Tag: fraud

With the recent switch to EMV and more than 4.2 billion records exposed by data breaches last year*, attackers are migrating their fraud attempts to the card-not-present channel. Our recent analysis found the following states to be the riskiest for e-commerce fraud in 2016. Delaware Oregon Florida New York Nevada Attackers are extremely creative, motivated, and often connected. Prevent e-commerce fraud by protecting all of your customer contact points. Fraud Heat Map>  

Turns out, Americans still don’t know much about CyberSecurity. That’s according to new research from the Pew Data Center, which conducted a cybersecurity knowledge quiz. The 13 question quiz was designed to test American’s knowledge on a number of cybersecurity issues and terms. A majority of online adults can identify a strong password and recognize the dangers of using public Wi-Fi. However, many struggle with more technical cybersecurity concepts, such as how to identify true two-factor authentication or determine if a webpage they are using is encrypted. As we in the industry know, cybersecurity is a complicated and diverse subject, but given the pervasiveness of news around cybersecurity, I was still a little surprised by the lack of knowledge. The typical (median) respondent answered only five of the 13 questions correctly (with a mean of 5.5 correct answers). 20% answered more than eight questions accurately, and just 1% received a “perfect score” by correctly answering all 13 questions. The study showed that public knowledge of cybersecurity is low on some relatively technical issues, like identifying the correct example of multi-factor authentication, understanding how VPNs minimize risk and knowing what a botnet is. On the flip side, the two questions that the majority of respondents answered correctly included identifying the strongest password from a list of four options and understanding that public Wi-Fi networks have risk even when they are password protected. Given the median scores, I was proud of missing only one question – guess I have more reading to do on Botnets. As an industry, it is our duty to not only create systems and securities to improve the tactical effectiveness of fraud prevention, but to educate consumers on many of these topics as well. They often are the first line of defense in stopping fraud and reducing the threat of breaches.

Has the EMV liability shift caused e-commerce fraud to increase 33% in 2016? According to Experian data, CNP fraud increased with Florida, Delaware, Oregon and New York ranked as the riskiest states. Miami accounted for the most fraudulent ZIP™ Codes in the US for shipping and billing fraud.

The adoption of EMV terminals has pressured attackers to migrate their fraud attempts to the card-not-present channel. This is a major driver to the increase in e-commerce fraud attacks – more than 30% over last year. Here’s how this fraud victimization has increased across the country: 16% in North Central states. 25% in Northeastern states. 32% in Southern states. 25% in Western states. Attackers are extremely creative, motivated, and often connected. Protect all points of connection with your customers to prevent e-commerce fraud with a comprehensive, multilayered approach. Where does your state rank?

Legitimate address discrepancies are common, which surprises most people. And handling every address discrepancy as a high fraud risk is operationally expensive and inhibits the customer experience. You can avoid this type of fraud by employing these best practices: Use a distinct Know Your Customer and underlying Customer Identification Program process. Avoid verifications based on self-reported data. Maintain hotlist addresses. Fraud always will find the path of least resistance, and organized criminals will test you daily to isolate the weakest link. Be sure to regularly revisit your own policies and procedures for handling this type of fraud. Address manipulation fraud  

Fraud and address manipulation (Part 1) Identifying an address as incorrect seems simple enough. But in reality, address mismatches between an application and credit bureau data aren’t uncommon. Here are several legitimate reasons why this may occur: Change of residence. Credit bureau’s unique logic for determining which address is the "best." New/Emerging consumers often have fluctuating address data. Issuers that employ risk-based approaches allowing incorrect addresses to pass and those that use self-reported data for verification face the highest level of risk for this type of fraud. Next week, we’ll let you know how you can avoid these types of losses. Or you can get ahead and read our latest paper. Address manipulation fraud>

We’re excited to announce Family Account Management: a new feature available for our partners that makes it easy for their subscribers to extend identity protection services to family and friends. Family Account Management allows our partners to offer quick and easy enrollment, enabling new subscribers to opt in to a family plan by inputting family or friends’ email addresses within their portal. Subscribers can invite anyone of the age of 18 to join. Every family has different security needs and preferences. This feature offers plan options that can be configured to match the primary subscriber’s current enrolled services, or customized to include a set of services that best suits each family’s needs. The Consumer Sentinel Network, a division of the Federal Trade Commission, reported over 1.2 million fraud-related complaints in 2015. With identity fraud on the rise, we need to be more vigilant than ever before and take steps to improve our own security and the security of our loved ones. We all have unique identity elements, including birthday, email address, and Social Security number, and monitoring one person’s identity elements won’t minimize risk for other family members. That’s why Family Account Management is so important, allowing subscribers to extend coverage for what matters most – family. “Families are more connected than ever before, but with more ways to stay connected, there are new threats putting families at risk of identity theft,” said Joe Ross, Experian President and Co-Founder. “With Family Account Management, businesses can provide their subscribers with an easy and convenient way to extend identity protection services to their loved ones.” Visit our website for more information on identity protection products you can offer your customers and stay up to date with all Experian news on LinkedIn.

Internet-connected devices provide endless possibilities, but they rely on technology and collected data to deliver on their promises. This can compromise your network security. Follow these tips to enjoy the conveniences provided by Internet of Things devices while keeping your network safe. Look for devices that use end-to-end encryption. Change default passwords before connecting devices to your network. Enable two-factor authentication, when available. Leverage all security options, such as passwords, encryption, firewalls and firmware. The Internet of Things is only as strong as its weakest link. That's why it’s so important to understand and treat each connected device as part of a broader network. More security tips

Experian shares five trends and twists coming over the next 12 months, that could push new boundaries and in many cases improve the customer experience as it pertains to the world of credit and finance.

Fraud and cybersecurity are two of the biggest risks challenging organizations and the economy today. Fraud has become its own industry, to the tune of $500 billion in estimated losses annually. To strengthen your fraud risk strategies, you need: A multilayered authentication and risk-based approach to prevent fraud. A comprehensive approach to identity with true customer intelligence. To avoid silos and recognize the value of combining your solutions into one platform. The rapid growth of fraud-related activity only reinforces the need for aggressive fraud prevention strategies and the adoption of new technology to prepare for the latest emerging cybersecurity threats. Want to know more?

Technology sharing can unlock a more effective strategy in fighting fraud. Experian’s multi-layered and risk-based approach to fraud management is discussed as many businesses are learning that combining data and technology to strengthen their fraud risk strategies can help reduce losses. Evolving fraud schemes, changes in regulatory requirements and the advent of new digital initiatives make it difficult for businesses to manage all of the tools needed to keep up with the relentless pace of change.

Experian is recognized as a leading security solution provider for fraud and identity solutions in order to protect customers and financial institutions

It’s been a wild ride for the financial services industry over the past eight years. After the mortgage meltdown, the Great Recession and a stagnant economy … well, one could say the country had seen better days. Did you watch The Big Short last winter? It all came crumbling down. And then President Barack Obama entered the scene. Change was needed. More oversight introduced. Suddenly, we had the Affordable Care Act, the Dodd-Frank Wall Street Reform Act and the creation of the Consumer Financial Protection Bureau (CFPB). Taxes were raised on the country’s highest earners for the first time since the late-1990s. In essence, the pendulum swung hard and fast to a new era of tightened and rigorous regulation. Fast forward to present day and we find ourselves on the cusp of transitioning to new leadership for the country. A new president, new cabinet, new leaders in Congress. What will it all mean for financial services regulations? It’s helpful to initially take a look back at the key regulations that have been introduced over the past eight years. Mortgage Reform: Long gone are the days of obtaining a quick mortgage.  New rules have required loan originators to verify and document the consumer’s income and assets, including employment status (if relied upon), existing debt obligations, mortgage-related obligations, alimony and child support. The CFPB has also expanded foreclosure protections for struggling borrowers and homeowners. Maintaining the health of the mortgage industry is important for the entire country, and updated rules have enhanced the safety and transparency of the mortgage market. Home values have largely recovered from the darkest days, but some question whether the underwriting criteria have become too strict. Combatting Fraud: The latest cyber-attack trends and threats come fast and furious. Thus, regulators are largely addressing the challenge by expecting banks to adhere to world-class standards from organizations such as the National Institute of Standards and Technology (NIST). The Federal Trade Commission (FTC) and the National Credit Union Administration (NCUA) implemented the Red Flags Rule in November 2008. It requires institutions to establish policies and procedures to identify and recognize red flags — i.e., patterns, practices or specific activities that indicate the possible existence of identity theft — that occur during account-opening activities, existing account maintenance and new activity on an account that has been inactive for two or more years. Loss Forecasting: The Dodd-Frank Act Requires the Federal Reserve to conduct an annual stress test of bank holding companies (BHCs), savings and loan holding companies, state member banks, and nonbank financial institutions. In October 2012, the Fed Board adopted the Comprehensive Capital Analysis and Review (CCAR) rules. This requires banks with assets of $50 billion or more to submit to an annual review centered on a supervisory stress test to gauge capital adequacy. In January 2016, Dodd-Frank Act Stress Testing (DFAST) was introduced, requiring bank holding companies with assets of $10 billion or more to conduct separate annual stress tests known as “company-run tests” using economic scenarios. Every year regulators expect to see continued improvement in stress-testing models and capital-planning approaches as they raise the bar on what constitutes an acceptable practice. CFPB: No longer the new kids on the block, the CFPB has transitioned to an entity that has its tentacles into every aspect of consumer financial products. Mortgage lending was one of their first pursuits, but they have since dug into “ability-to-pay underwriting” and servicing standards for auto loans, credit cards and add-on products sold through third-party vendors. Now they are looking into will likely be the next “bubble,” – student lending – and educating themselves about online marketplace lending. Data Quality: Expectations related to data quality, risk analytics, and regulatory reporting have risen dramatically since the financial downturn. Inaccuracy in data is costly and harmful, slows down the industry, and creates frustration. In short, it’s bad for consumers and the industry. It’s no secret that financial institutions rely on the accuracy of credit data to make the most informed decisions about the creditworthiness of their customers. With intense scrutiny in this area, many financial institutions have created robust teams to handle and manage requirements and implement sound policies surrounding data accuracy. --- This is merely a sliver of the multiple regulations introduced and strengthened over the past eight years. Is there a belief that the regulatory pendulum might take a swing to other side with new leadership? Unlikely. The agenda for 2017 largely centers on the need to improve debt collections practices, enhance access to credit for struggling Americans, and the need for ongoing monitoring of the fintech space. Only time will tell, but one thing is certain. Anyone involved in financial services needs to keep a watchful eye on the ever-evolving world of regulation and Washington.

As we approach the one-year anniversary of the EMV liability shift, we have seen an increase in e-commerce fraud — to the tune of 15% higher than last year. Additional insights from Experian’s biannual analysis on e-commerce fraud include: 44% of e-commerce billing fraud came from Florida, California and New York* 52% of e-commerce shipping fraud came from Florida, New York and California* Miami, Fla., is the most dangerous city in the United States for e-commerce merchants* As fraudsters continue to perpetrate card-not-present fraud, ensure you are prepared. You’ll be thankful if fraudsters come calling. >> E-commerce Attack Rates

Historically, the introduction of EMV chip technology has resulted in a significant drop in card-present fraud, but a spike in card-not-present (CNP) fraud. CNP fraud accounts for 60% to 70% of all card fraud in many countries and is increasing. Merchants and card issuers in the United States likely will see a rise in CNP fraud as EMV migration occurs — although it may be more gradual as issuers and merchants upgrade to chip-based cards. As fraud continues to evolve, so too should your fraud-prevention strategies. Make a commitment to stay abreast of the latest fraud trends and implement sophisticated, cross-channel fraud-prevention strategies. >>Protecting Growth Ambitions Against Rising Fraud Threats