Tag: first party fraud

Fraud and identity theft in the automotive industry continue to make headlines with the result bringing significant monetary losses for dealers. In 2022, more than 60% of automotive dealerships filed cases of identity theft losing three or more vehicles, with 84% saying there has been a noticeable increase in identity fraud since the pandemic. Even though dealers understand that fraud is on the rise, 66% stated they lacked adequate identity fraud protections [1]. In a recent episode of the Used Car Dealer Podcast, host Zach Klempf, spoke with Kanchana Sundaram, Experian's senior director of product and innovation for automotive, to discuss Fraud Protect, a new tool from Experian that helps dealers combat fraud. During the interview, Kanchana highlighted how dealers can use Fraud Protect to better identify potentially fraudulent behavior, without slowing down the sales process and still maintaining a positive experience for both them and the consumer. By leveraging the latest technology and advanced analytics, dealers are able to detect some of the most common fraud types that include: Third-party fraud: Fraudsters steal an individual’s identity to purchase a vehicle First-party fraud: A person knowingly misrepresents their identity or provides false information, often with the intention of not paying for the vehicle Synthetic identity fraud: Fraudsters create fake identities and build credit profiles over time before using them to finance a vehicle they do not intend to pay for The episode is now available across all major podcast platforms, click the link to watch: YouTube To learn more about Fraud Protect, visit Experian’s auto fraud prevention solutions webpage. For more information on the Used Car Dealer Podcast, visit https://www.sellyautomotive.com/podcast Facebook – @SellyAutomotive ‘X’ – @SellyAutomotive LinkedIn – @SellyAutomotive 1. https://www.elendsolutions.com/research/2022-Identity-Fraud-Survey-Report/

This article was updated on November 9, 2023. Fraud – it’s a word that comes up in conversations across every industry. While there’s a general awareness that fraud is on the rise and is constantly evolving, for many the full impact of fraud is misunderstood and underestimated. At the heart of this challenge is the tendency to lump different types of fraud together into one big problem, and then look for a single solution that addresses it. It’s as if we’re trying to figure out how to un-bake a terrible cake instead of thinking about the ingredients and the process needed to put them together in the first place. This is the first of a series of articles in which we’ll look at some of the key ingredients that create different types of fraud, including first party, third party, synthetic identity, and account takeover. We’ll talk about why they’re unique and why we need to approach each one differently. At the end of the series, we’ll get a result that’s easier to digest. I had second thoughts about the cake metaphor, but in truth it really works. Creating a good fraud risk management process is a lot like baking. We need to know the ingredients and some tried-and-true methods to get the best result. With that foundation in place, we can look for ways to improve the outcome every time. Let’s start with a look at the best known type of fraud, third party. What is third-party fraud? Third-party fraud – generally known as identity theft – occurs when a malicious actor uses another person’s identifying information to open new accounts without the knowledge of the individual whose information is being used. When you consider first-party vs third-party fraud, or synthetic identity fraud, third-party stands out because it involves an identifiable victim that’s willing to collaborate in the investigation and resolution, for the simple reason that they don’t want to be responsible for the obligation made under their name. Third-party fraud is often the only type of activity that’s classified as fraud by financial institutions. The presence of an identifiable victim creates a high level of certainty that fraud has indeed occurred. That certainty enables financial institutions to properly categorize the losses. Since there is a victim associated with it, third party fraud tends to have a shorter lifespan than other types. When victims become aware of what’s happening, they generally take steps to protect themselves and intervene where they know their identity has been potentially misused. As a result, the timeline for third-party fraud is shorter, with fraudsters acting quickly to maximize the funds they’re able to amass before busting out. How does third-party fraud impact me? As the digital transformation continues, more and more personally identifiable information (PII) is available on the dark web due to data breaches and phishing scams. Given that consumer spending is expected to increase1, we anticipate that the amount of PII readily available to criminals will only continue to grow. All of this will lead to identity theft and increase the risk of third-party fraud. More than $43 billion in total losses was reported due to identity theft and fraud in the U.S. in 2022.2 Solving the third-party fraud problem We’ve examined one part of the fraud problem, and it is a complex one. With Experian as your partner, solving for it isn’t. Continuing my cake metaphor, by following the right steps and including the right ingredients, businesses can detect and prevent fraud. Third-party fraud detection and prevention involves two distinct steps. Analytics: Driven by extensive data that captures the ways in which people present their identity—plus artificial intelligence and machine learning—good analytics can detect inconsistencies, and patterns of usage that are out of character for the person, or similar to past instances of known fraud. Verification: The advantage of dealing with third-party fraud is the availability of a victim that will confirm when fraud is happening. The verification step refers to the process of making contact with the identity owner to obtain that confirmation and may involve identity resolution. It does require some thought and discipline to make sure that the contact information used leads to the identity owner—and not to the fraudster. In a series of articles, we’ll be exploring first-party fraud, synthetic identity fraud, and account takeover fraud and how a layered fraud management solution can help keep your business and customers safe and manage third-party fraud detection, first-party fraud, synthetic identity fraud, and account takeover fraud prevention. Let us know if you’d like to learn more about how Experian is using our identity expertise, data, and analytics to create robust fraud prevention solutions. Contact us 1 Experian Ascend Sandbox 2 2023 U.S. Identity and Fraud Report, Experian.

In a series of articles, we talk about different types of fraud and how to best solve for them. This article will explore first-party fraud and how it's similar to biting into a cookie you think is chocolate chip, only to find that it’s filled with raisins. The raisins in the cookie were hiding in plain sight, indistinguishable from chocolate chips without a closer look, much like first-party fraudsters. What is first-party fraud? First-party fraud refers to instances when an individual purposely misrepresents their identity in exchange for goods or services. In the financial services industry, it's often miscategorized as credit loss and written off as bad debt, which causes problems when organizations later try to determine how much they’ve lost to fraud versus credit risk. Common types of first-party fraud include: Chargeback fraud: Also known as "friendly fraud," chargeback fraud occurs when an individual knowingly makes a purchase with their credit card and then requests a chargeback from the issuer, claiming they didn't authorize the purchase. Application fraud: This takes place when an individual uses stolen or manipulated information to apply for a loan, credit card or job. In 2023, the employment sector accounted for 45% of all false document submissions — 70% of those who falsified their resumes still got hired. Fronting: Done to get cheaper rates, this form of insurance fraud happens when a young or inexperienced individual is deliberately listed as a named driver, when they're actually the main driver of the vehicle. Goods lost in transit fraud (GLIT): This occurs when an individual claims the goods they purchased online did not arrive. To put it simply, the individual is getting a refund for something they actually already received. A first-party fraudster can also recruit “money mules” — individuals who are persuaded to use their own information to obtain credit or merchandise on behalf of a larger fraud ring. This type of fraud has become especially prevalent as more consumers are active online. Money mules constitute up to 0.3% of accounts at U.S. financial institutions, or an estimated $3 billion in fraudulent transfers. How does it impact my organization? Firstly, there are often substantial losses associated with first-party fraud. An imperfect first-party fraud solution can also strain relationships with good customers and hinder growth. When lenders have to interpret actions and behavior to assess customers, there’s a lot of room for error and losses. Those same losses hinder growth when, as mentioned before, businesses anticipate credit losses that aren’t actually credit losses. This type of fraud isn’t a single-time event, and it doesn’t occur at just one point in the customer lifecycle. It occurs when good customers develop fraudulent intent, when new applicants who have positive history with other lenders have recently changed circumstances or when seemingly good applicants have manipulated their identities to mask previous defaults. Finally, first-party fraud impacts how your organization categorizes and manages risk – and that’s something that touches every department. Solving the first-party fraud problem First-party fraud detection requires a change in how we think about the fraud problem. It starts with the ability to separate first- and third-party fraud to treat them differently. Because first-party fraud doesn’t have a victim, you can’t work with the person whose information was stolen to confirm the fraud. Instead, you’ll have to implement a consistent monitoring system and make a determination internally when fraud is suspected. As we’ve already discussed, the fraud problem is complex. However with a partner like Experian, you can leverage the fraud risk management strategies required to perform a closer examination and the ability to differentiate between the types of fraud so you can determine the best course of action moving forward. Additionally, our robust fraud management solutions can be used for synthetic identity fraud and account takeover fraud prevention, which can help you minimize customer friction to improve and deepen your relationships while preventing fraud. Contact us if you’d like to learn more about how Experian is using our identity expertise, data and analytics to improve identity resolution and detect and prevent all types of fraud. Contact us

More than half of U.S. businesses say they discuss fraud management often, making fraud detection in banking top-of-mind. Banking fraud prevention can seem daunting, but with the proper tools, banks, credit unions, fintechs, and other financial institutions can frustrate and root out fraudsters while maintaining a positive experience for good customers. What is banking fraud? Banking fraud is a type of financial crime that uses illegal means to obtain money, assets, or other property owned or held by a bank, other financial institution, or customers of the bank. This type of fraud can be difficult to detect when misclassified as credit risk or written off as a loss rather than investigated and prevented in the future. Fraud that impacts financial institutions consists of small-scale one-off events or larger efforts perpetrated by fraud rings. Not long ago, many of the techniques utilized by fraudsters required in-person or phone-based activities. Now, many of these activities are online, making it easier for fraudsters to disguise their intent and perpetrate multiple attacks at once or in sequence. Banking fraud can include: Identity theft: When a bad actor steals a consumer’s personal information and uses it to take money, open credit accounts, make purchases, and more. Check fraud: This type of fraud occurs when a fraudster writes a bad check, forges information, or steals and alters someone else’s check. Credit card fraud: A form of identity theft where a bad actor makes purchases or gets a cash advance in the name of an unsuspecting consumer. The fraudster may takeover an existing account by gaining access to account numbers online, steal a physical card, or open a new account in someone else’s name.  Phishing: These malicious efforts allow scammers to steal personal and account information through use of email, or in the case of smishing, through text messages. The fraudster often sends a link to the consumer that looks legitimate but is designed to steal login information, personally identifiable information, and more. Direct deposit account fraud: Also known as DDA fraud, criminals monetize stolen information to open new accounts and divert funds from payroll, assistance programs, and more. Unfortunately, this type of fraud doesn’t just lead to lost funds – it also exposes consumer data, impacts banks’ reputations, and has larger implications for the financial system. Today, top concerns for banks include generative AI (GenAI) fraud, peer-to-peer (P2P) payment scams, identity theft and transaction fraud. Without the proper detection and prevention techniques, it’s difficult for banks to keep fraudsters perpetrating these schemes out. What is banking fraud prevention? Detecting and preventing banking fraud consists of a set of techniques and tasks that help protect customers, assets and systems from those with malicious intent. Risk management solutions for banks identify fraudulent access attempts, suspicious transfer requests, signs of false identities, and more. The financial industry is constantly evolving, and so are fraudsters. As a result, it’s important for organizations to stay ahead of the curve by investing in new fraud prevention technologies. Depending on the size and sophistication of your institution, the tools and techniques that comprise your banking fraud prevention solutions may look different. However, every strategy should include multiple layers of friction designed to trip up fraudsters enough to abandon their efforts, and include flags for suspicious activity and other indicators that a user or transaction requires further scrutiny.   Some of the emerging trends in banking fraud prevention include: Use of artificial intelligence (AI) and machine learning (ML). While these technologies aren’t new, they are finding footing across industries as they can be used to identify patterns consistent with fraudulent activity – some of which are difficult or time-consuming to detect with traditional methods. Behavioral analytics and biometrics. By noting standard customer behaviors — e.g., which devices they use and when — and how they use those devices — looking for markers of human behavior vs. bot or fraud ring activity — organizations can flag riskier users for additional authentication and verification. Leveraging additional data sources. By looking beyond standard credit reports when opening credit accounts, organizations can better detect signs of identity theft, synthetic identities, and even potential first-party fraud.     With real-time fraud detection tools in place, financial institutions can more easily identify good consumers and allow them to complete their requests while applying the right amount and type of friction to detect and prevent fraud.   How to prevent and detect banking fraud In order to be successful in the fight against fraud and keep yourself and your customers safe, financial institutions of all sizes and types must: Balance risk mitigation with the customer experience Ensure seamless interactions across platforms for known consumers who present little to no risk Leverage proper identity resolution and verification tools Recognize good consumers and apply the proper fraud mitigation techniques to riskier scenarios With Experian’s interconnected approach to fraud detection in banking, incorporating data, analytics, fraud risk scores, device intelligence, and more, you can track and assess various activities and determine where additional authentication, friction, or human intervention is required. Learn more

Written by: Mihail Blagoev As there is talk about the global economy potentially heading into a recession, while some suggest that it has already started, there is an expectation that many of the world's countries will see their economic output decline in the next couple of months or a year. Among the negative trends that can occur during a recession are companies making fewer sales and people losing their jobs. Unfortunately, just like any other economic crisis, fraud is expected to go in the opposite direction as criminals continue finding innovative ways to attack consumers when they’re most vulnerable. There is also a concern that first-party fraud attempts might rise as genuine consumers are pushed over the edge by inflation and economic uncertainty. With that in mind, here are six fraud trends that are likely to happen during a recession: Fraudsters exploiting the vulnerable  It is well-documented that fraudsters found numerous ways to exploit the vulnerable during the pandemic. Unfortunately, this is expected to happen again in the coming months. As the cost of living rises, criminals will try to use that in their favor by looking for people who can't pay their utility bills or can't afford the price of gas or even food. Fraudsters will try to exploit that by offering them deals, discounts, refunds, or just about anything that will make people believe they are paying less for something that has increased in value or is out of reach at its normal price. Fraudsters have two main goals behind these tactics – stealing personal information to use in other crimes or gaining immediate financial benefits. Although their tactics are well-known – applying pressure on their victims to make quick decisions or offering them something that sounds like a great deal, but in truth, it isn't – that won't prevent them from trying. These scams show that, unlike in other industries, criminals do not rely on high success rates to achieve their goals. All they need is one or two victims out of every few hundred to fall for their schemes. Loan origination fraud Periods of financial instability often result in an increase in first-party fraud, among others. This could take many forms, and there is a possibility for an increase in fraudulent loan applications by genuine consumers to be among the most popular ones. In this type of fraud, bad actors lie on registration forms or applications to gain access to funds they wouldn't normally receive if they added their real information. That could be done by lying about their income and employment information, usually inflating their salaries, extending the amount of time they worked for a certain company, or simply adding a company they have never worked for. Other popular forgeries include anything from supplying fake phone numbers and addresses to providing fake bank statements and utility bills. Money mules Recessions can result in layoffs or people looking for work not being able to find any. That's another opportunity for fraudsters to exploit the vulnerable by offering them “jobs.” This could be achieved by posting job ads on real employment websites or social media. Once recruited, people are asked to open new bank accounts or use their previously opened accounts to transfer funds to accounts that are in the possession of criminals. In the end, the funds get laundered, while the genuine account holder receives a fee for the service. People of all ages are a possible target, but this is especially true for younger generations who often don't understand the consequences of their activities.  Friendly fraud Another type of first-party fraud that could go up as a result of the increased economic pressures could be friendly fraud. In this type of fraud that mostly affects the retail industry, consumers charge back genuine payments made by them in order to end up with both the product purchased and the funds for it back in their possession. They could then keep the product or quickly resell it for less than its original value. Luxury goods and electronics could be especially attractive for this type of fraud. Claiming non-deliveries or transactions not being recognized could be among the top reasons used for charging back the transactions. Investment fraud During times of economic hardship, people are often looking for ways to keep their savings from getting eaten by inflation. Investments in property could be one solution, but as it is not affordable for everyone, people are also looking for other ways to invest their money. While this isn’t exactly a vulnerability, it is something that criminals are looking to exploit greatly. They usually reach out to potential victims through social media while also presenting them with fake websites that mimic those by real investors. The opportunities being offered can range from cryptocurrency to various schemes and products that don’t exist or are worthless. However, after the criminals obtain possession of the funds, they discontinue their contact with the victims. Fake goods While this shouldn't happen to the same extent that was seen in 2020, there is a chance that some goods might disappear from certain markets. There could be a variety of reasons for that, from companies limiting their production or going out of business due to inability to pay their bills or shortage in sales to issues with supply chains due to the high gas and oil prices. Expect fraudsters to be the first to move in if there are shortages and start offering fake products or goods that will never arrive.  It is still difficult to measure if or when a recession will hit each corner of the world or how long it will take for the next phase in the financial cycle to begin. However, one thing that is certain is that the longer it takes the economy to settle, the more opportunities criminals will have to benefit from their schemes and come up with new ways to defraud people. Businesses should monitor the fraud environment around them closely and be ready to adjust their fraud management strategies quickly. They should also understand the complexity of the problems in front of them and that they will likely need a mixture of capabilities to sort them out while keeping their customer base happy. This is where fraud orchestration platforms could help by offering the needed solutions to solve multiple fraud issues and the flexibility to turn any of these tools on and off when needed. Contact us

What is elder abuse fraud? Financial abuse is reportedly the fastest-growing form of elder abuse, leaving many Americans vulnerable to theft scams, and putting businesses and other organizations on the frontlines to provide protection and help prevent fraud losses.   Financial elder abuse fraud occurs when someone illegally uses a senior’s money or other property. This can be someone they know, or a third party – like fraudsters who are perpetrating romance scams Older consumers and other vulnerable digital newbies were prime targets for this type of abuse during the start of the pandemic when many of them became active online for the first time or started transacting in new ways. This made them especially attractive targets for social engineering (when a fraudster manipulates a person to divulge confidential or private information) and account takeover fraud. While most of us have become used to life online (in fact, there’s been a 25% increase in online activity since the start of the pandemic), some seniors still have risky habits such as poor password maintenance, that can make them more attractive targets for fraudsters. What is the impact of elder abuse fraud? According to the FBI’s Internet Crime Complaint Center (IC3), elder abuse fraud cost Americans over the age of 60 more than $966 million in 2020. In addition to the direct cost to consumers, elder abuse fraud can leave organizations vulnerable to the fallout from data breaches via account takeover, and lost time and money spent helping seniors and other vulnerable Americans recoup their losses, reset accounts, and more. Further, the victim may associate the fraud with the bank, healthcare provider, or other businesses where the account was taken over and decide to stop utilizing that entity all together. How can organizations prevent elder abuse fraud? Preventing elder abuse fraud can take many forms. Organizations should start with a robust fraud management solution that can help prevent account takeover, first-party, synthetic identity fraud, and more. This platform should also include the ability to use data analysis to detect and flag sudden changes in financial behavior, online activities, and transaction locations that could indicate abuse or takeover of the account. With the right fraud strategy in place, organizations can help prevent fraud and build trust with older generations. Given that 95% of Baby Boomers cite security as the most important aspect of their online experience, this step is too important to miss.   To learn more about how Experian is helping organizations develop and maintain effective fraud and identity solutions, be sure to visit us or request a call. Contact us  

Earlier this year, we shared our predictions for five fraud threats facing businesses in 2021. Now that we’ve reached the midpoint of the year and economic recovery is underway, we’re taking another look at how these threats can impact businesses and consumers.   Putting a Face to Frankenstein IDs: Synthetic identity fraudsters will attempt to bypass fraud detection methods by using AI to combine facial characteristics from different people to form a new identity. Overexposure: As many as 80% of SSNs may have been exposed on the dark web, creating opportunities for account application fraud. The Heist: Surges in data breaches, advances in automation, expanded online banking services and vulnerabilities exposed from social engineering mistakes have lead to rises in account takeover fraud. Overstimulated: Opportunistic fraudsters may take advantage of ongoing relief payments by using stolen data from consumers. Behind the Times: Businesses with lackluster fraud prevention tools and insufficient online security technology will likely experience more attacks and suffer larger losses.   To learn more about upcoming fraud threats and how to protect your business, download our new infographic and check out Experian’s fraud prevention solutions. Download infographic Request a call

In today’s digital-first environment, fraud threats are growing in sophistication and scope. It’s critical for credit unions to not only understand the specific threats presented by life online, but to also be prepared with a solid fraud detection and prevention plan. Below, we’ve outlined a few fraud trends that credit unions should be aware of and prepared to address. 2021 Trends to Watch: Digitization and the Movement to Life Online Trend #1: Digital Acceleration As we look ahead to the rest of 2021 and beyond, we expect to see adoption of digital strategies nearing the top of credit unions’ list of priorities. Members’ expectations for their digital experience have permanently shifted, and many credit unions now have members using online channels who traditionally wouldn’t have. This has led to a change in the types of fraud we see as online activities increased in volume. Trend #2: First-Party Fraud is On the Rise First party fraud is on the rise – 43% of financial executives say that mule activity is up 10% or more compared to attack rates prior to the pandemic, according to Trace Fooshee, Senior Analyst for Aite Group, and we expect to see this number grow. The ability for credit unions to identify and segregate the “good guys” from “bad guys” is getting more difficult to discern and this detail is more important than ever as credit unions work to create frictionless digital experiences by using digital tools and strategies. Trend #3: Continual Uptick in Synthetic Identity Fraud We expect synthetic identity fraud (SID) to continue to rise in 2021 as cybercriminals become more sophisticated in the digital space and as members continue with their new digital habits. Additionally, fraudsters can use SIDs to bring significant damage and loss to credit unions through fraudulent checks, debit cards, person-to-person and automated clearing house (ACH) transactions. More and more, fraudsters are seen opening accounts and remaining very patient – using an account to build and nurture a trusted relationship with the credit union and then remain dormant for two years before ensuing in any sort of abuse. Once the fraudster feels confident that they can bypass authentication processes or avoid a new product vetting, oftentimes, they will take that opportunity to get easy access to all solutions credit unions have available and will abuse them all at once. There are no signs of fraud slowing, so credit unions will need to stay vigilant in their fraud protection and prevention plans. We’ve outlined a few tips for credit unions to help protect member data while reducing risk. The Fight Against Fraud: Four Key Tips Tip #1: Manage Each Fraud Type Appropriately Preventing and detecting fraud requires a multi-level solution. This can involve new methods for authenticating current and prospective members, as well as incorporating synthetic identity services and identity proofing throughout the member lifecycle. For example, credit unions should consider taking extra verification steps during the account opening process as a preventative measure to minimize SID infiltration and associated fraud losses. As credit unions continue down the path of digitization, it’s also important to add in digital signals and behavior-based verification, such as information about the device a consumer is logging in from to heighten defenses against bad actors. Tip #2: Be Resourceful In the wake of the COVID-19 pandemic, many have asked, “How should credit unions approach fraud prevention tactics when in-person contact is limited or unavailable?” In some cases, you might need to be willing to say no to requests or get creative and find other options. Sometimes, it takes leveraging current resources and using what’s readily available to allow for a binary decision tree. For example, if you’re suspicious of a dormant account that you think could be synthetic, call them, and ask yourself these questions: Did they answer? Was the phone still active? Send the account holder an email – did you get a reply? Is this a new member? Is this a new channel for the member? Could they have logged on to do this instead of calling the call center? Tip #3: Empower Members Through Education Members like to know that their credit unions are taking the necessary steps and applying the right measures to keep their data secure. While members might not want every detail, they do want to know that the security measures are there. Require the use of strong passwords, step-up authentication, and empower members with alerts, notifications, and card controls. Additionally, protect members by providing resources like trainings, webinars, and best practices articles, where they can learn about current cyber trends and how to protect their data. Tip #4: Trust Data Many credit unions rely on an employee’s decision to decide when to take action and what action to take. The challenge with this approach comes when the credit union needs to reduce friction for members or tighten controls to prevent fraud, because it’s extremely hard to know exactly what drove prior actions. A better alternative is to rely on scores and specific data. Tweaks to the scores or data points that drive actions allow credit unions to achieve the desired member experience and risk tolerance – just be sure to leverage internal experts help figure out those policies. By determining what conditions drive actions before the actions are taken (instead of doing it one case at a time) the decisions remain transparent and actionable. Looking for more insights around how to best position your credit union to mitigate and prevent fraud? Watch our webinar featuring experts from around the industry and key credit unions in this Fraud Insight Form hosted by CUES. Watch now Contact us

Preventing fraud losses requires an understanding of each individual fraud type—including third-party, first-party, synthetic identity, and account takeover fraud—and how they differ from one another. It’s only with a multi-layered fraud strategy that businesses can adequately detect and treat each type of fraud while maintaining the customer experience. When’s the last time you reviewed your existing fraud strategy? Download infographic Review your fraud strategy

It’s clear that the digital transformation we experienced this year is here to stay. While there are many positives associated with this transformation – innovation, new ways to work, and greater online connectedness – it’s important that we review the risks associated with these trends as well.   In late 2019 and throughout 2020, Experian surveyed consumers and businesses. We asked about online habits, expectations for information security and plans for future spending. Unsurprisingly, about half of consumers think they’ll continue to spend more online in the coming year. Those same consumers now have a higher expectation for their online experience than before the onset of COVID-19.   Hand-in-hand with the online activity trends come increased risks associated with identity theft and fraud as criminals find new chances to steal information. In response to both of these trends, businesses and consumers want a balance between security and convenience.   Our latest trends report dives into the new opportunities 2020 has created for fraud, and the opportunities to prevent identity theft or manipulation and the associated losses while building stronger relationships.   Download the full North America Trends Report for a look into North American trends over the last year and to learn how fraud prevention and positive customer relationships are actually two sides of the same coin. North America Trends Report

Experian’s Chris Ryan and Bobbie Paul recently re-joined David Mattei from Aite to discuss how emerging fraud trends and changes in consumer behavior will have long-term impacts on businesses. Chris, Bobbie, and David have combined experience of more than 60 years in the world of fraud prevention. In this discussion, they bring that experience to bear as they review how businesses should revise their long-term fraud strategy in response to COVID-19 and the subsequent economic shifts, including: The requirements to authenticate a digital customer Businesses’ technology challenges Differentiating between first party and third party fraud The importance of businesses’ technology investment How to build a roadmap for the next 90 days and beyond Experian · Make Your Fraud Plan Recession-Ready: Your 90 Day and Beyond Plan

The response to the coronavirus (COVID-19) health crisis requires a brand-new mindset from businesses across the country. As part of our recently launched Q&A perspective series, Jim Bander, Market Lead of Analytics and Optimization and Kathleen Peters, Senior Vice President of Fraud and Identity, provided insight into how businesses can work to mitigate fraud and portfolio risk. Q: How can financial institutions mitigate fraud risk while monitoring portfolios? JB: The most important shift in portfolio monitoring is the view of the customer, because it’s very different during times of crisis than it is during expansionary periods. Financial institutions need to take a holistic view of their customers and use additional credit dimensions to understand consumers’ reactions to stress. While many businesses were preparing for a recession, the economic downturn caused by the coronavirus has already surpassed the stress-testing that most businesses performed. To help mitigate the increased risk, businesses need to understand how their stress testing was performed in the past and run new stress tests to understand how financially sound their institution is. KP: Most businesses—and particularly financial institutions—have suspended or relaxed many of their usual risk mitigation tools and strategies, in an effort to help support customers during this time of uncertainty. Many financial institutions are offering debt and late fee forgiveness, credit extensions, and more to help consumers bridge the financial gaps caused by the economic downturn. Unfortunately, the same actions that help consumers can hamstring fraud prevention efforts because they impact the usual risk indicators. To weather this storm, financial institutions need to pivot from standard risk mitigation strategies to more targeted fraud and identity strategies. Q: How can financial institutions’ exposure to risk be managed? JB: Financial institutions are trying to extend as much credit as is reasonably possible—per government guidelines—but when the first stage of this crisis passes, they need to be prepared to deal with the consequences. Specifically, which borrowers will actually repay their loans. Financial institutions should monitor consumer health and use proactive outreach to offer assistance while keeping a finger on the pulse of their customers’ financial health. For the foreseeable future, the focus will be on extending credit, not collecting on debt, but now is the time to start preparing for the economic aftermath. Consumer health monitoring is key, and it must include a strategy to differentiate credit abusers and other fraudsters from overall good consumers who are just financially stressed. KP: As financial institutions work to get all of their customers set up with online and mobile banking and account access, there’s an influx of new requests that all require consumer authentication, device identification, and sometimes even underwriting. All of this puts pressure on already strained resources which means increased fraud risk. To manage this risk, businesses need to balance customer experience—particularly minimizing friction—with vigilance against fraudsters and reputational risk. It will require a robust and flexible fraud strategy that utilizes automated tools as much as possible to free up personnel to follow up on the riskiest users and transactions.   Experian is closely monitoring the updates around the coronavirus outbreak and its widespread impact on both consumers and businesses. We will continue to share industry-leading insights to help financial institutions manage their portfolios and protect against losses. Learn more About Our Experts: [avatar user="jim.bander" /] Jim Bander, Market Lead, Analytics and Optimization, Experian Decision Analytics, North America Jim joined Experian in April 2018 and is responsible for solutions and value propositions applying analytics for financial institutions and other Experian business-to-business clients throughout North America. He has over 20 years of analytics, software, engineering and risk management experience across a variety of industries and disciplines. Jim has applied decision science to many industries, including banking, transportation and the public sector. [avatar user="kathleen.peters" /] Kathleen Peters, Vice President, Fraud and Identity, Experian Decision Analytics, North America Kathleen joined Experian in 2013 to lead business development and international sales for the recently acquired 41st Parameter business in San Jose, Calif. She went on to lead product management for Experian’s fraud and identity group within the global Decision Analytics organization, launching Experian’s CrossCore® platform in 2016, a groundbreaking and award-winning new offering for the fraud and identity market. The last two years, Kathleen has been named a “Top 100 Influencer in Identity” by One World Identity (OWI), an exclusive list that annually recognizes influencers and leaders from across the globe, showcasing a who’s who of people to know in the identity space.

For the last several years, as the global economy flourished, the opportunities created by removing friction and driving growth guided business strategies governing identity and fraud. The amount of profitable business available in a low-friction environment simply outweighed the fraud that could be mitigated with more stringent verification methods. Now that we’re facing a global crisis, it’s time to reconsider the approach that drove the economic boom that defined that last decade. Recognizing how economic changes impact fraud At the highest level, we separate fraud into two types; third party fraud and first party fraud. In simple terms, third party fraud involves the misuse of a real customer’s identity or unauthorized access to a real customer’s accounts or assets. First party fraud involves the use of an identity that the fraudster controls—whether it’s their own identity, a manipulated version of their own identity, or a synthetic identity that they have created. The important difference in this case is that the methods of finding and stopping third party fraud remain constant even in the event of an economic downturn – establish contact with the owner of the identity and verify whether the events are legitimate. Fraud tactics will evolve, and volumes increase as perpetrators also face pressure to generate income, but at the end of the day, a real person is being impersonated, and a victim exists that will confirm when fraud is taking place. Changes in first party fraud during an economic downturn are dramatically different and much more problematic. The baseline level of first party fraud using synthetic, manipulated and the perpetrator’s own identity continue, but they are augmented by real people facing desperate circumstances and existing “good” customers who over-extend while awaiting a turn-around. The problem is that there is no “victim” to confirm fraud is occurring, and the line between fraud (which implies intent) and credit default (which does not) becomes very difficult to navigate. With limited resources and pressures of their own, at some point lenders must try to distinguish deliberate theft from good customers facing bad circumstances and manage cases accordingly. The new strategy When times are good, it’s easier to build up a solid book of business with good customers. Employment rates are high, incomes are stable, and the risks are manageable. Now, we’re experiencing rapidly changing conditions, entire industries are disrupted, unemployment claims have skyrocketed and customers will need assistance and support from their lenders to help them weather the storm. This is a reciprocal relationship – it behooves those same lenders to help their customers get through to the other side. Lenders will look to limit losses and strengthen relationships. At the same time, they’ll need to reassess their existing fraud and identity strategies (among others) as every interaction with a customer takes on new meaning. Unexpected losses We’ve all been bracing for a recession for a while. But no one expected it to show up quite like it did. Consumers who have been model customers are suddenly faced with a complete shift in their daily life. A job that seemed secure may be less so, investments are less lucrative in the short term, and small business owners are feeling the pressure of a change in day-to-day commerce. All of this can lead to unexpected losses from formerly low-risk customers. As this occurs, it becomes more critical than ever to identify and help good customers facing grim circumstances and find different ways to handle those that have malicious intent. Shifting priorities When the economy was strong, many businesses were able to accept higher losses because those losses were offset by immense growth. Unfortunately, the current crisis means that some of those policies could have unforeseen consequences. For instance – the loss of the ability to differentiate between a good customer who has fallen on hard times and someone who’s been a bad actor from the start. Additionally, businesses need to revise their risk management strategies to align with shifting customer needs. The demand for emergency loans and will likely rise, while loans for new purchases like cars and homes will fall as consumers look to keep their finances secure. As the need to assist customers in distress rises and internal resources are stressed, it’s critical that companies have the right tools in place to triage and help customers who are truly in need. The good news The tools businesses like yours need to screen first party fraud already exist. In fact, you may already have the necessary framework in place thanks to an existing partnership, and a relatively simple process could prepare your business to properly screen both new and existing customers at every touchpoint. This global crisis is nowhere near over, but with the right tools, your business can protect itself and your customers from increased fraud risks and losses of all sorts – first party, stolen identities, or synthetic identities, and come out on the other side even stronger. Contact Experian for a review of your current fraud strategy to help ensure you’re prepared to face upcoming challenges. Contact us

With the growing need for authentication and security, fintechs must manage risk with minimal impact to customer experience. When implementing tactical approaches for fraud risk strategy operations, keeping up with the pace of fraud is another critical consideration. How can fintechs be proactive about future-proofing fraud strategies to stay ahead of savvy fraudsters while maintaining customer expectations? I sat down with Chris Ryan, Senior Fraud Solutions Business Consultant with Experian Decision Analytics, to tap into some of his insights. Here’s what he had to say: How have changes in technology added to increased fraud risk for businesses operating in the online space? Technology introduces many risks in the online space. As it pertains to the fintech world, two stand out. First, the explosion in mobile technology. The same capabilities that make fintech products broadly accessible makes them vulnerable. Anyone with a mobile device can attempt to access a fintech and try their hand at committing fraud with very little risk of being caught or punished. Second, the evolution of an interconnected, digital ‘marketplace’ for stolen data. There’s an entire underground economy that’s focused on connecting the once-disparate pieces of information about a specific individual stolen from multiple, unrelated data breaches. Criminal misrepresentations are more complete and more convincing than ever before. What are the major market drivers and trends that have attributed to the increased risk of fraud? Ultimately, the major market drivers and trends that drive fraud risk for fintechs are customer convenience and growth. In terms of customer convenience, it’s a race to meet customer needs in real time, in a single online interaction, with a minimally invasive request for information. But, serving the demands of good customers opens opportunities for identity misuse. In terms of growth, the pressure to find new pockets of potential customers may lead fintechs into markets where consumer information is more limited, so naturally, there are some risks baked in. Are fintechs really more at risk for fraud? If so, how are fintechs responding to this dynamic threat? The challenge for many fintechs has been the prioritization of fraud as a risk that needs to be addressed. It’s understandable that fintech’s initial emphasis had to be the establishment of viable products that meet the needs of their customers. Obviously, without customers using a product, nothing else matters. Now that fintechs are hitting their stride in terms of attracting customers, they’re allocating more of their attention and innovative spirit to other areas, like fraud. With the right partner, it’s not hard for fintechs to protect themselves from fraud. They simply need to acquire reliable data that provides identity assurance without negatively impacting the customer experience. For example, fintechs can utilize data points that can be extracted from the communications channel, like device intelligence for example, or non-PII unique identifiers like phone and email account data. These are valuable risk indicators that can be collected and evaluated in real time without adding friction to the customer experience. What are the major fraud risks to fintechs and what are some of the strategies that Risk Managers can implement to protect their business? The trends we’ve talked about so far today have focused more on identity theft and other third-party fraud risks, but it’s equally important for fintechs to be mindful of first party fraud types where the owner of the identity is the culprit. There is no single solution, so the best strategy recommendation is to plan to be flexible. Fintechs demonstrate an incredible willingness to innovate, and they need to make sure the fraud platforms they pick are flexible enough to keep pace with their needs. From your perspective, what is the future of fraud and what should fintechs consider as they evolve their products? Fraud will continue to be a challenge whenever something of value is made available, particularly when the transaction is remote and the risk of any sort of prosecution is very low. Criminals will continue to revise their tactics to outwit the tools that fintechs are using, so the best long-term defense is flexibility. Being able to layer defenses, explore new data and analytics, and deploy flexible and dynamic strategies that allow highly tailored decisions is the best way for fintechs to protect themselves. Digital commerce and the online lending landscape will continue to grow at an increasing pace – hand-in-hand with the opportunities for fraud. To stay ahead of fraudsters, fintechs must be proactive about future-proofing their fraud strategies and toolkits. Experian can help. Our Fintech Digital Onboarding Bundle provides a solid baseline of cutting-edge fraud tools that protect fintechs against fraud in the digital space, via a seamless, low-friction customer experience. More importantly, the Fintech Digital Onboarding Bundle is delivered through Experian’s CrossCore platform—the premier platform in the industry recognized specifically for enabling the expansion of fraud tools across a wide range of Experian and third-party partner solutions. Click here to learn more or to speak with an Experian representative. Learn More About Chris Ryan:  Christopher Ryan is a Senior Fraud Solutions Business Consultant. He delivers expertise that helps clients make the most from data, technology and investigative resources to combat and mitigate fraud risks across the industries that Experian serves. Ryan provides clients with strategies that reduce losses attributable to fraudulent activity. He has an impressive track record of stopping fraud in retail banking, auto lending, deposits, consumer and student lending sectors, and government identity proofing. Ryan is a subject matter expert in consumer identity verification, fraud scoring and knowledge-based authentication. His expertise is his ability to understand fraud issues and how they impact customer acquisition, customer management and collections. He routinely helps clients review workflow processes, analyze redundancies and identify opportunities for process improvements. Ryan recognizes the importance of products and services that limit fraud losses, balancing expense and the customer impact that can result from trying to prevent fraud.

First-party fraud is an identity-centric risk that changes over time. And the fact that no one knows the true size of first-party fraud is not the problem. It’s a symptom. First-party fraud involves a person making financial commitments or defaulting on existing commitments using their own identity, a manipulated version of their own identity or a synthetic identity they control. With the identity owner involved, a critical piece of the puzzle is lost. Because fraud “treatments” tend to be all-or-nothing and rely on a victim, the consequences of applying traditional fraud strategies when first-party fraud is suspected can be too harsh and significantly damage the customer relationship. Without feedback from a victim, first-party fraud hides in plain sight — in credit losses. As a collective, we’ve created lots of subsets of losses that nibble around the edges of first-party fraud, and we focus on reducing those. But I can’t help thinking if we were really trying to solve first-party fraud, we would collectively be doing a better job of measuring it. As the saying goes, “If you can’t measure it, you can’t improve it.” Because behaviors exhibited during first-party fraud are difficult to distinguish from those of legitimate consumers who’ve encountered catastrophic life events, such as illness and unemployment, individual account performance isn’t typically a good measurement. First-party fraud is a person-level event rather than an account-level event and needs to be viewed as such. So why does first-party fraud slip through the cracks? Existing, third-party fraud prevention tools aren’t trained to detect it. Underwriting relies on a point-in-time assessment, leaving lenders blind to intentions that may change after booking. When first-party fraud occurs, the different organizations that suffer losses attach different names to it based on their account-level view. It’s hidden in credit losses, preventing you from identifying it for future analysis. As an industry, we aren’t going to be able to solve the problem of first-party fraud as long as three different organizations can look at an individual and declare, “Never pay!” “No. Bust-out!” “No! Charge-off!” So, what do we need to stop doing? Stop thinking that it’s a different problem based on when you enter the picture. Whether you opened an account five years ago or 5 minutes ago doesn’t change the problem. It’s still first-party fraud if the person who owns the identity is the one misusing it. Stop thinking that the financial performance of an account you maintain is the only relevant data. And what do we need to start doing? See and treat first-party fraud as a continuous Leverage machine learning techniques and robust data (including your own observations) to monitor for emerging risk over Apply multiple levels of treatments to respond and tighten controls/reduce exposure as risk Define first-party fraud using a broader set of elements beyond your individual observations.