to require additional reviews, such as screening through the Social Security Administration's Electronic Consent Based SSN Verification (eCBSV) system or more stringent document verification.  Find a trusted partner  Experian's interconnected data and analytics platforms offer lenders turnkey identity and synthetic identity fraud solutions. In addition, lenders can take advantage of the risk management system and continuous monitoring to look for signs of SIDs and fraudulent activity, which is important for flagging accounts after opening. These tools can also help lenders identify and prevent other common forms of fraud, including account takeovers, e-commerce fraud, child identity theft fraud and elderly fraud. Learn more about our synthetic identity fraud solutions. Learn more 1Federal Reserve Bank (2021). Defining Synthetic Identity Fraud 2Aite Novarica (2022). Synthetic Identity Fraud: Solution Providers Shining Light into the Darkness 3Experian (2022). Preventing synthetic identity fraud 4The Federal Reserve (2022). Synthetic Identity Fraud: What Is it and Why You Should Care? 5Experian (2022). Preventing synthetic identity fraud 

This article was updated on February 23, 2024. First impressions are always important – whether it’s for a job interview, a first date or when pitching a client. The same goes for financial services onboarding as it’s an opportunity for organizations to foster lifetime loyalty with customers. As a result, financial institutions are on the hunt now more than ever for frictionless online identity verification methods to validate genuine customers and maintain positive experiences during the online onboarding process. In a predominantly digital-first world, financial companies are increasingly focused on the customer experience and creating the most seamless online onboarding process. However, according to Experian’s 2023 Identity and Fraud Report, more than half of U.S. consumers considered dropping out during account opening due to friction and a less-than positive experience. And as technology continues to advance, digital financial services onboarding, not surprisingly, increases the demand for fraud protection and authentication methods – namely with digital identity (ID) verification processes. According to Experian’s report, 64% of consumers are very or somewhat concerned with online security, with identity theft being their top concern. So how can financial institutions guarantee a frictionless online onboarding experience while executing proper authentication methods and maintaining security and fraud detection? The answer? While a “frictionless” experience can seem like a bit of a unicorn, there are some ways to get close: Utilizing better data - Digital devices offer an extensive amount of data that’s useful in determining risk. Characteristics that allow the identification of a specific device, the behaviors associated with the device and information about a device’s owner can be captured without adding friction for the user. Analytics – Once the data is collected, advanced analytics uses information based on behavioral data, digital intelligence, phone intelligence and email intelligence to analyze for risk. While there’s friction in the initial ask for the input data, the risk prediction improves with more data. Document verification and biometric identity verification – Real-time document verification used in conjunction with facial biometrics, behavioral biometrics and other physical characteristics allows for rapid onboarding and helps to maintain a low friction customer journey. Financial institutions can utilize document verification to replace manual long-form applications for rapid onboarding and immediately verify new data at the point of entry. Using their mobile phones, consumers can photograph and upload identity documents to pre-fill applications. Document authenticity can be verified in real-time. Biometrics, including facial, behavioral, or other physical characteristics (like fingerprints), are low-touch methods of customer authentication that can be used synchronously with document verification. Optimize your financial services onboarding process Experian understands how critical identity management and fraud protection is when it comes to the online onboarding process and identity verification. That’s why we created layered digital identity verification and risk segmentation solutions to help legitimize your customers with confidence while improving the customer experience. Our identity verification solutions use advanced technology and capabilities to correctly identify and verify real customers while mitigating fraud and maintaining frictionless customer experiences. Learn more

While bots have many helpful purposes, they have unfortunately become a tool for malicious actors to gain fraudulent access to financial accounts, personal information and even company-wide systems. Almost every business that has an online presence will have to face and counter bot attacks. In fact, a recent study found that across the internet on a global scale, malicious bots account for 30 percent of automated internet activity.1 And these bots are becoming more sophisticated and harder to detect. What is a bot attack and bot fraud? Bots are automated software applications that carry out repetitive instructions mimicking human behavior.2 They can be either malicious or helpful, depending on their code.  For example, they might be used by companies to collect data analytics, scan websites to help you find the best discounts or chat with website visitors. These "good" bots help companies run more efficiently, freeing up employee resources. But on the flip side, if used maliciously, bots can commit attacks and fraudulent acts on an automated basis. These might even go undetected until significant damage is done. Common types of bot attacks and frauds that you might encounter include: Spam bots and malware bots: Spam bots come in all shapes and sizes. Some might scrape email addresses to entice recipients into clicking on a phishing email. Others operate on social media sites. They might create fake Facebook celebrity profiles to entice people to click on phishing links. Sometimes entire bot "farms" will even interact with each other to make a topic or page appear more legitimate. Often, these spam bots work in conjunction with malware bots that trick people into downloading malicious files so they can gain access to their systems. They may distribute viruses, ransomware, spyware or other malicious files.  Content scraping bots: These bots automatically scrape content from websites. They might do so to steal contact information or product details or scrape entire articles so they can post duplicate stories on spam websites.  DDoS bots and click fraud bots: Distributed denial of service (DDoS) bots interact with a target website or application in such large numbers that the target can't handle all the traffic and is overwhelmed. A similar approach involves using bots to click on ads or sponsored links thousands of times, draining advertisers' budgets.  Credential stealing bots: These bots use stolen usernames and passwords to try to log into accounts and steal personal and financial information. Other bots may try brute force password cracking to find one combination that works so they can gain unauthorized access to the account. Once the bot learns consumer’s legitimate username and password combination on one website, they can oftentimes use it to perform account takeovers on other websites. In fact, 15 percent of all login attempts across industries in 2022 were account takeover attacks.1 AI-generated bots: While AI, like ChatGPT, is vastly improving the technological landscape, it's also providing a new avenue for bots.3 AI can create audio and videos that appear so real that people might think they're a celebrity seeking funds.  What are the impacts of bot attacks? Bot attacks and bot fraud can have a significant negative impact, both at an individual user level and a company level. Individuals might lose money if they're tricked into sending money to a fake account, or they might click on a phishing link and unwittingly give a malicious actor access to their accounts. On a company level, the impact of a bot attack can be even more widespread. Sensitive customer data might get exposed if the company falls victim to a malware attack. This can open the door for the creation of fake accounts that drain a company's money. For example, a phishing email might lead to demand deposit account (DDA) fraud, where a scammer opens a fraudulent account in a customer's name and then links it to new accounts, like new lines of credit. Malware attacks can also cause clients to lose trust in the company and take their business elsewhere.A DDoS attack can take down an entire website or application, leading to a loss of clients and money. A bot that attacks APIs can exploit design flaws to steal sensitive data. In some cases, ransomware attacks can take over entire systems and render them unusable.  How can you stop bot attacks? With so much at risk, stopping bot attacks is vital. But some of the most typical defenses have core flaws. Common methods for stopping bot attacks include:  CAPTCHAs: While CAPTCHAs can protect online systems from bot incursions, they can also create friction with the user process. Firewalls: To stop DDoS attacks, companies might reduce attack points by utilizing firewalls or restricting direct traffic to sensitive infrastructures like databases.4 Blocklists: These can prevent IPs associated with attacks from accessing your system entirely. Multifactor authentication (MFA): MFA requires two forms of identification or more before granting access to an account. Password protection: Password managers can ensure employees use strong passwords that are different for each access point.  While the above methods can help, many simply aren't enough, especially for larger companies with many points of potential attacks. A piecemeal approach can also lead to friction on the user's side that may turn potential clients away. Our 2024 Identity and Fraud Report revealed that up to 38 percent of U.S. adults stopped creating a new account because of the friction they encountered during the onboarding process. And often, this friction is in place to try to stop fraudulent access. Incorporating behavioral analytics to combat attacks Another effective way to enhance bot detection is through the use of behavioral analytics. This technology helps track user activity and identify patterns that may suggest malicious bot behavior. By analyzing aspects such as typing speed, mouse movement and the way users interact with websites, businesses can gain real-time insights into whether a visitor is human or a bot. Behavioral analytics in fraud uses machine learning and advanced algorithms to continuously monitor and refine user behavior patterns. This allows businesses to identify bot attacks more accurately and prevent them before they cause harm. By analyzing real-time behaviors, such as how fast someone enters information or their browsing habits, businesses can flag suspicious activity that traditional methods might miss. Why partner with Experian? What companies need is fraud and bot protection with a positive customer experience. We provide account takeover fraud prevention solutions that can help protect your company from bot attacks, fraudulent accounts and other malicious attempts to access your sensitive data. Experian's approach embodies a paradigm shift where fraud detection increases efficiency and accuracy without sacrificing customer experience. We can help protect your company from bot attacks, fraudulent accounts and other malicious attempts to access your sensitive data.  Learn more This article includes content created by an AI language model and is intended to provide general information. 1"Bad bot traffic accounts for nearly 30% of APAC internet traffic," SMEhorizon, June 13, 2023. https://www.smehorizon.com/bad-bot-traffic-accounts-for-nearly-30-of-apac-internet-traffic/2"What is a bot?" AWS. https://aws.amazon.com/what-is/bot/3Nield, David. "How ChatGPT — and bots like it — can spread malware," Wired, April 19, 2023. https://www.wired.com/story/chatgpt-ai-bots-spread-malware/4"What is a DDoS attack?" AWS. https://aws.amazon.com/shield/ddos-attack-protection/

It's 2024, and it has never been easier to buy a car in person or online, but automobiles are not quite as affordable as prior to the pandemic. While everyone is looking for the best car deal, some folks are pushing it too far and are falling for auto scams. What is auto lending fraud? Fraud perpetrators are drawn to sectors they perceive as highly lucrative. The accessibility of online vehicle financing and purchasing, coupled with the substantial financial magnitude associated with automotive transactions, renders the auto industry an optimal avenue for cash-out endeavors. Auto lending fraud refers to deceptive or fraudulent activities related to obtaining or processing auto finance. This can involve various schemes aimed at misleading lenders, financial institutions, or individuals involved in the lending process. Criminal networks now operate on social media sites like Facebook and Telegram, offering a unique car buying service using synthetic identities. They create synthetic identities, finance cars with no down payment, and deliver vehicles to addresses chosen by buyers. The process involves selecting a car online, sending a small amount of dollars and a photo against a white background, and receiving a fake driver's license. Those networks claim to exploit car sites' policies successfully. While appealing to those in urgent need of a car, the service poses significant risks as the synthetic identity may be used for other fraudulent activities beyond car purchase. Who is at risk? Everyone involved in the car buying process is at risk of falling victim to auto loan fraud. Car buyers looking to secure financing, as well as lenders, need to be aware of the potential red flags and take necessary precautions to safeguard their interests. Thieves leverage the internet and electronic transactions to perpetrate auto loan fraud. While the growth of online commerce has improved many aspects of trade, it has also made personally identifiable information and financial details vulnerable to data breaches. Unscrupulous individuals can gain unauthorized access to such information, providing the foundation for various identity theft schemes. The internet also facilitates the creation of seemingly legitimate documents that support auto loan fraud. Online services exist to help fraudsters fabricate income statements and fake employment verification from fictitious companies. This trend has made auto loan fraud an increasingly popular method for acquiring vehicles with minimal cash and risk. Another auto loan fraud trend is the increased use of CPN (Credit Privacy Number). Credit Repair firms introduced a novel strategy targeting consumers — the CPN (Credit Privacy Number). Marketed as a nine-digit alternative to a Social Security Number (SSN), CPNs are purportedly usable for obtaining credit. However, it is crucial to note that utilizing a CPN for credit applications constitutes a criminal offense, potentially leading to legal consequences, and car dealerships should not accept them.  Detecting auto loan fraud There are several types of auto loan fraud worth noting to better understand the landscape: Income fabrication: Prospective buyers may falsify their income details to qualify for a larger loan or better terms. Lenders should verify income using documents like pay stubs, tax returns, or bank statements and watch out for inconsistencies. Employment misrepresentation: Applicants could lie about their job titles or employment status. Lenders should verify employment details through HR departments or by directly contacting the employer. Trade-in vehicle deception: Some individuals may overstate the value of their trade-in vehicle to secure a higher loan amount. Lenders should perform thorough appraisals or consult trusted sources to ascertain the accurate value of the trade-in. Identity fraud: Fraudsters can assume someone else's identity, commit first party fraud or create a fictitious persona to obtain an auto loan. Lenders must verify the applicant's identity using reliable identification documents and consider using identity verification tools. Forged documentation: Fraudsters may forge or alter documents like income statements, bank statements, or driver's licenses. Lenders should scrutinize documents carefully for discrepancies or signs of tampering. Straw borrower fraud: In this scenario, someone with poor credit convinces a friend or relative with better credit to front the deal, posing as the buyer. A better credit score allows for better terms or a more valuable vehicle. The actual buyer may continue to make payments to the friend, or the loan may become delinquent, negatively affecting the friend's credit score. In extreme cases, the straw buyer is part of a fraud ring, and the vehicle has already been sold in a foreign market. Synthetic identity fraud: Data breaches providing personally identifying information enable identity theft schemes. Perpetrators use illicitly acquired information to create false borrower profiles that appear authentic. These profiles typically have excellent credit, a social security number, an affluent home address, stable employment, and other attributes that make them seem like desirable borrowers. However, a detailed investigation reveals subtle inconsistencies indicative of high risk. How to prevent auto loan fraud To combat auto loan fraud and protect profitability, auto lenders can leverage technological advancements. By applying analytics and machine learning to millions of loan applications and histories, you can identify fraudulent patterns and inconsistencies. Machine learning can determine the type of suspected fraud and provide a confidence factor to guide further investigation and verification. Additionally, you should: Conduct thorough background checks on prospective buyers and verify their personal information and documents. and verify their personal information and documents. Implement a comprehensive loan underwriting process that includes income verification, employment verification, and collateral evaluation. Educate employees about common fraud schemes, warning signs, and best practices to ensure they remain vigilant during loan applications. Foster a culture of cooperation with local law enforcement agencies, sharing information about suspected fraudsters to help prevent future incidents. It is important for individuals and businesses to be vigilant and report any suspicious activity. Car dealerships and financial institutions work to prevent fraud through proper identification verification, credit checks, and adherence to legal and ethical standards. If you suspect fraudulent activity or identity theft, it is crucial to report it to the appropriate authorities immediately. Gearing-up Taking advantage of the latest fintech capabilities, such as cloud-based loan origination that integrates analytics, machine learning, and automated verification services, can significantly reduce the likelihood of fraudulent applications becoming another auto lending fraud statistic. By combining the best data with our automated ID verification checks, Experian helps you safeguard your business and onboard customers efficiently. Our best-in-class solutions employ device recognition, behavioral biometrics, machine learning, and global fraud databases to spot and block suspicious activity before it becomes a problem. Learn more about our automotive fraud prevention solutions *This article includes content created by an AI language model and is intended to provide general information.

Spoiler alert: Gen AI is everywhere, including the top of Experian’s list of fraud trends 2024. “The speed and complexity of fraud attacks due to new technology and sophisticated fraudsters is leaving both businesses and consumers at risk in 2024,” said Kathleen Peters, chief innovation officer at Experian Decision Analytics in North America. “At Experian, we’re constantly innovating to deliver data-driven solutions to help our customers fight fraud and to protect the consumers they serve.” To deter fraudulent activity in 2024, businesses and consumers must get tactical for their fraud fighting strategies. And for businesses, the need for more sophisticated fraud protection solutions leveraging data and technology is greater than ever before. Experian suggests consumers and businesses watch out for these big five rounding out our fraud trends 2024. Generative AI: Generative AI accelerates DIY fraud: Experian predicts fraudsters will use generative AI to accelerate “do-it-yourself” fraud ranging from deepfake content – think emails, voice and video – as well as code creation to set up scam websites. A previous blog post of ours highlighted four types of generative AI used for fraud, including fraud automation at scale, text content generation, image and video manipulation and human voice generation. The way around it? Fight AI fraud with AI as part of a multilayered fraud prevention solution. Fraud at bank branches: Bank branches are making a comeback. A growing number of consumers prefer visiting bank branches in person to open new accounts or get financial advice with the intent to conduct safer transactions. However, face-to-face verification is not flawless and is still susceptible to human error or oversight. According to an Experian report, 85% of consumers report physical biometrics as the most trusted and secure authentication method they’ve recently encountered, but the measure is only currently used by 32% of businesses to detect and protect against fraud. Retailers, beware: Not all returns are as they appear. Experian predicts an uptick in cases where customers claim to return their purchases, only for the business to receive an empty box in return. Businesses must be vigilant with their fraud strategy in order to mitigate risk of lost goods and revenue. Synthetic identity fraud will surge: Pandemic-born synthetic identities may have been dormant, but now have a few years of history, making it easier to elude detection leading to fraudsters using those dormant accounts to “bust out” over the next year. Cause-related and investment deception: Fraudsters are employing new methods that strike an emotional response from consumers with cause-related asks to gain access to consumers’ personal information. Experian predicts that these deceptive cause-related methods will surge in 2024 and beyond. How businesses and consumers feel about fraud in 2024 According to an Experian report, over half of consumers feel they’re more of a fraud target than a year ago and nearly 70% of businesses report that fraud losses have increased in recent years. Business are facing mounting challenges – from first-party fraud and credit washing to synthetic identity and the yet-to-be-known impacts generative AI may have on fraud schemes. Synthetic identity fraud has been mentioned in multiple Experian Fraud Forecasts and the threat is ever growing. As technology continues to enhance consumers’ connectedness, it also heightens the stakes for various fraud attacks. As highlighted by this list of fraud trends 2024, the ways that fraudsters are looking to deceive is increasing from all angles. “Now more than ever, businesses need to implement a multilayered approach to their identity verification and fraud prevention strategies that leverages the latest technology available,” said Peters. Consumers are increasingly at risk from sophisticated fraud schemes. Increases in direct deposit account and check fraud, as well as advanced technologies like deepfakes and AI-generated phishing emails, put consumers in a precarious position. The call to action for consumers is to remain vigilant of seemingly authentic interactions. Experian can help with your fraud strategy To learn more about Experian’s fraud prevention solutions, please visit https://www.experian.com/business/solutions/fraud-management.  Download infographic Watch Future of Fraud webinar

This article was updated on February 12, 2024. The Buy Now, Pay Later (BNPL) space has grown massively over the last few years. But with rapid growth comes an increased risk of fraud, making "Buy Now, Pay Never" a crucial fraud threat to watch out for in 2024 and beyond. What is BNPL? BNPL, a type of short-term financing, has been around for decades in different forms. It's attractive to consumers because it offers the option to split up a specific purchase into installments rather than paying the full total upfront. The modern form of BNPL typically offers four installments, with the first payment at the time of purchase, as well as 0% APR and no hidden fees. According to an Experian survey, consumers cited managing spending (34%), convenience (31%), and avoiding interest payments (23%) as main reasons for choosing BNPL. Participating retailers generally offer BNPL at point-of-sale, making it easy for customers to opt-in and get instantly approved. The customer then makes a down payment and pays off the installments from their preferred account. BNPL is on the rise The fintech and online-payment-driven world is seeing a rise in the popularity of BNPL. According to Experian research, 3 in 4 consumers have used BNPL in 2023, with 11% using BNPL weekly to make purchases. The interest in BNPL also spans generations — 36% of Gen Z, 43% of Millennials, 32% of Gen X, and 12% of Baby Boomers have used this payment method. The risks of BNPL While BNPL is a convenient, easy way for consumers to plan for their purchases, experts warn that with lax checkout and identity verification processes it is a target for digital fraud. Experian predicts an uptick in three primary risks for BNPL providers and their customers: identity theft, first-party fraud, and synthetic identity fraud. WATCH: Fraud and Identity Challenges for Fintechs Victims of identity theft can be hit with charges from BNPL providers for products they have never purchased. First-party and synthetic identity risks will emerge as a shopper's buying power grows and the temptation to abandon repayment increases. Fraudsters may use their own or fabricated identities to make purchases with no intent to repay. This leaves the BNPL provider at the risk of unrecoverable monetary losses and can impact the business' risk tolerance, causing them to narrow their lending band and miss out on properly verified consumers. An additional risk lies with fraudsters who may leverage account takeover to gain access to a legitimate user's account and payment information to make unauthorized purchases. READ: Payment Fraud Detection and Prevention: What You Need to Know Mitigating BNPL risks Luckily, there are predictive credit, identity verification, and fraud prevention tools available to help businesses minimize the risks associated with BNPL. Paired with the right data, these tools can give businesses a comprehensive view of consumer payments, including the number of outstanding BNPL loans, total BNPL loan amounts, and BNPL payment status, as well as helping to detect and apply the relevant treatment to different types of fraud. By accurately identifying customers and assessing risk in real-time, businesses can make confident lending and fraud prevention decisions. To learn more about how Experian is enabling the protection of consumer credit scores, better risk assessments, and more inclusive lending, visit us or request a call. And keep an eye out for additional in-depth explorations of our Future of Fraud Forecast. Learn more Future of Fraud Forecast

This article was updated on February 5, 2024. Identity management can refer to how a company creates, verifies, stores, and uses its customers' digital identities. Traditionally, many large organizations relied on a highly segmented and siloed approach. For example, marketing, risk, and support departments might each have a limited view of a customer, and the tools and systems that support their specific purpose. Organizations are now shifting to a more holistic approach to enterprise identity management. By working together, departments help contribute to building a more complete, single view of a customer. Some companies have renewed or increased their focus on the transformation during the pandemic, and the transition to an enterprise-wide identity management strategy can have long-lasting benefits. But it isn't always easy. Challenges of an enterprise-wide identity management strategy Gathering the initial momentum needed to break out of a siloed approach can be particularly challenging for large organizations when each business unit has an ingrained identity system that meets the unit's needs. Smaller organizations might have an easier time gathering consensus, but budget or technological limitations may be serious constraints. Even after a decision is made and the budget gets set aside, organizations need to think through how they'll create and manage a new enterprise-wide identity management system. It's not a one-and-done upgrade. For the strategy to succeed, you'll need to have processes in place to onboard, verify, secure, and activate the new digital identities. READ: What is Effective Multifactor Identity Authentication? Why use an enterprise-wide approach? Motivations and specifics can vary depending on an organization's size and structure, but some companies find a more holistic approach to customer identity management helps them: Improve customer experiences Save money by removing redundancies Boost sales with better-targeted marketing Better understand customers' needs Provide faster and more relevant support Make more informed decisions Detect and prevent fraud These benefits can play out across the entire customer lifecycle, and identity management systems are able to achieve this by pulling in data from various sources to build robust consumer identities and systems. Your internal, first-party data will be the most valuable and insightful, but you can append multidimensional data from third-party sources, such as consumer credit databases, demographic data or device data. And second-party data from partner brands or organizations. READ: Experian 2023 Identity and Fraud Report Consider the regulatory and security challenges An enterprise identity data management approach can also mean re-evaluating the applicable regulations and security challenges. The passage of the E.U.'s General Data Protection Regulation and California Consumer Privacy Act marked an important shift in how companies need to handle consumers' personal information — but that was only the start. Some U.S. states have also passed or are currently considering data privacy laws. Industry-specific regulations can apply as well, particularly in the healthcare and financial services industries. It's not as if a siloed approach lets an organization avoid regulation, but keeping current and upcoming laws in mind can be important during a large digital transformation. Additionally, consider how going beyond the minimum requirements could be beneficial. In a 2023 Experian white paper, we found that 61 percent of consumers want complete control over how companies use their personal data.1 Security also needs to be top of mind for any organization that collects and stores consumers' personal information. An enterprise-wide identity management system may make managing increasing amounts of data easier, which could help decrease fraud risks. And your customers may be willing to help — 67 percent are open to sharing data if it will increase security and help prevent fraud.2 Keeping customers' desires front and center Experian partnered with Aite-Novarica to study enterprise-wide identity management. All but one of the 12 executives interviewed said client experience is a primary or predominant driver in the transformation of their identity management programs.3 Once implemented, a holistic view of customers can increase the experience in many ways: Meaningful engagement: You can deliver relevant and timely offers if you understand when, where and why consumers are interested in your products and services. Similarly, you'll know who isn't a good fit and won't bother them (or waste money) by showing them ads. Verification: Using a single, persistent identity could make the initial and ongoing identity verification an easier process that doesn't disrupt consumers' lives or lead to frustration. Ongoing recognition: Nearly 70 percent of all consumers want businesses to recognize them across multiple visits.3 But you'll need to study your customers to determine how much friction is acceptable. Some people prefer security over convenience and are willing to trade a little time to use extra verification methods. Customer service: Having more insight into a customer's entire history and interactions with your organization can help you quickly respond when an issue arises, or even anticipate and solve potential problems. Security: Nearly two-thirds (64 percent) of consumers say they're very or somewhat concerned with online security.4 Companies that can quickly and accurately identify consumers can also help keep them safe from fraud and identity theft. While these may be some consumers' top concerns today, continue listening to your customers to better understand their wants and needs. WATCH: Webinar: Identity Evolved — Building consumer trust and engagement Implementing an enterprise-wide identity management strategy Identity management can become a daunting task, particularly as new data sources begin to flow. As a result, many organizations turn to outside partners who can help manage part, or all, of the process. For example, an identity management solution may offer identity resolution and help create and host an identity graph (the database that stores the unique digital identities). A more robust offering may also help with other parts of identity management, including ongoing data hygiene and helping you turn your unique customer insights into actionable marketing campaigns. Experience managing vast amounts of data is also important, as is access to additional offline and online data sources. In 2023, Experian found that 85 percent of companies said poor quality customer contact data negatively impacted their operation's processes and efficiency.5 An enterprise-wide system that allows business units to update a single customer profile with the latest contact information might help. But working with a data provider that appends the latest info from outside databases could be a better way to ensure you have customers' latest contact info. When researching potential partners, also consider how their offerings and approach align with your goals. If, like others, improving the customer experience is a priority, make sure the solution provider also has a customer-first approach. In turn, this means security is a top priority — it's what customers want and it's important for protecting you and your reputation. Learn more about Experian's identity management solutions and how you can benefit from working with a company that understands identities are personal. Learn more 1Experian (2023). White paper: Making identities personal 2Ibid. 3Aite-Novarica and Experian (2022). Enterprise Identity Management: Evolving Aspirations and Improved Collaboration Are Transforming the Discipline 4Experian (2023). Identity and Fraud Report 5Experian (2023). White paper: Making identities personal

This article was updated on January 26, 2024. Marketers are facing new challenges as third-party cookies crumble, and people use more devices throughout the day. Someone might comparison shop on their laptop in the morning, do more research on a tablet in the afternoon and finally decide to make a purchase on their phone before falling asleep at night. Being able to track these movements and insert yourself where appropriate can be difficult, but it's not impossible. One solution that's becoming increasingly attractive is creating a unified identity for each customer — and matching every piece of data and touchpoint to the single profile. For this to work, you need identity resolution. What is identity resolution? Identity resolution is the ongoing process of linking various identifying elements to create and expand a unique identity. The multi-step process can include: Securely onboarding data into a system Hashing or tokenizing personal information to improve security and privacy Setting aside information that can't be matched to an identity yet Matching or linking identifiers to a known unique identity Verifying that the identities and identifiers are accurate An identity graph (ID graph) is an essential part of identity resolution. It's the proprietary database that can pull in and store data from different sources and link them to a unique identifier — also known as a persistent identification number. Depending on the system and purpose, identity resolution may focus on creating a single identity for a person, household, or business. The information can come from internal sources, including a customer relationship management (CRM) tool, email marketing platforms, event management platforms, social media accounts, point-of-sales systems, and other digital and offline touchpoints. Additionally, third-party data sources, such as credit or demographic data, can contribute to building a more complete identity. And second-party data — information that's shared between brands or companies — can also be helpful. As new digital and offline information is created or found, it's linked to the existing persistent identification number in the ID graph. The process can happen in different ways. The resolution system could accurately match an engagement to a person with deterministic data, such as a hashed email address, assuming they logged in. If the person didn't log in, a probabilistic model may be able to accurately attribute the session to the person's identity based on indicators that it's likely the same person, such as a device ID or behavioral data. A hybrid approach combines deterministic and probabilistic approaches, which could be important for scaling. The goal and end result is often called a holistic, single-unified, or 360-degree view of a customer. READ MORE: Making identities personal Why does identity resolution matter? Identity resolution lets you know with whom you're connecting, which can be important throughout a customer's lifecycle. From marketing to collections, you want to be able to engage the right person on the right channel with the right offer. And that's only possible when you can accurately identify people. Consistent and accurate identity resolution is difficult, though. Experian's 2023 Identity and Fraud Report found that 92% of businesses have a strategy in place for identifying consumers online. But 63% of consumers are either "somewhat confident" or "not very confident" that businesses can accurately recognize them online. What are the benefits of identity resolution? It's a worthy goal to push toward, because you can use identity resolution solutions to: Consolidate your view of customers Companies may have multiple profiles of the same customer — one from an email list, another from their loyalty program and a third from an outdated system. Your customers are also interacting with you in different ways, perhaps logging into an account from their laptop in the morning while visiting your site from a phone at night. Identity resolution lets you connect all these elements to create a single profile. Build targeted and measurable marketing campaigns Once you have a single and consistent view of your customers, you can more accurately segment and target your marketing campaigns. Personalizing messages can increase engagement and effectiveness. And, equally important, knowing to who you don't want to send messages can help you avoid wasting marketing spending. Some identity resolution services can also help you track anonymous visitors and customize your marketing with look-alike models, which can identify people who are likely part of your target audience. You'll also be able to more accurately measure the effectiveness of a campaign. With a single customer view, it's easier to know if and how a targeted social media ad, television spot and emailed coupon worked together to create a sale. Increase customer experiences across brands When implemented throughout an organization, you can also use the single view of a customer to create a consistent experience across brands and business units. Each can benefit from a more holistic understanding of the customer and can contribute to building out customers' profiles.  Seamlessly confirm identities Identity resolution can also create a more frictionless experience for customers who want to create or log into your site, and it can help with detecting fraud and high-risk consumers. But keep data security top of mind. Consumers rank privacy (79%) and security (78%) much higher than login convenience (38%) when considering their online experience. What does an identity resolution solution look like? The need for and type of identity resolution can vary depending on a business' challenges and goals. For instance, large retailers often have a lot of first-party data — so much that it may be overwhelming. For them, an identity resolution solution that can organize internal data while enhancing it with external data points could be a priority. In contrast, a business with infrequent touchpoints might not have as much first-party data and could benefit from a solution that offers as much external information as possible. Some organizations are building their own internal identity resolution services to address these challenges, but many are looking to outside partners for identity resolution. When comparing partners, consider: Flexibility and scalability: Understand which data the solution can onboard and how quickly it can onboard data. Consider whether you'll want to be able to use real-time APIs or batch processing, and the limitations on how much data the provider can process at a time. Additionally, consider whether the ID graph will use persistent IDs that can change as you scale. Matching and analysis: Ask about the solution's approach and success with matching online and offline data and the options to integrate or append second and third-party data. If you want to be able to securely and privately share anonymized identities internally or with partners, make sure that's an option as well. Integration: Research whether the provider can easily integrate your existing services and vendors. Privacy: 73% of consumers say it's a business's responsibility to protect them online. Ask about the provider's experience and approach to storing and anonymizing data. Some solutions also have built-in activation tools. These let you build and launch omni-channel campaigns. They also analyze and report on how well your campaigns are performing. Get started today To learn more about the importance of digital identity and Experian's identity solutions, visit us today. Learn more

Online identity verification has become a basic necessity for everyday life. Consumers today might expect to upload a picture of their driver's license or answer security questions before creating a new account. And it's crucial to them — 63% say it's extremely or very important for businesses to be able to recognize them online. While many organizations have a consumer recognition strategy, moving from strategy to action and then getting the desired result isn't easy. That's particularly true when you're working to create seamless experiences for customers while fighting increasingly sophisticated fraudsters. Why is online identity verification challenging? Identity verification in the physical world might be as simple as checking a government-issued ID card — and perhaps an additional form of identification (or two) when the stakes are higher. Verification becomes more complicated as you move into the digital realm, especially when you need to automate decisions. There are many specific challenges to overcome, but some of the main ones fall into four categories. Finding the right friction: In an ideal world, every legitimate user will flow through your verification checks with ease. In reality, you may need to introduce some roadblocks to comply with know your customer (KYC) rules and prevent fraud. Finding the friction-right balance can be tricky. Accessing and using data: Using expanded data sources, such as behavior and device info, can improve outcomes without adding friction. But simply having more data isn’t the goal. You need to be able to organize, process and use the data in a compliant manner to quickly and accurately verify identities. Fighting fraud: You’re up against formidable foes who consistently test your systems for weaknesses and share the results with other fraudsters. You have to be able to spot first-party fraud, identity thieves and synthetic identities. Securing the data: Accessing and storing customer data is vital for a successful identity verification system, but it’s your responsibility to securely protect customers’ data. It also may be a legal requirement, and you need to be mindful of all the applicable regulations. These aren't fixed challenges that you can overcome in a single hurdle. Consumer preferences, fraud tactics and regulations are continually evolving, and your identity verification platform needs to keep up. Potential benefits throughout the customer lifecycle Companies that want to create, manage and continuously identify consumers are starting to take an enterprise-wide approach that relies on creating a single-customer view. The idea is to have a single identity that you can expand as you learn more about a person’s preferences and behavior. Otherwise, business units can wind up with fragmented views that lead to jumbled messaging, errors and missed opportunities. While it can be difficult to implement well, the single-view approach can also be powerful in action: Targeting and onboarding: Marketing, acquisition and onboarding aren’t necessarily handled by the same teams, but a smooth process can create a lasting good impression. There are also recent developments that can provide pre-fill capabilities with their identification verification solutions, which can create a nearly friction-free onboarding process. Prevent fraud: The single-view approach also lets you leverage cross-device and real-time data to detect and prevent fraud, and determine the right-size verification method. Using identity graphs to verify identities in real-time can also help you detect fraud, including account takeovers and first-party fraud. Customer experience: Consistently identifying customers can improve their experience — particularly when different departments can easily access and update the same identification material. In turn, this can lead to brand loyalty and the potential to upsell and cross-sell customers. The need for accurate verification is growing as people spend more time living and shopping online. Only 16% of consumers are confident businesses can consistently recognize them online, which also means there’s an opportunity to surprise and delight the skeptics. What do consumers want? Most people want to be recognized as they move throughout their digital lives. But data breaches and identity theft continuously make headlines, and people aren't ignorant of the dangers of sharing their personal information. In fact, consumers ranked identity theft (80%) as their top online security concern, a sizable +20% jump from the previous year. Finding the right balance of privacy, security and due diligence is important for earning customers' trust. However, the best approach to online identity verification may depend on who your customers are and how they interact with your products and services. Finding a great online identity verification partner Knowing how important online identity verification can be for the success of your business, you need to be sure that the digital identity solutions providers you partner with can meet your current and future needs. A good fit can: Give you access to multidimensional data: You can use online and offline data to support your digital identity verification systems. Some vendors can also help you use internal data,deterministic dataand outputs from probabilistic models to improve your results. Scale to meet future challenges: Many businesses are exploring how to use machine learning and artificial intelligencefor identity resolution and verification. These can be especially powerful when combined with robust data sources and may become more important as additional data sources come online. Protect your business: Identity verification solutions need to help you comply with the regulatory requirements and detect fraud with low false-positive rates to protect your business. First and foremost, you want to work with a partner who knows thatidentity is personal. Your customers are more than data points, and putting their needs and wants first will ultimately help you earn their trust and business. Learn more about Experian’s customer-centric identity verification solutions. Learn more

Financial institutions, merchants, and e-commerce platforms are no strangers to fraud, especially in the realm of payments. With the rise of digital currency, fraudsters are becoming more inventive, making it increasingly difficult to detect and prevent payment fraud. In this blog post, we discuss payment fraud and ways to protect your organization and your customers. What is payment fraud? Payment fraud occurs when someone uses false or stolen payment information to make a purchase or transaction. The most common types of payment fraud include: Phishing: Through emails or text messages, scammers disguise themselves as trustworthy sources to lure recipients into sharing their personal information, such as account passwords and credit card numbers. Card not present fraud: This type of fraud is one of the most challenging forms of payment fraud to detect and prevent. It occurs when a criminal uses a stolen or compromised credit card to make a purchase online, in-person, or by other means where the card is not physically present at the time of the transaction. Account takeover fraud: This type of fraud occurs when fraudsters gain unauthorized access to an individual’s account and carry out fraudulent transactions. They take over accounts by gathering and using personal or financial details to impersonate their victims. The rise of online payment fraud Online payments have become a prime destination for fraudsters as more consumers choose to store card details and make purchases digitally. As a result, consumers believe that it’s the responsibility of businesses to protect them online. If there’s a lack of trust and safety, consumers will have no problem switching providers, leading to declines in customer loyalty and monetary losses for organizations. No matter the type of payment fraud, it can result in devastating consequences for your organization and your customers. According to Experian’s 2024 U.S. Identity and Fraud Report, fraud scams and bank fraud schemes resulted in more than $458 billion in losses globally. On the consumer side, 52 million Americans had fraudulent charges on their credit or debit cards, with unauthorized purchases exceeding $5 billion. Given these findings, it’s more important than ever to implement robust online payment fraud detection and prevention measures. How can payment fraud be detected and prevented? Approaches to payment fraud detection and prevention have evolved over time. Some of the current and emerging trends include: Additional layers of security: Security measures like two-factor authentication, a CVV code, and a billing zip code can help verify a customer’s identity and make it more difficult for fraudsters to complete a transaction. Enhanced identity verification: A credit card owner verification solution, like Experian LinkTM, matches the customer identity with the credit card being presented for payment, allowing businesses to make better decisions, reduce false declines, and protect legitimate customers. Artificial intelligence (AI) and machine learning: AI-powered models and machine learning algorithms can identify patterns consistent with fraudulent activity in real time, resulting in proactive fraud prevention and reduced financial losses. Behavioral analytics: Using behavioral analytics to monitor user behavior, such as how they navigate a website or interact with the payment process, can help identify inconsistencies and potential fraud. Token-based authentication: Tokenization protects card information by replacing sensitive data with a unique identifier (token), which makes data breaches less damaging. How Experian can help As the payments landscape continues to evolve, so do fraudsters. Experian offers a wide range of payment fraud analytics, account takeover fraud prevention and fraud management solutions that allow you to better detect and prevent payment fraud. Your organization’s reputation and your customers’ trust shouldn’t be compromised. To learn more, visit us today. Learn more This article includes content created by an AI language model and is intended to provide general information.

It is a New Year and a new start. How about a new job? That is what thousands of employees will consider over the next month. It is also a time for employers to attract new talents, but they must be aware of different types of employment fraud. The rise of remote work has significantly increased the prevalence of remote hiring practices, from the initial job application to the onboarding process and beyond. Unfortunately, this shift has also opened the door to a surge in imposter employees, also known as ‘candidate fraud,’ posing a significant concern for organizations.  How does employment identity theft happen?  Instances of potential job candidates utilizing real-time deepfake video and deepfake audio, along with personally identifiable information (PII), during remote interviews to secure positions within American companies have been on the rise. The Federal Bureau of Investigation (FBI) reports that fraudulent individuals often acquire PII through fake job opening posts, which enable them to gather candidate information and resumes. Surprisingly, the tools necessary for impersonation on live video calls do not require sophisticated or expensive hardware or software. Employment identity theft can occur in several ways. Here are a few examples:  Inaccurate credentials: Employers may inadvertently hire someone with false or stolen credentials if they fail to conduct comprehensive background checks. When the employer discovers the deception, it can be challenging to trace the true identity of the person they unknowingly hired.  Limited-term job offers: Some industries offer temporary job opportunities in distant locations. Individuals with criminal backgrounds may steal victims' identities to apply for these jobs, hoping that their crimes will go unnoticed until after the job is complete.  Perpetrated by colleagues: In rare instances, jealous colleagues or coworkers can commit employment identity theft. They may steal a coworker's information during a data breach and sell it on the dark web or use the victim's credentials to frame them for fraudulent workplace actions.  Preventing employment identity theft  In addition to the reported cases of imposter employee fraud, it is crucial to acknowledge the potential for other scams that exploit new technologies and the prevalence of remote work. Malicious cyber attackers could secure employment using stolen credentials, enabling them to gain unauthorized access to sensitive data or company systems. A proficient hacker possessing the necessary IT skills may find it relatively easy to leverage social engineering techniques during the hiring process. Consequently, the reliability of traditional methods for employee verification, such as face-to-face interactions and personal recognition, is diminishing in the face of remote work and the technological advancements that enable individuals to manipulate their appearance, voice, and identity. To mitigate risks associated with hiring imposters, it is imperative to incorporate robust measures into the recruitment process. Here are some key considerations:  Establish clear policies and employment contracts: Clearly communicate your organization's policies regarding moonlighting in employment contracts, employee handbooks, or other official documents.   Confidentiality and non-compete agreements: Implement confidentiality and non-compete agreements to protect your company's sensitive information and intellectual property.   Monitoring: Automate employment and income verification of your employees.  Provide training on cybersecurity best practices: Educate employees about cyber-attacks and identity scams, such as phishing scams, through seminars and workplace training sessions.  Implement robust security measures: Use firewalls, encrypt sensitive employee information, and limit access to personal data. Minimize the number of employees who have access to this information.  Thoroughly screen new employees: Verify the accuracy of Social Security numbers and other information during the hiring process. Conduct comprehensive background checks, including checking bank account information and credit reports and fight against synthetic identities.  Offer identity theft protection as a benefit: Consider providing identity theft protection services to your employees as part of their benefits package. These services can detect and alert victims of potential identity theft, facilitating a fast response.  The new era of remote work necessitates a fresh perspective on the hiring process. It is crucial to reevaluate HR practices and leverage AI fraud detection technologies to ensure that the individuals you hire, and employ are who they claim to be, guarding against the infiltration of imposters.  Navigating employment fraud with effective solutions  Employment fraud presents significant risks and challenges for employers, including conflicts of interest, reputation damage, and breaches of confidentiality. By taking the right preventative measures, you can safeguard your organization and employees.  Streamlining the hiring process is essential to remain competitive. But how do you balance the need for speed and ease of use with essential ID checks?  By combining the best data with our automated ID verification processes, Experian helps you protect your business and onboard new talents efficiently. Our best-in-class solutions employ device recognition, behavioral biometrics, machine learning and global fraud databases to spot and block suspicious activity before it becomes a problem.  Learn more about preventing employement fraud *This article includes content created by an AI language model and is intended to provide general information.