Are you who you say you are? To protect sensitive information, that’s the question every business must ask their customers to guard against identity theft. Unfortunately, it turns out, too many businesses remain unequipped to identify the correct answer. Melissa Solis, Head of GIACT, a Refinitiv company, explains.
- According to a newly released report underwritten by GIACT, a Refinitiv company, the U.S. experienced $712.4bn in identity theft losses in 2020. This was a 42 percent year-on-year increase, up from $502.5bn in 2019.
- COVID-19 has created behavioural changes in consumers, which has resulted in a record creation of new online accounts. Organised crime and amateur fraudsters have launched identity theft attacks to exploit this trend.
- To fight financial crime more effectively, companies and financial institutions must implement stronger validation and authentication controls, and educate customers. But they will also have to improve and diversify the types of data being used to authenticate customers and detect fraud.
For more data-driven insights in your Inbox, subscribe to the Refinitiv Perspectives weekly newsletter.
“Are you who you say you are?” This question that businesses must ask their customers comes at a time when two big trends are at play.
One trend is the increasingly vast amount of personally identifiable information (PII) that now sits on dark web marketplaces, and which is being sold as bundled packages. This is giving fraud operators massive amounts of data, such as name, date of birth, Social Security number and home address, for example, on hundreds of potential targets.
Coupled with social media, fraud operators are able to combine these data points with pictures, contact information and even the victim’s whereabouts and habits.
The role of organised crime and identity theft
Another trend is the role played by well-organised, well-funded international criminal enterprises in identity theft attacks, targeting businesses and consumers alike. Meanwhile, amateur fraudsters – perhaps out of work, desperate for money, or just bored in quarantine – have also found ways to defraud victims for a buck.
Both groups found new opportunities during COVID-19 as fear mixed with behavioural changes, and a record creation of new online accounts occurred, along with the adoption of new methods of banking and payments.
The convergence of these trends has resulted in fresh, highly sophisticated identity fraud schemes. A case in point, according to a newly released report from Aite Group, underwritten by GIACT, U.S. Identity Theft: The Stark Reality, the U.S. experienced $712.4bn in identity theft losses in 2020 – a 42 percent YoY increase, up from $502.5bn in 2019.
We will now touch on the types of identity schemes that are contributing to these losses, the impact on consumers and how businesses across various industries should look to address it.
Identity theft, account takeover, application fraud
One of the most striking findings detailed in the Aite Group report was the sheer pervasiveness of identity-related fraud schemes, including identity theft, account takeover and application fraud.
According to the report, almost half (47 percent) of U.S. consumers surveyed said that they experienced identity theft in the past two years (2019-20). Identity theft generally occurs when an application is made for a new product or service without a victim’s consent or when a victim is impersonated by a fraudster to take over an existing account or accounts.
Over one-third (38 percent) of U.S. consumers have experienced account takeover over the past two years. Account takeover includes the unauthorised access to a consumer’s existing account.
And well over one-third (37 percent) experienced application fraud over the past two years. Application fraud includes the unauthorised use of one’s identity to apply for an account.
Losses in 2021 are expected to rise (see the bar chart, above), as many identity schemes currently in process will remain undetected until the fraudster’s ‘breakout’ occurs.
With money and patience, fraud operators will build credit, for example, slowly working up a credit limit on behalf of their victim. When the limit is high enough, they’ll cash out, leaving the victim holding the bag.
If not addressed, serious losses, customer dissatisfaction and reputational damage are almost certain.
Following an attack, for example, the report found serious consumer dissatisfaction with the assistance provided to the victims of identity theft.
Among those dissatisfied with the assistance provided, nearly half (42 percent) of those who experienced identity theft in connection with a new credit card fraudulent application and over half (56 percent) of those who experienced consumer loan application fraud said they were unlikely to do business with the at-fault financial institution in the future.
How did the victim find out that they had been the target of identity theft?
On average, nearly one-third of surveyed consumers detected checking, credit or consumer loan fraud on their own, while less than a quarter were notified by their financial institution or by the financial institution where the fraudulent account was opened. And nearly a quarter on average were notified by a collection agency.
Watch the video: Refinitiv Acquires GIACT To Build End-to-End Security
Companies and financial institutions play a critical role in fraud prevention, from implementing stronger validation and authentication controls, to customer education.
To combat fraud, they will have to ramp up their customer authentication process by monitoring and validating their consumers at every touch point, throughout the customer lifecycle. Single-point solutions won’t work. And with so much personally identifiable information already exposed and publicly available, they will also have to improve and diversify the types of data being used to authenticate customers and detect fraud.
Learn about how you can prevent all types of identity-related fraud by visiting GIACT.
GIACT, a Refinitiv company, is the leader in helping companies positively identify and authenticate customers. Since 2004, GIACT has been empowering businesses across all industries with data-driven insights to prevent identity and payments fraud and improve compliance procedures, all through a single platform – the EPIC Platform®.