Tag: identity theft

Financial institutions are constantly searching for ways to engage their consumers while providing valuable services that keep them financially sound and satisfied. At the same time, consumers are looking for ways to limit their risk and grow their financial power while improving and protecting their financial health. Both can be accomplished through personalized financial experiences.

Finding a reliable, customer-friendly way to protect your business against new account fraud is vital to surviving in today's digital-driven economy. Not only can ignoring the problem cause you to lose valuable money and client goodwill, but implementing the wrong solutions can lead to onboarding issues that drive away potential customers. The Experian® 2023 Identity and Fraud Report revealed that nearly 70 percent of businesses reported fraud loss in recent years, with many of these involving new account fraud. At the same time, problems with onboarding caused 37 percent of consumers to drop off and take their business elsewhere. In other words, your customers want protection, but they aren't willing to compromise their digital experience to get it. You need to find a way to meet both these needs when combating new account fraud. What is new account fraud? New account fraud occurs any time a bad actor creates an account in your system utilizing a fake or stolen identity. This process is referred to by different names, such as account takeover fraud, account creation fraud, or account opening fraud. Examples of some of the more common types of new account fraud include: Synthetic identity (ID) fraud: This type of fraud occurs when the scammer uses a real, stolen credential combined with fake credentials. For example, they might use someone's real Social Security number combined with a fake email. Identity theft: In this case, the fraudster uses personal information they stole to create a new scam account. Fake identity: With this type of fraud, scammers create an account with wholly fake credentials that haven't been stolen from any particular person. New account fraud may target individuals, but the repercussions spill over to impact entire organizations. In fact, many scammers utilize bots to attempt to steal information or create fake accounts en masse, upping the stakes even more. How does new account fraud work? New account fraud begins at a single weak security point, such as: Data breaches: The Bureau of Justice reported that in 2021 alone, 12 percent of people ages 16 or older received notifications that their personal information was involved in a data breach.1 Phishing scams: The fraudster creates an email or social media account that pretends to be from a legitimate organization or person to gain confidential information.2 Skimmers: These are put on ATMs or fuel pumps to steal credit or debit card information.2 Bot scrapers: These tools scrape information posted publicly on social media or on websites.2 Synthetic ID fraud: 80 percent of new account fraud is linked to synthetic ID fraud.3 The scammer just needs one piece of legitimate information. If they have a real Social Security number, they might combine it with a fake name and birth date (or vice versa.) After the information is stolen, the rest of the fraud takes place in steps. The fake or stolen identity might first be used to open a new account, like a credit card or a demand deposit account. Over time, the account establishes a credit history until it can be used for higher-value targets, like loans and bank withdrawals. How can organizations prevent new account fraud? Some traditional methods used to combat new account fraud include: Completely Automated Public Turing Tests (CAPTCHAs): These tests help reduce bot attacks that lead to data breaches and ensure that individuals logging into your system are actual people. Multifactor authentication (MFA): MFA bolsters users' password protection and helps guard against account takeover. If a scammer tries to take over an account, they won't be able to complete the process. Password protection: Robust password managers can help ensure that one stolen password doesn't lead to multiple breaches. Knowledge-based authentication: Knowledge-based authentication can be combined with MFA solutions, providing an additional layer of identity verification. Know-your-customer (KYC) solutions: Businesses may utilize KYC to verify customers via government IDs, background checks, ongoing monitoring, and the like. Additional protective measures may involve more robust identity verification behind the scenes. Examples include biometric verification, government ID authentication, public records analysis, and more. Unfortunately, these traditional protective measures may not be enough, for many reasons: New account fraud is frequently being perpetrated by bots, which can be tougher to keep up with and might overwhelm systems. Institutions might use multiple security solutions that aren't built to work together, leading to overlap and inefficiency. Security measures may create so much friction in the account creation process that potential new customers are turned away. How we can help Experian's fraud management services provide a multi-layered approach that lets businesses customize solutions to their particular needs. Advanced machine learning analytics utilizes extensive, proprietary data to provide a unique experience that not only protects your company, but it also protects your customers' experience. Customer identification program (CIP) Experian's KYC solutions allow you to confidently identify your customers via a low-friction experience. The tools start with onboarding, but continue throughout the customer journey, including portfolio management. The tools also help your company comply with relevant KYC regulations. Cross-industry analysis of identity behavior Experian has created an identity graph that aggregates consumer information in a way that gives companies access to a cross-industry view of identity behavior as it changes over time. This means that when a new account is opened, your company can determine behind the scenes if any part of the identity is connected to instances of fraud or presents actions not normally associated with the customer's identity. It's essentially a new paradigm that works faster behind the scenes and is part of Experian's Ascend Fraud Platform™. Multifactor authentication solutions Experian's MFA solutions utilize low-friction techniques like two-factor authentication, knowledge-based authentication, and unique one-time password authentication during remote transactions to guard against hacking. Synthetic ID fraud protection Experian's fraud management solutions include robust protection against synthetic ID fraud. Our groundbreaking technology detects and predicts synthetic identities throughout the customer lifecycle, utilizing advanced analytics capabilities. CrossCore® CrossCore combines risk-based authentication, identity proofing, and fraud detection into one cloud platform, allowing for real-time decisions to be made with flexible decisioning workflows and advanced analytics. Interactive infographic: Building a multilayered fraud and identity strategy Precise ID® The Precise ID platform lets customers choose the combination of fraud analytics, identification verification, and workflows that best meet their business needs. This includes machine-learned fraud risk models, robust consumer data assets, one-time passwords (OTPs), knowledge-based authentication (KBAs), and powerful insights via the Identity Element Network®. Account takeover fraud represents a significant threat to your business that you can't ignore. But with Experian's broad range of solutions, you can keep your systems secure while not sacrificing customer experience. Experian can keep your business secure from new account fraud Experian's innovative approach can streamline your new account fraud protection. Learn more about how our fraud management solutions can help you. Learn more References 1. Harrell, Erika. "Just the Stats: Data Breach Notifications and Identity Theft, 2021." Bureau of Justice Statistics, January 2024. https://bjs.ojp.gov/data-breach-notifications-and-identity-theft-2021 2. "Identity Theft." USA.gov, December 6, 2023. https://www.usa.gov/identity-theft 3. Purcell, Michael. "Synthetic Identity Fraud: What is It and How to Combat It." Thomson Reuters, April 28, 2023. https://legal.thomsonreuters.com/blog/synthetic-identity-fraud-what-is-it-and-how-to-combat-it/

Fraud and identity theft in the automotive industry continue to make headlines with the result bringing significant monetary losses for dealers. In 2022, more than 60% of automotive dealerships filed cases of identity theft losing three or more vehicles, with 84% saying there has been a noticeable increase in identity fraud since the pandemic. Even though dealers understand that fraud is on the rise, 66% stated they lacked adequate identity fraud protections [1]. In a recent episode of the Used Car Dealer Podcast, host Zach Klempf, spoke with Kanchana Sundaram, Experian's senior director of product and innovation for automotive, to discuss Fraud Protect, a new tool from Experian that helps dealers combat fraud. During the interview, Kanchana highlighted how dealers can use Fraud Protect to better identify potentially fraudulent behavior, without slowing down the sales process and still maintaining a positive experience for both them and the consumer. By leveraging the latest technology and advanced analytics, dealers are able to detect some of the most common fraud types that include: Third-party fraud: Fraudsters steal an individual’s identity to purchase a vehicle First-party fraud: A person knowingly misrepresents their identity or provides false information, often with the intention of not paying for the vehicle Synthetic identity fraud: Fraudsters create fake identities and build credit profiles over time before using them to finance a vehicle they do not intend to pay for The episode is now available across all major podcast platforms, click the link to watch: YouTube To learn more about Fraud Protect, visit Experian’s auto fraud prevention solutions webpage. For more information on the Used Car Dealer Podcast, visit https://www.sellyautomotive.com/podcast Facebook – @SellyAutomotive ‘X’ – @SellyAutomotive LinkedIn – @SellyAutomotive 1. https://www.elendsolutions.com/research/2022-Identity-Fraud-Survey-Report/

This article was updated on February 12, 2024. The Buy Now, Pay Later (BNPL) space has grown massively over the last few years. But with rapid growth comes an increased risk of fraud, making "Buy Now, Pay Never" a crucial fraud threat to watch out for in 2024 and beyond. What is BNPL? BNPL, a type of short-term financing, has been around for decades in different forms. It's attractive to consumers because it offers the option to split up a specific purchase into installments rather than paying the full total upfront. The modern form of BNPL typically offers four installments, with the first payment at the time of purchase, as well as 0% APR and no hidden fees. According to an Experian survey, consumers cited managing spending (34%), convenience (31%), and avoiding interest payments (23%) as main reasons for choosing BNPL. Participating retailers generally offer BNPL at point-of-sale, making it easy for customers to opt-in and get instantly approved. The customer then makes a down payment and pays off the installments from their preferred account. BNPL is on the rise The fintech and online-payment-driven world is seeing a rise in the popularity of BNPL. According to Experian research, 3 in 4 consumers have used BNPL in 2023, with 11% using BNPL weekly to make purchases. The interest in BNPL also spans generations — 36% of Gen Z, 43% of Millennials, 32% of Gen X, and 12% of Baby Boomers have used this payment method. The risks of BNPL While BNPL is a convenient, easy way for consumers to plan for their purchases, experts warn that with lax checkout and identity verification processes it is a target for digital fraud. Experian predicts an uptick in three primary risks for BNPL providers and their customers: identity theft, first-party fraud, and synthetic identity fraud. WATCH: Fraud and Identity Challenges for Fintechs Victims of identity theft can be hit with charges from BNPL providers for products they have never purchased. First-party and synthetic identity risks will emerge as a shopper's buying power grows and the temptation to abandon repayment increases. Fraudsters may use their own or fabricated identities to make purchases with no intent to repay. This leaves the BNPL provider at the risk of unrecoverable monetary losses and can impact the business' risk tolerance, causing them to narrow their lending band and miss out on properly verified consumers. An additional risk lies with fraudsters who may leverage account takeover to gain access to a legitimate user's account and payment information to make unauthorized purchases. READ: Payment Fraud Detection and Prevention: What You Need to Know Mitigating BNPL risks Luckily, there are predictive credit, identity verification, and fraud prevention tools available to help businesses minimize the risks associated with BNPL. Paired with the right data, these tools can give businesses a comprehensive view of consumer payments, including the number of outstanding BNPL loans, total BNPL loan amounts, and BNPL payment status, as well as helping to detect and apply the relevant treatment to different types of fraud. By accurately identifying customers and assessing risk in real-time, businesses can make confident lending and fraud prevention decisions. To learn more about how Experian is enabling the protection of consumer credit scores, better risk assessments, and more inclusive lending, visit us or request a call. And keep an eye out for additional in-depth explorations of our Future of Fraud Forecast. Learn more Future of Fraud Forecast

Online activity is a routine part of people’s days. Americans spend an average of 4 hours and 25 minutes on their phones every day,[1] and many regularly use multiple devices to access the internet. However, with more time spent in the digital space, the risk of identity theft and fraud also continues to grow. The growing threat of identity fraud This year, the FTC has already received 5.7 million total fraud and identity theft reports, 1.4 million of which were identity theft cases.[2] More consumers are becoming vulnerable to the threat of identity fraud, but many are unsure of how to protect themselves. To avoid monetary loss and significant lifestyle disruption, consumers are looking to their financial institutions to provide resources to help them prevent identity theft and protect their personal information online. Consumers want identity protection from their financial institutions Consumers also expect their banks to carry the responsibility of protecting their private data from the risk of theft. While most of them trust in the security provided by their banks, about 50% of consumers want their banks to offer additional protective measures.[3] This creates an opportunity for financial institutions to fulfill the role of “data protector” for the customers that depend on them. The convenience of a full suite of financial services all in one place is also important to consumers, as 45% would prefer to get all their banking products from the same financial institution.[4] While consumers need identity protection, businesses need new ways to engage their customers and drive more revenue. Fortunately, offering identity protection is an effective way to maintain a sticky relationship with your customers while delivering an enhanced, engaging experience. Protect your customers from fraud with Identity Protection Services With identity protection, your customers can: Check for exposed personal information and lower their risk of identity theft Reduce their exposure and decide who can track their activity and access their personal information online Keep control of their digital identity by reclaiming exposed personal information, increasing their privacy, and avoiding future risk An identity protection solution provides a comprehensive strategy to avoid the risk of identity theft, while delivering exceptional results that your customers need to feel safe and secure. Providing frequent updates and recommendations about their digital identity and credit score allows you to maintain an engaging communication channel with your customers and boost your brand interaction. For example, the average Experian® user had a 60% alert open rate and 12% post-alert login rate.[5] As they continue to receive useful suggestions for strengthening their online security, your customers may interact with your app or website more regularly and consistently. This can create valuable opportunities for you to encourage them to open new accounts, start new credit lines, or borrow more money. In addition, giving your customers an added layer of assurance can drive them to remain loyal, long-standing customers to your business. 96% of active Experian subscribers with a free bundle were still subscribed after 12 months[6] 90% of active Experian subscribers with a paid bundle were still subscribed after 12 months[6] Less than 1% churn rate with fewer than 100 service calls[7] Consumers want protection from thieves who might steal their personal information, and they expect it from a trusted source. By offering an identity protection solution, you can foster stronger relationships with your customers while reducing their vulnerability to fraud. Visit our website to see how Identity Protection Services can help you deliver best-in-class protection for your customers. [1] PC Magazine. Americans Check Their Phones an Alarming Number of Times Per Day. May 2023. [2] IdentityTheft.org. 2023 Identity Theft Facts and Statistics. [3] PYMTS. Half of Consumers Want More Security Measures From Banks, January 2023. [4] PYMTS. 45% of US Consumers Want Banking Bundles. August 2022. [5] Experian Data, average user experience with Digital Identity Manager, May 2023. [6] Experian data, August 2023. [7] Experian Data, average user experience with Digital Identity Manager, May 2023.

This article was updated on November 9, 2023. Fraud – it’s a word that comes up in conversations across every industry. While there’s a general awareness that fraud is on the rise and is constantly evolving, for many the full impact of fraud is misunderstood and underestimated. At the heart of this challenge is the tendency to lump different types of fraud together into one big problem, and then look for a single solution that addresses it. It’s as if we’re trying to figure out how to un-bake a terrible cake instead of thinking about the ingredients and the process needed to put them together in the first place. This is the first of a series of articles in which we’ll look at some of the key ingredients that create different types of fraud, including first party, third party, synthetic identity, and account takeover. We’ll talk about why they’re unique and why we need to approach each one differently. At the end of the series, we’ll get a result that’s easier to digest. I had second thoughts about the cake metaphor, but in truth it really works. Creating a good fraud risk management process is a lot like baking. We need to know the ingredients and some tried-and-true methods to get the best result. With that foundation in place, we can look for ways to improve the outcome every time. Let’s start with a look at the best known type of fraud, third party. What is third-party fraud? Third-party fraud – generally known as identity theft – occurs when a malicious actor uses another person’s identifying information to open new accounts without the knowledge of the individual whose information is being used. When you consider first-party vs third-party fraud, or synthetic identity fraud, third-party stands out because it involves an identifiable victim that’s willing to collaborate in the investigation and resolution, for the simple reason that they don’t want to be responsible for the obligation made under their name. Third-party fraud is often the only type of activity that’s classified as fraud by financial institutions. The presence of an identifiable victim creates a high level of certainty that fraud has indeed occurred. That certainty enables financial institutions to properly categorize the losses. Since there is a victim associated with it, third party fraud tends to have a shorter lifespan than other types. When victims become aware of what’s happening, they generally take steps to protect themselves and intervene where they know their identity has been potentially misused. As a result, the timeline for third-party fraud is shorter, with fraudsters acting quickly to maximize the funds they’re able to amass before busting out. How does third-party fraud impact me? As the digital transformation continues, more and more personally identifiable information (PII) is available on the dark web due to data breaches and phishing scams. Given that consumer spending is expected to increase1, we anticipate that the amount of PII readily available to criminals will only continue to grow. All of this will lead to identity theft and increase the risk of third-party fraud. More than $43 billion in total losses was reported due to identity theft and fraud in the U.S. in 2022.2 Solving the third-party fraud problem We’ve examined one part of the fraud problem, and it is a complex one. With Experian as your partner, solving for it isn’t. Continuing my cake metaphor, by following the right steps and including the right ingredients, businesses can detect and prevent fraud. Third-party fraud detection and prevention involves two distinct steps. Analytics: Driven by extensive data that captures the ways in which people present their identity—plus artificial intelligence and machine learning—good analytics can detect inconsistencies, and patterns of usage that are out of character for the person, or similar to past instances of known fraud. Verification: The advantage of dealing with third-party fraud is the availability of a victim that will confirm when fraud is happening. The verification step refers to the process of making contact with the identity owner to obtain that confirmation and may involve identity resolution. It does require some thought and discipline to make sure that the contact information used leads to the identity owner—and not to the fraudster. In a series of articles, we’ll be exploring first-party fraud, synthetic identity fraud, and account takeover fraud and how a layered fraud management solution can help keep your business and customers safe and manage third-party fraud detection, first-party fraud, synthetic identity fraud, and account takeover fraud prevention. Let us know if you’d like to learn more about how Experian is using our identity expertise, data, and analytics to create robust fraud prevention solutions. Contact us 1 Experian Ascend Sandbox 2 2023 U.S. Identity and Fraud Report, Experian.

This article was updated on November 9, 2023. Account takeover fraud is a huge, illicit business in the United States with real costs for consumers and the organizations that serve them. In fact, experts predict that by the end of 2023, account takeover losses will be over $635 billion. With consumers' data, your reputation, and your organization's financial picture on the line, now's the time to learn about account takeover fraud and how to prevent it.  What is account takeover fraud?  Account takeover fraud is a form of identity theft where bad actors gain unlawful access to a user's online accounts in order to commit financial crimes. This often involves the use of bots.  information that enables account access can be compromised in a variety of ways. It might be purchased and sold on the dark web, captured through spyware or malware or even given “voluntarily" by those falling for a phishing scam.  Account takeover fraud can do far more potential damage than previous forms of fraud because once criminals gain access to a user's online account, they can use those credentials to breach others of that user's accounts.  Common activities and tools associated with account takeover fraud include: Phishing: Phishing fraud relies on human error by impersonating legitimate businesses, usually in an email. For example, a scammer might send a phishing email disguising themselves as a user's bank and asking them to click on a link that will take them to a fraudulent site. If the user is fooled and clicks the link, it can give the hackers access to the account.  Credential stuffing/cracking: Fraudsters buy compromised data on the dark web and use bots to run automated scripts to try and access accounts. This strategy, called credential stuffing, can be very effective because many people reuse insecure passwords on multiple accounts, so numerous accounts might be breached when a bot has a hit. Credential cracking takes a less nuanced approach by simply trying different passwords on an account until one works.  Malware: Most people are aware of computer viruses and malware but they may not know that certain types of malware can track your keystrokes. If a user inadvertently downloads a “key logger", everything they type, including their passwords, is visible to hackers.  Trojans: As the name suggests, a trojan works by hiding inside a legitimate application. Often used with mobile banking apps, a trojan can overlay the app and capture credentials, intercept funds and redirect financial assets.  Cross-account takeover: One evolving type of fraud concern is cross-account takeover. This is where hackers take over a user's financial account alongside another account such as their mobile phone or email. With this kind of access, fraudsters can steal funds more easily and anti-fraud solutions are less able to identify them.  Intermediary new-account fraud: This type of fraud involves using a user's credentials to open new accounts in their name with the aim of draining their bank accounts.  This is only an overview of some of the most prevalent types of account takeover fraud. The rise of digital technologies, smartphones, and e-commerce has opened the door to thieves who can exploit the weaknesses in digital security for their own aims. The situation has only worsened with the rapid influx of new and inexperienced online users driven by the COVID-19 pandemic.  Why should you be concerned, now?  Now that digital commerce and smartphone use are the norm, information used to access accounts  is a security risk. If a hacker can get access to this information, they may be able to log in to multiple accounts.. The risk is no longer centralized; with every new technology, there's a new avenue to exploit.   To exacerbate the situation, the significant shift to online, particularly online banking, spurred by the COVID-19 pandemic, appears to have amplified account takeover fraud attempts. In 2019, prior to the pandemic, 1.5 billion records — or approximately five records per American — were exposed in data breaches. This can potentially increase as the number of digital banking users in the United States is expected to reach almost 217 million by 2025. Aite research reported that 64 percent of financial institutions were seeing higher rates of account takeover fraud than before COVID. Unfortunately, this trend shows no sign of slowing down. The increase in first-time online users propelled by COVID has amplified the critical security issues caused by a shift from transaction fraud to identity-centric account access. Organizations, especially those in the financial and big technology sectors, have every reason to be alarmed.  The impact of account takeover fraud on organizations  Account takeover can be costly, damage your reputation and require significant investments to identify and correct.  Protection of assets  When we think of the risks to organizations of account takeover fraud, the financial impact is usually the first hazard to come to mind. It's a significant worry: According to Experian's 2023 U.S. Identity and Fraud report, account takeover fraud was among the top most encountered fraud events reported by U.S. businesses. And even worse, the average net fraud loss per case for debit accounts has been steadily increasing since early 2021. The costs to businesses of these fraudulent activities aren't just from stolen funds. Those who offer credit products might have to cover the costs of disputing chargebacks, card processing fees or providing refunds. Plus, in the case of a data breach, there may be hefty fines levied against your organization for not properly safeguarding consumer information. Add to these the costs associated with the time of your PR department, sales and marketing teams, finance department and customer service units.  In short, the financial impact of account takeover fraud can permeate your entire organization and take significant time to recoup and repair.  Protection of information  Consumers rightfully expect organizations to have a solid cybersecurity plan and to protect their information but they also want ease and convenience. In many cases, it's the consumers themselves who engage in risky online behavior — reusing the same password on multiple sites or even using the same password on all sites. These lax security practices open users up to the possibility of multiple account takeovers. Making things worse for organizations, security strategies can annoy or frustrate consumers. If security measures are too strict, they risk alienating consumers or even generating false positives, where the security measure flags a legitimate user.  Organizations are in the difficult position of having to balance effective security measures with a comfortable user experience. Reputation  When there's a data breach, it does significant damage to your organization's reputation by demonstrating weaknesses in your security. Fraudulent account take-overs can affect the consumers who rely on you significantly and if you lose their trust, they're likely to sever their relationship with you. Large-scale data breaches can sully your organization's reputation with the general public, making consumers less likely to consider your services. How to build an account takeover fraud prevention strategy  There are numerous ways to build an account takeover fraud prevention strategy, but to work for your and individual consumers, it must pair robust risk management with a low friction user experience.  Here are some of the key elements to an account takeover fraud prevention strategy that hits the right notes.  Monitor interactions The risk of account takeover is constant so your monitoring should be as well. A layered, proactive and passive fraud prevention program can monitor your interactions, reduce false positives and keep track of consumers' digital identities. Use the right tools When it comes to fraud prevention, you've got plenty of choices but you'll want to make sure you use the tools that protect you, as well as consumer data, while always providing a positive experience. We use risk-based identity and device authentication and targeted step-up authentication to keep things running smoothly and only pull in staff for deeper investigations where necessary. Automate to reduce manual processes  Your organization's fraud prevention strategy likely includes manual processes, tasks that are completed by employees—but humans make mistakes that can be costly. Taking the wrong action, or even no action at all, can result in a security breach. Automated tasks like threat filtering and software and hardware updates can reduce the risk to your organization while improving response time and freeing up your team.  Choose a nimble platform  Technology changes quickly and so does fraud. You'll need access to a layered platform that lets you move as quickly as the bad actors do.  The bottom line  You can effectively mitigate against the risk of account takeover fraud and offer consumers a seamless experience. Learn more about account takeover fraud prevention and fraud management solutions.  Fraud management solutions

In a noisy digital world, capturing the attention of online users can seem impossible. While a 2015 study claimed that the average consumer’s attention span had shrunk to just 8 seconds, a more recent global study by Yahoo and OMD Worldwide shows that Gen Z consumers lose active attention for ads after just 1.3 seconds—less time than any other age group.[1] Financial institutions are always looking for ways to attract more online users and earn new business by delivering the value consumers want and need. If you want to grow your customer base, add identity protection to the financial services you already offer. Providing complementary identity protection solutions alongside your existing service offerings can make your business more marketable and attract more new customers. This is a great way to earn more market share while delivering value that consumers want. What do consumers want? Consumers want control over their data and personal information from a company they trust. Research shows they are more likely to partner with a brand they’re already loyal to, such as their bank. 57% of consumers would like their primary financial institution to provide or offer an identity protection service.[2] In addition, consumers have indicated interest in having all their financial data accessible in one place.[3] In this same vein, an all-in-one identity protection solution that reduces risk and gives consumers more control over how their data is used online is a convenient, in-demand solution that can help decrease vulnerability and limit online exposure. Consumers want these high-value, high-demand tools, and data shows that they are willing to pay for it. 89% of consumers want more control over how their data is collected and used online, and 82% are willing to invest time and money to better protect their privacy.[4] While proactive services for identity protection are important, not all fraud incidents can be avoided. In addition to providing anticipatory protection solutions, consumers need a response plan in place if they experience an identity theft or fraud event. Proactive protection and reactive restoration Unfortunately, victims of identity theft spend an average of 6.3 hours resolving identity fraud.[5] With identity protection and restoration services in place, you can assure potential new customers that if the worst should happen, you can help them reclaim their exposed information and restore their identity. For example, consumers can save up to 177 hours of time by using Experian’s Digital Identity Manager, a tool that helps protect consumer data and reduce vulnerability to theft.[6] Resources like these, coming from a trusted source, can put consumers’ minds at ease and make it easy for them to decide to do business with you. Identity protection from a trusted source Consumers are seeking protection from identity thieves, and they expect it from a trusted source. Offering Experian’s Identity Protection Services can help you stand out by providing valuable financial security to new customers, encouraging more new names to do business with your company. Identity Protection Solutions from Experian are best-in-class, and we have the results to prove it: 96% of active Experian subscribers with a free bundle were still subscribed after 12 months (Experian data, August 2023)  90% of active Experian subscribers with a paid bundle were still subscribed after 12 months (Experian data, August 2023)  Less than 1% churn rate with fewer than 100 service calls Visit our website to learn more [1] Insider Intelligence, Gen Z has a 1-second attention span. That can work to marketers’ advantage. 2022. [2] Javelin Strategy and Research, 2022. [3] MX, What Consumers Really Want from their Financial Providers: A 2023 Roadmap. [4] Cisco 2022 Consumer Privacy Survey, 2022. [5] Javelin, 2023 Identity Fraud Study. [6] Experian Data, average user experience with Digital Identity Manager, May 2023. This article is provided for general guidance and information.  It is not intended as, nor should it be construed to be, legal, financial or other professional advice.  Please consult with your attorney or financial advisor to discuss any legal issues or financial issues involved with credit decisions.

Today’s digital-first world is more interconnected than ever. Financial transactions take place across borders and through various channels, leaving financial institutions and their customers at increasing risk from evolving threats like identity theft, fraud and others from sophisticated crime rings. And consumers are feeling that pressure. A recent Experian study found that over half of consumers feel like they are more of a target for online fraud than a year ago. Likewise, more than 40% of businesses reported increased fraud losses in recent years. It’s not only critical that organizations ensure the security and trustworthiness of digital transactions and online account activity to reduce risk and losses but what consumers expect. In the same Experian study, more than 85% of consumers said they expect businesses to respond to their fraud concerns, an expectation that has increased over the last several years.   Businesses and financial institutions most successful at mitigating fraud and reducing risk have adopted a layered, interconnected approach to identity confirmation and fraud prevention. One vital tool in this process is identity document verification. This crucial step not only safeguards the integrity of financial systems but also protects individuals and organizations from fraud, money laundering and other illicit activities. In this blog, we will delve into the significance of identity document verification in financial services and explore how it strengthens the overall security landscape.  Preventing identity theft and fraud Identity document verification plays a vital role in thwarting identity theft and fraudulent activities. By verifying the authenticity of identification documents, financial institutions can ensure that the individuals accessing their services are who they claim to be. Sophisticated verification processes, including biometric identification and document validation, help detect counterfeit documents, stolen identities and impersonation attempts. By mitigating these risks, financial institutions can protect their customers from unauthorized access to accounts, fraudulent transactions and potential financial ruin. Compliance with regulatory requirements Financial institutions operate in an environment governed by stringent regulatory frameworks designed to combat money laundering, terrorist financing and other financial crimes. Identity document verification is a key component of these regulatory requirements. By conducting thorough verification checks, financial service providers can adhere to Know Your Customer (KYC) and Anti-Money Laundering (AML) regulations. Compliance safeguards the institution's reputation and helps combat illicit financial activities that can have far-reaching consequences for national security and stability. Mitigating risk and enhancing trust Effective identity document verification mitigates risks associated with financial services. By verifying the identity of customers, financial institutions can reduce the likelihood of fraudulent activities, such as account takeovers, unauthorized transactions and loan fraud. This verification process bolsters the overall security of the financial system and creates a more trustworthy environment for stakeholders. Trust is fundamental in establishing long-lasting customer relationships and attracting new clients to financial institutions.   Facilitating digital onboarding and seamless customer experience As financial services embrace digital transformation, identity document verification becomes essential for smooth onboarding processes. Automated identity verification solutions enable customers to open accounts and access services remotely, eliminating the need for in-person visits or cumbersome paperwork. By streamlining the customer experience and minimizing the time and effort required for account setup, financial institutions can attract tech-savvy individuals and enhance customer satisfaction.  Combating money laundering and terrorist financing Proper document verification is a key component of combating money laundering and terrorist financing activities. By verifying customer identities, financial institutions can establish the source of funds and detect suspicious transactions that may be linked to illicit activities. This proactive approach helps protect the integrity of the financial system, supports national security efforts, and contributes to the global fight against organized crime and terrorism. Identity document verification is a vital component in the layered, interconnected approach to mitigating and preventing fraud in modern financial services. By leveraging advanced technologies and robust verification processes, financial institutions can ensure the authenticity of customer identities, comply with regulatory requirements, mitigate risk and enhance trust.  As financial services continue evolving in an increasingly digital landscape, identity document verification will remain a crucial tool for safeguarding the security and integrity of the global financial system.  For more information on how Experian can help you reduce fraud while delivering a seamless customer experience, visit our fraud management solutions hub.   Learn more

More than half of U.S. businesses say they discuss fraud management often, making fraud detection in banking top-of-mind. Banking fraud prevention can seem daunting, but with the proper tools, banks, credit unions, fintechs, and other financial institutions can frustrate and root out fraudsters while maintaining a positive experience for good customers. What is banking fraud? Banking fraud is a type of financial crime that uses illegal means to obtain money, assets, or other property owned or held by a bank, other financial institution, or customers of the bank. This type of fraud can be difficult to detect when misclassified as credit risk or written off as a loss rather than investigated and prevented in the future. Fraud that impacts financial institutions consists of small-scale one-off events or larger efforts perpetrated by fraud rings. Not long ago, many of the techniques utilized by fraudsters required in-person or phone-based activities. Now, many of these activities are online, making it easier for fraudsters to disguise their intent and perpetrate multiple attacks at once or in sequence. Banking fraud can include: Identity theft: When a bad actor steals a consumer’s personal information and uses it to take money, open credit accounts, make purchases, and more. Check fraud: This type of fraud occurs when a fraudster writes a bad check, forges information, or steals and alters someone else’s check. Credit card fraud: A form of identity theft where a bad actor makes purchases or gets a cash advance in the name of an unsuspecting consumer. The fraudster may takeover an existing account by gaining access to account numbers online, steal a physical card, or open a new account in someone else’s name.  Phishing: These malicious efforts allow scammers to steal personal and account information through use of email, or in the case of smishing, through text messages. The fraudster often sends a link to the consumer that looks legitimate but is designed to steal login information, personally identifiable information, and more. Direct deposit account fraud: Also known as DDA fraud, criminals monetize stolen information to open new accounts and divert funds from payroll, assistance programs, and more. Unfortunately, this type of fraud doesn’t just lead to lost funds – it also exposes consumer data, impacts banks’ reputations, and has larger implications for the financial system. Today, top concerns for banks include generative AI (GenAI) fraud, peer-to-peer (P2P) payment scams, identity theft and transaction fraud. Without the proper detection and prevention techniques, it’s difficult for banks to keep fraudsters perpetrating these schemes out. What is banking fraud prevention? Detecting and preventing banking fraud consists of a set of techniques and tasks that help protect customers, assets and systems from those with malicious intent. Risk management solutions for banks identify fraudulent access attempts, suspicious transfer requests, signs of false identities, and more. The financial industry is constantly evolving, and so are fraudsters. As a result, it’s important for organizations to stay ahead of the curve by investing in new fraud prevention technologies. Depending on the size and sophistication of your institution, the tools and techniques that comprise your banking fraud prevention solutions may look different. However, every strategy should include multiple layers of friction designed to trip up fraudsters enough to abandon their efforts, and include flags for suspicious activity and other indicators that a user or transaction requires further scrutiny.   Some of the emerging trends in banking fraud prevention include: Use of artificial intelligence (AI) and machine learning (ML). While these technologies aren’t new, they are finding footing across industries as they can be used to identify patterns consistent with fraudulent activity – some of which are difficult or time-consuming to detect with traditional methods. Behavioral analytics and biometrics. By noting standard customer behaviors — e.g., which devices they use and when — and how they use those devices — looking for markers of human behavior vs. bot or fraud ring activity — organizations can flag riskier users for additional authentication and verification. Leveraging additional data sources. By looking beyond standard credit reports when opening credit accounts, organizations can better detect signs of identity theft, synthetic identities, and even potential first-party fraud.     With real-time fraud detection tools in place, financial institutions can more easily identify good consumers and allow them to complete their requests while applying the right amount and type of friction to detect and prevent fraud.   How to prevent and detect banking fraud In order to be successful in the fight against fraud and keep yourself and your customers safe, financial institutions of all sizes and types must: Balance risk mitigation with the customer experience Ensure seamless interactions across platforms for known consumers who present little to no risk Leverage proper identity resolution and verification tools Recognize good consumers and apply the proper fraud mitigation techniques to riskier scenarios With Experian’s interconnected approach to fraud detection in banking, incorporating data, analytics, fraud risk scores, device intelligence, and more, you can track and assess various activities and determine where additional authentication, friction, or human intervention is required. Learn more

Experian’s eighth annual identity and fraud report found that consumers continue to express concerns with online security, and while businesses are concerned with fraud, only half fully understand its impact – a problem we previously explored in last year’s global fraud report. In our latest report, we explore today’s evolving fraud landscape and influence on identity, the consumer experience, and business strategies. We surveyed more than 2,000 U.S. consumers and 200 U.S. businesses about their concerns, priorities, and investments for our 2023 Identity and Fraud Report. This year’s report dives into: Consumer concerns around identity theft, credit card fraud, online privacy, and scams such as phishing.Business allocation to fraud management solutions across industries.Consumer expectations for both security and their experience.The benefits of a layered solution that leverages identity resolution, identity management, multifactor authentication solutions, and more. To identify and treat each fraud type appropriately, you need a layered approach that keeps up with ever-changing fraud and applies the right friction at the right time using identity verification solutions, real-time fraud risk alerts, and enterprise orchestration. This method can reduce fraud risks and help provide a more streamlined, unified experience for your consumers. To learn more about our findings and how to implement an effective solution, download Experian’s 2023 Identity and Fraud Report. Download the report

Millions of people access the internet every day using desktop computers, laptops, and mobile devices. Though an increased number of online users have been accessing the web while working from home due to the pandemic, many are still going online in public places and using public wi-fi and/or unsecured networks, such as coffee shops, airports, and internet cafes. While it may be convenient to access the internet from anywhere at any time, there are risks involved with doing so. Connecting to the internet on an unsecured network without the proper protection can render your device vulnerable to data collection, tracking, and targeting from hackers. The best way to protect yourself from these kinds of attacks is to use a Virtual Private Network, or VPN. What is a Virtual Private Network? A Virtual Private Network (VPN) creates an encrypted, private connection to the internet that allows you to securely browse the web while protecting your information from being tracked or targeted. Globally, there are approximately 1.5 billion VPN users as of 2023, making up about a third of all internet users worldwide. 43% of these people use a VPN for security reasons.[1] How does a VPN work? A VPN routes your internet traffic through a different server, rather than the server your internet service provider usually uses. The data you send and receive is then encrypted, so even if it were to fall into the wrong hands, it would be unreadable. Your data will appear to be sent from the VPN itself, instead of from your device. This provides an additional layer of privacy to your browsing experience, especially if you’re using a public or unsecured network to access the internet. How can you use a VPN? With Experian’s Secure VPN, what you search, see, and share on your mobile or desktop devices stays hidden from hackers, preventing data collection, tracking, and targeting. You can confidently connect to a stronger, more reliable, private Wi-Fi connection that secures your devices’ online or offline activity. What are the benefits of Experian’s Secure VPN? You can use Experian’s Secure VPN on an unlimited number of desktop and mobile devices, so your whole family can be protected. Secure VPN’s high-speed connection ensures that you won’t need to worry about slow loading times or dropped connections, and its unrivaled security allows you to take advantage of best-in-class privacy. Browsing the internet on an unsecured network is risky and can leave you open to data theft and identity fraud. By using a VPN, you’ll enjoy a safer, more secure internet experience. Visit our website to learn more about Experian’s Digital Privacy and Control solutions. [1]DataProt.net. VPN Statistics for 2023 – Keeping Your Browsing Habits Private.

There’s an undeniable link between economic and fraud trends. During times of economic stress, fraudsters engage in activities specifically designed to target strained consumers and businesses. By layering risk management and fraud prevention tools, your organization can manage focus on growing safely. Download infographic Review your fraud strategy  

The average person spends nearly seven hours a day online[1]. Much of that time consists of sharing personal information with a variety of websites, which can sometimes lead to bad actors gaining unauthorized access to your personal information for ill-intended purposes. Theft of your personal information – and subsequently, identity fraud – can have seriously damaging consequences. According to a report from the AARP, nearly 42 million Americans fell victim to identity fraud in 2021, costing $52 billion in losses[2]. You can proactively take three easy steps to protect and keep track of your personal information online. 1. Keep your information updated. Outdated information can lead to problems for your online accounts. If an old online account that you no longer use has outdated information such as a previous home address where you no longer live, or an email address you haven’t used recently, that information can sometimes be used to access your current online accounts. If a hacker has access to those details, they could potentially use that information for criminal activity such as making unauthorized transfers from your bank account. Solution: Make sure your information – name, email address, phone number, mailing address, etc. – is up to date across any websites you use frequently. This may include online shopping, financial information, medical records, email accounts, and/or social media networks. It’s also a good idea to delete any online accounts you no longer use and/or remove any out-of-date information from those accounts. 2. Switch up your passwords. Using the same password for too long, or for multiple accounts, can make it easy for hackers to obtain your personal information. Creating a secure password that’s also easy to remember can be a challenge. Many hackers will try to guess your password based on common information that’s easy to remember, such as birthdates, anniversaries, names of family members or pets, or street addresses. Solution: Change your password at least every six months for any websites where you’ve shared your personal information, and make sure this password can’t be easily guessed. Avoid special dates, names, or street addresses. Using a password manager can help you generate stronger passwords and keep track of existing ones across multiple online accounts, while safely storing and protecting your login information in one place. 3. Add two-factor authentication when possible. Without it, hackers can more easily break into your accounts and gain access to your personal information. Two-factor authentication adds a second layer of defense against people who try to gain access to your online accounts without your permission. Without it, a hacker only needs to obtain your email address and guess your password to get into your account and steal your personal information. Solution: Enable two-factor authentication for as many of your online accounts as possible. When this feature is turned on, a temporary code will be sent to your phone or email inbox whenever you attempt to log in to your account. Since hackers will not have access to this code, they will not be able to access your account.  Identity theft is a serious concern with potentially severe consequences. Avoid any unnecessary risk by:   Keeping your information up to date Changing your passwords often Adding two-factor authentication when possible By taking these proactive steps, you can drastically reduce your risk of falling victim to identity theft while maintaining control of your personal information online. Learn more about our identity protection services [1] Oberlo. 2022. How Much Time Does the Average Person Spend on the Internet? [2] AARP. 2022. Identity Fraud Hit 42 Million People in 2021.

Many adult Americans understand the value of monitoring their financial, credit, and online activity for identity theft. With fraudulent online activity on the rise, more and more people in the United States are taking proactive steps to protect themselves against attacks from cyber criminals. However, a lesser-known threat is identity theft against children. How does child identity theft happen? In 2021, 1.25 million victims of identity theft and fraud were children, with each case costing an average of about $1,110 to resolve.[1] Since the credit scores of children are checked much less frequently than those of adults, children are considered easy targets for cyber criminals because the theft can remain undetected for a longer period of time. Children may also inadvertently share their personal information, such as birthdates, addresses, and phone numbers, on their social media channels and other places around the internet. This can make it even easier for hackers to obtain that information and commit identity theft. Why are children at risk? A child’s credit score is usually checked for the first time when they turn 18 years old, as they begin to make more adult decisions such as opening a checking account, applying for a job, or building credit. The time leading up to a child’s 18th birthday can leave them open to the threat of identity theft if the appropriate safety measures are not put into place. This is why it’s crucial for consumers with children to extend their own identity protection to their kids. How can consumers protect children from identity theft Child identity monitoring services can provide alerts of potential theft to parents and help safeguard their children’s identity and credit. These services can include social media, dark web, and social security number monitoring to ensure that children’s personal information is protected and secure across multiple areas of the internet. If a child’s identity is stolen, child monitoring services can also extend to identity theft insurance and identity restoration to help parents recover their child’s identity and minimize the damage. By implementing a child monitoring service, parents can protect the identities of their loved ones and resolve any threats of potential theft as quickly as possible. Click here to learn more [1]Yahoo.com. 2021. Child Identity Fraud Costs Nearly $1 Billion Annually, According to a New Study From Javelin Strategy & Research.