The pandemic has altered daily life in countless ways, driving a digital shift in banking, commerce, and countless other services. For the first time, e-commerce sales are expected to hit $1 trillion this year, a milestone that illustrates the titanic role of the Internet in the modern economy.
However, this increased online engagement has its drawbacks, especially when it comes to digital fraud. Every boarding, money transfer or sale is a potential entry point for criminals, many of whom use spoofing techniques to trick automated systems and steal funds or data.
Traditional fraud techniques have major shortcomings in detecting identity theft, but newer solutions have significant potential for improvement. This month, PYMNTS Intelligence examines the spoofing methods used by malicious actors and how new technologies such as behavioral analysis can detect and stop them.
Businesses and Banks Face Various Identity Theft Threats
Banks and businesses face a wide range of fraud threats, with various forms of identity fraud including some of the most prevalent techniques. A recent study found that stolen identities were the top fraud threat faced by financial institutions (FIs) over the past year at 55%, with synthetic identities coming in second at 44%. Both forms consist of fraudsters assuming fake identities, but the specifics differ significantly: while the first method involves fraudsters stealing the identities of real people, the second sees bad actors constructing new identities out of anything. Unlike fraud committed with stolen identities, synthetic identity fraud does not have victims of theft informing organizations of fraudulent applications or purchases made in their name, leaving businesses entirely dependent on their own security systems. to catch it. This type of fraud costs organizations up to $20 billion per year, and traditional identity verification solutions miss up to 95% of synthetic identity fraud cases.
A related threat that can be even more dangerous is account takeover (ATO) fraud, which involves malicious actors taking full control of customer accounts for malicious purposes. Fraudsters could use stored payment information to make fraudulent purchases, drain reward point accounts, or even steal personal data such as usernames, passwords, and email addresses and sell them on dark web markets. ATO attempts skyrockets 282% last year, and every successful attack Cost consumers $290 on average and takes 15 hours to resolve. The opportunity cost of losing customer loyalty is incalculable because a customer who is defrauded on a company’s platform is unlikely to make purchases there again.
Businesses urgently need to stop these types of identity theft and prevent the resulting data loss, theft of funds, and customer abandonment. Creative fraudsters can circumvent many forms of identity verification, but behavioral analysis can stop them dead.
Fight against identity fraud through behavioral analysis
Companies generally agree on the need to protect themselves and their customers against fraudulent attacks. A recent study by PYMNTS found that over 77% of businesses believe that using digital processes to authenticate customer identities is as important or more important today than it was in the past. past.
However, there are many potential sticking points in client authentication. Many identity verification systems have high levels of friction with customers, requiring users to enter multiple pieces of information or completely halt a purchase or application process to re-verify the user’s identity. A case study revealed that an online lender suffered up to 70% attrition in completing a simple loan process, with the vast majority of customers deciding to drop the application altogether rather than go through an identity verification process. This level of abandonment can potentially be even worse than the losses resulting from simply allowing the fraud to go unchecked, which is obviously not a reasonable option.
Behavioral analytics can eliminate much of this friction without compromising fraud detection. Unlike other intrusive verification systems such as multi-factor authentication (MFA), behavioral analysis does not require customers to perform additional steps, but instead observes the entry of their names, usernames , addresses or other identification details already required. Legitimate customers will enter their own name quickly and with few errors, for example, while a fraudster might introduce misspellings or copy-paste the name from another form. A behavioral analysis case study found that the system saved the user over $800,000 in fraud-related losses, including those resulting from fraud methods that their existing cybersecurity system failed to detect.
Many forms of identity theft are almost invisible to modern fraud detection systems, making behavioral analysis an ideal second line of defense. The funds saved in stopping fraud are matched only by those gained in preventing customer abandonment.