• Home
  • About Us
  • Contact Us
  • Privacy Policy
  • Special Offers
Business Intelligence Info
  • Business Intelligence
    • BI News and Info
    • Big Data
    • Mobile and Cloud
    • Self-Service BI
  • CRM
    • CRM News and Info
    • InfusionSoft
    • Microsoft Dynamics CRM
    • NetSuite
    • OnContact
    • Salesforce
    • Workbooks
  • Data Mining
    • Pentaho
    • Sisense
    • Tableau
    • TIBCO Spotfire
  • Data Warehousing
    • DWH News and Info
    • IBM DB2
    • Microsoft SQL Server
    • Oracle
    • Teradata
  • Predictive Analytics
    • FICO
    • KNIME
    • Mathematica
    • Matlab
    • Minitab
    • RapidMiner
    • Revolution
    • SAP
    • SAS/SPSS
  • Humor

Tag Archives: fraud

Equifax will pay $640 million for Kount’s AI-driven identity and fraud prevention tools

January 9, 2021   Big Data
Equifax will pay $640 million for Kount’s AI driven identity and fraud prevention tools

Transform 2021

Join us for the world’s leading event about accelerating enterprise transformation with AI and Data, for enterprise technology decision-makers, presented by the #1 publisher in AI and Data

Learn More


Equifax announced today that it would pay $ 640 million to acquire Kount, a company that uses artificial intelligence to drive its fraud prevention and digital identity services. In a press release, Equifax executives said the deal would allow the company to further expand into these markets.

Kount uses AI to analyze 32 billion transactions across 17 billion devices. As the system builds its intelligence, it is shifting from just analysis to predictive modes with the goal of helping companies prevent digital fraud.

“As digital migration accelerates, managing authentication and online fraud while optimizing the consumer’s experience has become one of our customers’ top challenges,” said Equifax CEO Mark Begor in a statement. “Our data and technology cloud investments allow us to quickly and aggressively integrate new data and analytics assets like Kount into our global capabilities and bring new market-leading products and solutions to our customers.”

Kount, founded in 2007, is representative of the hopes enterprises have that AI and machine learning can be used to help scale defenses to meet the rising challenges and resources behind cyberattacks.

In this case, Kount’s AI determines the trustworthiness of any identity used to create an account, attempt to login a, or make a payment. By allowing businesses to fine-tune the level of trust they want in their systems, they can decide on the percentage of transactions that are blocked and transferred to customer service.

The goal is to lower that percentage, which accelerates the rate of transactions approved, while still minimizing fraud and chargebacks. Equifax said Kount products would eventually become part of its own Luminate fraud platform.

VentureBeat

VentureBeat’s mission is to be a digital townsquare for technical decision makers to gain knowledge about transformative technology and transact.

Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:

  • up-to-date information on the subjects of interest to you,
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform
  • networking features, and more.

Become a member

Let’s block ads! (Why?)

Big Data – VentureBeat

Read More

Silent Eight leverages AI to detect and solve financial fraud

October 19, 2020   Big Data
Silent Eight leverages AI to detect and solve financial fraud

The audio problem

Learn how new cloud-based API solutions are solving imperfect, frustrating audio in video conferences.

Access here

Silent Eight, a cybersecurity startup leveraging AI to combat fraud, today closed a $ 15 million funding round. The company says the funds will be used to accelerate current hiring efforts and fuel customer acquisition as it expands to new geographies.

While technologies like embedded chip cards and two-factor authentication have helped reduce financial fraud, the problem remains widespread. According to a report from Javelin, the number of consumers falling victim to identity fraud exceeded 14 million in 2018. At least 3.3 million of those were held partially liable for fraud committed against them, with out-of-pocket costs hitting a record $ 1.7 billion.

Silent Eight’s platform claims to avert fraud by learning how to conduct investigations from past alerts. It recognizes anomalous behavior by drawing on databases and watchlists and provides a degree of transparency regarding financial decisions.

Silent Eight says its systems can scan structured, semi-structured, and unstructured databases in a range of formats, such as online news articles, screening engines, and case management systems. The company says it can also process petabytes of data to identify potential relationships. For each solved alert, Silent Eight outputs a decision with a summary of supporting evidence and reasoning.

Silent Eight’s platform is in limited release with select customers, including Standard Chartered Bank, which has been using it since December 2018 across over 70 markets in the U.S., the U.K., Singapore, and Hong Kong. But Silent Eight says it plans to publicly launch the platform by the end of 2020. In place of a license fee, the company plans to only charge customers for fraud it helps solve.

This latest funding round — which brings the seven-year-old company’s total raised to over $ 15 million — was led by SC Ventures (the venture capital arm of Standard Chartered) with participation from existing backers.

“Since the beginning of 2020, Silent Eight has doubled in scale, with more and larger clients added to its roster and a growing pipeline going into Q4,” a spokesperson told VentureBeat. “The company has also successfully built new solutions to help banks to navigate new challenges brought by COVID-19. To address this new dynamic, Silent Eight has launched an on-demand cloud-based AI solution to enable continuous real-time name, entity, and transaction screening.”

The global fraud detection and prevention market is anticipated to reach $ 23.3 billion this year, according to Grand View Research, and Singapore-based Silent Eight is by no means the only contender. Two years ago, PayPal acquired AI-powered fraud detection startup Simility for $ 120 million. Sift Science meshes big data and machine learning to spot patterns and detect fake accounts, payment fraud, account takeover, and content abuse. Socure is developing a range of cloud-based identity verification and fraud prevention solutions. Other players include Singapore-based CashShield, Tel Aviv-based Forter, Paris-based Shift Technology, and U.K.-based Featurespace. Pindrop, which is based in Atlanta and counts Google Capital among its investors, is another rival.

Sign up for Funding Weekly to start your week with VB’s top funding stories.

Let’s block ads! (Why?)

Big Data – VentureBeat

Read More

ProBeat: As Google Shopping challenges Amazon with free listings, fraud is inevitable

April 26, 2020   Big Data

Google this week announced that Google Shopping will be free for merchants next week in the U.S. and by end of year globally. Google Shopping results will soon “consist primarily of free listings.” That’s right; until now, Google Shopping showed only paid listings instead of serving, oh, I don’t know, the best listings Google found on the web. The change is a huge win for any business owner that sells products online, and anyone who buys online, and is thus a direct attack on Amazon. It’s also bound to bring the same problems that Amazon experiences.

Froogle was born in December 2002, rebranded to Google Product Search in April 2007, and then again renamed to Google Shopping in May 2012. That last change was bigger than just a new coat of paint — soon after, Google adopted a pay-to-play model. At the time, small businesses argued they would not be able to compete with larger companies’ advertising budgets. Eight years later, when there are “hundreds of millions of shopping searches on Google each day,” the company is reversing course. The reason? “We know that many retailers have the items people need in stock and ready to ship, but are less discoverable online.” Those small businesses do matter, after all.

Google switching away from pay-to-play is massive news for ecommerce. Free listings are coming at a time when millions of stores have been forced to shut down. But the company says it’s simply accelerating existing plans — this isn’t a pandemic-driven limited-time offer. Google is permanently removing a big barrier to entry for smaller players. And yet, free listings are a double-edged sword. Anyone can start selling via Google Shopping. Also, anyone can start selling via Google Shopping. That won’t just translate to more consumer choice, but consumers overwhelmed with choice. Google will naturally pitch ads to small businesses looking to stand out. But ads won’t stop Google Shopping’s bigger inevitable problem: fraud.

All about Amazon

Every ecommerce conversation either directly or indirectly references Amazon. You simply cannot talk about online shopping and not mention the online retail giant. Everyone else in the space frankly fears the company, whether they admit to it or not.

Removing the ad requirement now is a smart move for Google. The pandemic has led to ad rates plummeting and online shopping taking off. Amazon’s stock is at an all-time high, while Google’s has taken a hit. (Both companies report earnings next week, so we’ll have a better idea of their financials then.)

ProBeat: As Google Shopping challenges Amazon with free listings, fraud is inevitable

Google argues free listings means retailers will gain free exposure to millions of people, and shoppers will get more products from more stores. It’s easy to see how Google thinks this will play out. Opening Google Shopping to everyone means more products available to consumers. More products available means more product searches and higher usage. Higher usage means more competition and more pull against Amazon. More pull against Amazon means more value to advertisers. Remember: The majority of Google’s revenue comes from ads.

Google is betting on scale, as it often does. Even though the company will no longer require ads, the long-term bet is to make more money from shopping ads, not less.

Fraud

Like many tech giants, Amazon has big problems. They include the usual antitrust and ethics concerns, as well as atrocious working conditions. But Amazon is adored for its shopping experience, which doesn’t really have issues. Except one.

More than half of Amazon’s sales come from third-party sellers. Embracing small businesses has been a huge boon for its own business, but it’s also incredibly difficult to manage. That’s why there are so many horror stories of fraud on Amazon. I’m not talking about purchasing a product on Amazon and not receiving it. I’m talking about consumers receiving a counterfeit version of a product and merchants finding their legitimate products resold at a markup. If you’re buying something important from Amazon, such as children’s toys or health care products, it’s important to check that you’re getting it from Amazon directly and not a third-party seller that ships who-knows-what in an Amazon box. Meanwhile, small businesses often spend enormous resources policing and reporting their own products being resold on Amazon by those trying to make a quick buck.

Except for a handful of its own phones, tablets, and laptops sold in the Google Store, all of Google Shopping sales come from third-party sellers. There is no easy way to ensure that a product isn’t screwing the consumer and/or the merchant. Well, at least not anymore. That’s what paid listings was helping accomplish. It becomes very expensive, very quickly to sell scam products if you have to pay every single time.

I’m sure Google will work harder than Amazon to keep fraud off Google Shopping. The company has to, after all, as it hasn’t spent its whole existence building its own store and products. Overall, Google Shopping going free is a good thing, both for consumers and for merchants. But consumers and merchants will likely have to be more vigilant, while small businesses will have to pay up to stand out. Just like on Amazon.

ProBeat is a column in which Emil rants about whatever crosses him that week.

Let’s block ads! (Why?)

Big Data – VentureBeat

Read More

Verisk, aided by Spotfire, Protects Insurers from Weather-Related Claims Fraud

August 2, 2019   TIBCO Spotfire
TIBCOSpotfireVerisk 696x464 Verisk, aided by Spotfire, Protects Insurers from Weather Related Claims Fraud

When insurance companies are faced with substantial claims that must be verified, they turn to Verisk. When Verisk needed a data visualization tool to assist those insurance companies, it turned to TIBCO. 

Insurance companies have a difficult task of ensuring the claims they accept are valid, in order to prevent loss due to fraud. With the world’s largest, most comprehensive claims database, Verisk is there to help. One of the main uses of the database is to verify weather patterns and natural disaster-related damage claims—insurers can easily detect fraud if a claim doesn’t match up with the weather at the time. 

While Verisk’s database used to only turn up text reports for adjusters to check claims against, now it provides them with visual, multilayered analyses of weather patterns supported by TIBCO Spotfire®. TIBCO Spotfire allows users to view a wide range of dashboards with visual representations of the claims currently in Verisk’s database, making it easier to detect fraud based on visual anomalies in the data. On the other hand, if there is a series of claims that have already been verified at that time and place in the database, adjusters can be more certain that they have a valid case. 

One of the best examples of how useful data visualization is to insurance adjusters is hurricane season. Verisk is able to track the weather around hurricanes and create predictive models based on where the related damage occurred. “By laying claims data on a map where storm damage occurred, we empowered our customers to confirm losses—as well as detect outliers that could be indicators of opportunistic fraud,” said Anthony Fiorino, vice president of engineering and chief data officer at Verisk. 

To learn about the various other ways TIBCO Spotfire is helping Verisk help customers, check out the full case study now. 

Let’s block ads! (Why?)

The TIBCO Blog

Read More

Account Takeover Fraud in Telecom – 4 Things to Watch

July 25, 2019   FICO
Telco%20Fraud%402x Account Takeover Fraud in Telecom – 4 Things to Watch

My last post introduced the topic of subscription fraud in telecommunications. Here, I will broaden the focus to include account takeover fraud.

As CSPs have looked to introduce additional controls and checks at the front-end onboarding process, fraudsters have moved to account takeover. As with onboarding, the customer experience and convenience are king for upgrade and re-sign processes. CSPs have taken steps to simplify account access for existing customers, but this also gives fraudsters a chance to systematically test for weaknesses to exploit.

In the case of account takeover, there are a number of factors that CSPs should look out for when existing customers place new orders. These include:

  • Recent changes to the account, such as home and delivery addresses, email, password or other credentials
  • Age of customer, as older account holders are more likely to be victims of fraud and may be more susceptible to social engineering
  • Exceptional spend — devices with significantly higher value than the customer’s previous
  • Problems in particular delivery areas — effective liaison with delivery contractors and couriers can help here

Of course, there are multiple other factors which come into play and, whilst business rules can be used to add controls, these will add barriers to the genuine customer that wants to transact. They’ll also become obsolete pretty quickly as fraudsters change tactics after hitting the barrier. Effective analytics should be used to properly understand the relationships within the data and their likelihood of being indicative of fraud.

In my next post I’ll look at analytics that can help CSPs manage subscription fraud and account takeover fraud.

Let’s block ads! (Why?)

FICO

Read More

Got Enough Fraud… Models That Is?

July 3, 2019   FICO
Fraud Models 1 Got Enough Fraud… Models That Is?

When designing a strategy for detecting and preventing fraud, everyone always comes to the same conclusion—there is no silver bullet. There are simply too many variables, and too much change in technology, customer behavior and fraudsters’ tactics for any one solution to work effectively and sustainably for every organization, no matter how sophisticated.

Consequently, experienced fraud management executives are constantly experimenting and evaluating new data sources, scores, models, algorithms and technologies for that competitive edge. They observe customers’ behavior, survey their preferences and maintain a working knowledge of fraudsters’ evolving tactics.

The goal is the same for everyone—minimize fraud losses while effectively balancing customers’ experiences and operational expenses. But the exact recipe each organization lands on—the mix of processes, people and products—varies widely and changes constantly.

Fraud Models – Five keys to finding the right fraud score

Many different providers—whether associations, processors, switches or analytic firms—have begun to offer unique fraud scoring models, targeting different products, channels and customer segments. There are also many fraud platforms that allow organizations to build and deploy their own internal models.

So, which fraud scores will be most effective for your organization? There really isn’t a secret formula, but there are some basic principles, gleaned from years of experience working with industry leaders, to incorporate into your organization.

First, you should know that leveraging multiple fraud scores is a perfectly fine practice. Each vendor has different techniques and algorithms to produce their fraud score. Every technique has its own advantages and disadvantages. While it is important to understand the underlying technology driving the different fraud scores, what is more important is the performance and effectiveness of each fraud score, and whether it solves your business challenges.

Second, you should not underestimate the power of consortium data. The sources, quality and quantity of data is a critical component in developing robust models. Be mindful of startup vendors with a minimal client base touting consortium models. A good consortium should be representative of the industry it is representing.

Third, some fraud scores are now “mandatory.”  What this means is that a provider (scheme/association or processor/switch) may be requiring the use of their fraud score, but don’t be afraid to question and quantify the effectiveness of the fraud score.

Fourth, measure the effectiveness of fraud scores. You can measure model performance effectiveness in a dozen different ways. What is important is that you are using the same approach and methodology across all fraud scores. Never apply performance metrics you have received from one vendor across all other vendors, as they are all likely using different ways to measure performance. A simple metric like value detection rate can be measured in several different ways. Find a common suite of performance metrics you can measure against all fraud scoring models.

Lastly, don’t forget about cost and benefit. Understanding the cost should always be part of your evaluation of fraud scores. The benefit is equally important, as it is in any performance comparison. Do your fraud scores overlap in some areas? Can one model be utilized for part of your portfolio and another model for the other portfolios?

As fraud continues to evolve, so should fraud technology and scoring models. There are now a number of different providers out in the market that provide effective scoring models. As such, you shouldn’t rely solely on one provider; rather, leverage as many as possible. And lastly, ensure a fair model comparison has been completed utilizing a common suite of key performance.

+++

Drew Manuel is a senior director within the Fraud, Security and Compliance unit of FICO Advisors. He has over 24 years’ experience in the fraud industry and is regularly called upon to do fraud model/score reviews by clients around the world.

Enjoyed this blog? Why not read this one too.

Does Your Fraud Department Have the Right KPIs?

Let’s block ads! (Why?)

FICO

Read More

Got Enough Fraud… Models That Is?

June 24, 2019   FICO
Fraud Models Got Enough Fraud… Models That Is?

When designing a strategy for detecting and preventing fraud, everyone always comes to the same conclusion—there is no silver bullet. There are simply too many variables, and too much change in technology, customer behavior and fraudsters’ tactics for any one solution to work effectively and sustainably for every organization, no matter how sophisticated.

Consequently, experienced fraud management executives are constantly experimenting and evaluating new data sources, scores, models, algorithms and technologies for that competitive edge. They observe customers’ behavior, survey their preferences and maintain a working knowledge of fraudsters’ evolving tactics.

The goal is the same for everyone—minimize fraud losses while effectively balancing customers’ experiences and operational expenses. But the exact recipe each organization lands on—the mix of processes, people and products—varies widely and changes constantly.

Fraud Models – Five keys to finding the right fraud score

Many different providers—whether associations, processors, switches or analytic firms—have begun to offer unique fraud scoring models, targeting different products, channels and customer segments. There are also many fraud platforms that allow organizations to build and deploy their own internal models.

So, which fraud scores will be most effective for your organization? There really isn’t a secret formula, but there are some basic principles, gleaned from years of experience working with industry leaders, to incorporate into your organization.

First, you should know that leveraging multiple fraud scores is a perfectly fine practice. Each vendor has different techniques and algorithms to produce their fraud score. Every technique has its own advantages and disadvantages. While it is important to understand the underlying technology driving the different fraud scores, what is more important is the performance and effectiveness of each fraud score, and whether it solves your business challenges.

Second, you should not underestimate the power of consortium data. The sources, quality and quantity of data is a critical component in developing robust models. Be mindful of startup vendors with a minimal client base touting consortium models. A good consortium should be representative of the industry it is representing.

Third, some fraud scores are now “mandatory.”  What this means is that a provider (scheme/association or processor/switch) may be requiring the use of their fraud score, but don’t be afraid to question and quantify the effectiveness of the fraud score.

Fourth, measure the effectiveness of fraud scores. You can measure model performance effectiveness in a dozen different ways. What is important is that you are using the same approach and methodology across all fraud scores. Never apply performance metrics you have received from one vendor across all other vendors, as they are all likely using different ways to measure performance. A simple metric like value detection rate can be measured in several different ways. Find a common suite of performance metrics you can measure against all fraud scoring models.

Lastly, don’t forget about cost and benefit. Understanding the cost should always be part of your evaluation of fraud scores. The benefit is equally important, as it is in any performance comparison. Do your fraud scores overlap in some areas? Can one model be utilized for part of your portfolio and another model for the other portfolios?

As fraud continues to evolve, so should fraud technology and scoring models. There are now a number of different providers out in the market that provide effective scoring models. As such, you shouldn’t rely solely on one provider; rather, leverage as many as possible. And lastly, ensure a fair model comparison has been completed utilizing a common suite of key performance.

+++

Drew Manuel is a senior director within the Fraud, Security and Compliance unit of FICO Advisors. He has over 24 years’ experience in the fraud industry and is regularly called upon to do fraud model/score reviews by clients around the world.

Enjoyed this blog? Why not read this one too.

Does Your Fraud Department Have the Right KPIs?

Let’s block ads! (Why?)

FICO

Read More

Using Analytics to Prevent Auto Finance Fraud

June 15, 2019   FICO
Fraud Management Team FICO Using Analytics to Prevent Auto Finance Fraud

Recently I had the pleasure of presenting in Toronto, at the Canadian Auto Remarketing Conference. While the audience was comprised of a diverse group of stakeholders involved throughout the automotive lending lifecycle, pretty much everyone had one thing in common; they had all the unfortunate experience or had knowledge of some sort of fraud in their line of work.

Like most things, auto finance fraud has evolved over time. As technology becomes more advanced, fraudsters are becoming more innovative, meaning the measures organizations are having to take to protect themselves require innovation as well. You can’t solely rely on checking a driver’s license anymore to verify someone’s identity; it’s simply not enough. Auto lenders are always asking themselves, is this individual who they say they are, or do they intend to pay for the loan.

Fraudsters and legitimate consumers have a number of avenues in which they can now initiate a purchase and each one comes with different challenges for a dealership or lender to navigate—which requires quick decision making.

No matter the industry, the challenges remain consistent. There are various forms of auto finance fraud that can make it incredibly difficult to flag suspicious transactions.

  • True name application fraud is straight forward as it’s a real person and real information. This means it’s simply a bad person, with bad intentions.
  • Manipulated fraud is challenging as the information can seem legitimate but has some small inaccuracies—these could be small misspellings in a name or slight changes to an address. The information seems authentic but makes tracking delinquent payments nearly impossible.
  • Synthetic fraud takes parts of a legitimate identity and attaches fake information to it. This can mean using legitimate personal identification and assigning them to fraudulent people. These cases are also difficult to identify because they look like and act like a true and good individual.
  • Stolen identity fraud, while most often talked about, is actually the least common type. This is when a fraudster fully uses the identity of a stranger, resulting in a damaged credit score and future.

In the days when consumers were required to come into a dealership or bank to obtain financing, judging the validity of an identification made ruling out some of these fraud types a bit easier. An 18-year old man can’t claim to be a 60-year old woman without raising some serious red flags in person—but it’s easier to slip through the cracks online.

No matter the industry, fraud causes real issues. However, the stakes are seriously high when it comes to auto finance fraud. Once that vehicle is driven off of the lot, it’s gone, and lenders have begun to be held increasingly responsible for payments that default.

What this means is it’s becoming increasingly important for any agency responsible for making credit decisions to become more vigilant in evaluating credit worthiness, which means putting analytics to work. A low credit score is no longer the biggest indicator of a risky candidate, but analytic tools can alert lenders to the crumbs of information that are easily overlooked by simple qualifying questions alone.

Auto Lending or Dating?

If you ask me, evaluating application and originations fraud risk is a lot like dating. This might sound crazy but bear with me.

While many people go through phases of their lives where they are looking for something “casual,” for the most part, the goal of dating is to identify a potential long-term partner whom you can build a lasting relationship with. A lending relationship is no different. Lenders and merchants are looking for trustworthy, dependable candidates.  They are lending money to individuals who are committed to the relationship as much as they are to pay back those car loans.

In both scenarios you can expect the truth to be stretched a little bit during the initial stages of the relationship as you’re getting to know one another. Perhaps your potential partner exaggerates their cooking skills on your date, or perhaps your financing candidate exaggerates their income a bit—there’s usually a little white lie somewhere in the equation. In both scenarios, you have to decide what fibs you can live with and which are total deal-breakers.

There are different levels of risk associated with the strategies you choose to vet your potential partner no matter the type of relationship you are pursuing.

  • Referrals = friend of a friend Arguably the least risky method when dating is meeting a potential partner through a mutual friend. In these cases, while you don’t know the individual personally, if the friend setting you up is a trustworthy person, you can assume that they will have used their own judgement to suggest someone who will be compatible with you. The same applies when it comes to lending. If a referral comes in from a strong client relationship or has pre-qualified for an offer, you can assume that the candidate is likely legitimate.
  • In-dealership = speed dating Having a candidate walk from the street into a lending institution is the equivalent of meeting a potential partner through speed dating. You don’t know anything about them entering into the interaction (aside from what you can see physically) and you only have a limited amount of time to make your judgements about them. In this sort of interaction there are some things that cannot be falsified; gender and age (within reason) for example, but there is little time to evaluate more than that before deciding whether the person is a good candidate.
  • Applying online = online dating Online relationships are hard—everyone lies online. According to a recent survey about online dating, 53 percent of people using sites to find partners admit to lying on their profiles and applying online for financing is rarely different. Both scenarios can leave you feeling deceived and disappointed.

When it comes to evaluating risk for an organization though, online applications do have benefits. While it is easy for fraudsters and scammers to lie online, they also leave many breadcrumbs, which if properly monitored, can alert an organization to red flags. Many of these breadcrumbs—like addresses and IP addresses not lining up or registering using brand new email addresses—might not be alarming on their own but can alert an organization to some big issues if analytics are properly being utilized.

In dating or finding reliable customers, there is some effort involved. You can’t expect Mrs. or Mr. Right to come strolling up to you at the grocery store without taking measures to meet the right people with the right qualifications.

Let’s block ads! (Why?)

FICO

Read More

The New White Walkers: Zombie Synthetic Identity Fraud

May 20, 2019   FICO
Zombie Synthetic Identities The New White Walkers: Zombie Synthetic Identity Fraud

Spoiler alert: If you are watching Game of Thrones (GoT), but aren’t fully caught up, you may want to read this later!

In the past 6-12 months, synthetic identity fraud has skyrocketed and has been one of the hottest topics in the financial crimes domain. At the same time, whether it’s Game of Thrones or The Walking Dead, zombies have surged in popularity to play starring roles on television over the past decade.

What do these two statements have to do with each other? Let me explain, because the time for the army of zombie synthetic identities may be nigh.

What Is a Zombie Synthetic Identity?

Many of us remember 2013 when the FBI announced that they had dismantled a major criminal ring committing credit card fraud. Eighteen people had fabricated more than 7,000 synthetic identities and stolen over $ 200 million. This story was near and dear to my heart as I personally helped identify and investigate portions of this very fraud ring for a client. I also helped identity and investigate a number of other synthetic identity rings – it was an exciting and rewarding time that solidified my career commitment to fighting fraud.

As the years passed by, fraud evolved to target lower hanging fruit (as it always does). We fought (and continue to fight) the growth of card not present (CNP) fraud that followed the rise in e-commerce. Next followed a surge in account takeover and identity theft as data breaches make personally identifying information a commodity on the Dark Web. More recently, the race has been to detect fraud in emerging faster payment schemes (real-time payments).

But now, in 2019, it’s déjà vu as more and more of my conversations with clients have centered around synthetic identities hitting up cards, auto, telco, and other vulnerable product lines. And while a lot of information regarding “how and where” synthetics are created – including my own recent interview with Detective Jessie Gossman where he shared his experiences in law enforcement fighting synthetics and detailed e-book on the topic which describes the process of creating synthetics – we should also be considering the zombie synthetic and what to do about it.

For those of you familiar with the credit bureaus, you know that derogatory information such as late payments, collections, or charge offs are legally required to be purged from your record after 7 years and cannot be used in credit risk decisioning. While this may be a good thing for consumer protection, it’s not so great for fraud prevention because it opens the flood gates for first-party fraudsters – whether with true, manipulated, or synthetic identities – to commit the same schemes they may have 7 years prior. Bad customers can come back from the dead as zombie synthetic identities.

For synthetics that were never tagged as frauds and instead strategically hid themselves in the bad debt book (analysts estimate that 20% of the bad debt book is actually fraud!) this presents a pernicious problem. In addition to the financial loss, banks will have the double whammy in OpEx of once again trying to collect on someone who does not exist. Hence the new army of White Walkers (or technically army of Wights as my colleague recently pointed out). And don’t forget the lesson learned from the FBI: If 18 people can fabricate 7,000 identities, there are some Night Kings among us.

How to Stop the Zombie Synthetic Identity Apocalypse

What can you do to stop the zombie apocalypse?

  1. Become Arya Stark. The challenge with this idea is I’m not sure we have the time to take her intensive multi-year immersion assassin training course.
  2. Layer your fraud controls. There is no all-seeing, all-knowing three-eyed raven to help us – not that Bran has been much help anyways. No one data source, shared negative list, consortium or issuer-specific model, ruleset, or investigative capability will solve the synthetic fraud issue. It will be combinations of these capabilities that maximize detection rates and minimize false positives because each are attuned to their own strengths.
  3. Fight identity fraud across the customer lifecycle. We all want to stop fraud at the earliest point possible (point of customer origination), but we also need to consider how we can mitigate losses downstream of applications as we continuously monitor our portfolios for evolving fraud rings, strategically detect fraud on the events level of non-monetary and monetary payment transactions, and conduct post-mortem investigations to ensure the same fraud cannot hit us again through accurate tagging and evolution of our strategies.
  4. Address the continuum of credit risk and fraud. Because so much fraud is hidden on the bad debt book, it is a problem that requires cross-functional collaboration. Credit risk, fraud, and yes – I’ll say it – AML compliance areas must work together, with shared technology, to fight the problem.

Want to learn more about how FICO can help? Check out our Application Fraud Manager and Identity Resolution Engine solutions. And don’t forget to follow me on Twitter @lizfightsfraud.

PS: Should I trademark the term zombie synthetic? Remember, you heard it here first!

Let’s block ads! (Why?)

FICO

Read More

Synthetic Identities: From Data Breaches to Auto Loan Fraud

May 3, 2019   FICO
Synthetic Identity Fraud 2 Synthetic Identities: From Data Breaches to Auto Loan Fraud

Fraud and data breaches have always had a close, if destructive, relationship. As the US transitioned to hard-to-counterfeit EMV payment card technology several years ago, criminals flocked to card not present (CNP) fraud, often combining identity fragments and card numbers stolen in breaches to make illicit purchases online. Five years later, data breaches and downstream fraud continue their symbiotic relationship, with a steady increase in synthetic identity fraud.

Financing Cars with Synthetic Identities

It’s true: synthetic identities have become a major method for perpetrating auto lending fraud. Criminals are using parts of both fabricated and real identities (mined directly, or stolen during data breaches and purchased off the Dark Web) to create synthetic identities, which in turn are used to secure auto loans or other financial products. Synthetic identities can also be cultivated over time by various means, such as a legitimate cardholder getting an additional card for a person who does not exist, a process also known as “pollination.”

In the case of auto fraud, once a synthetic fraudster has possession of the new vehicle, they will often ship them overseas and immediately abandon any loan payment obligations. The fact that auto lending synthetic fraud has been increasing — it is up 500% since 2011 — is an indication that many of the synthetic identities pollinated or otherwise created years ago, and cultivated to appear credit-worthy, are moving into the bust-out phase.

Today’s Data Breach Is Tomorrow’s Fraud

I recently talked about synthetic auto loan fraud with executives from Santander Bank and GM Financial at the AFSA Vehicle Finance Conference, on a panel discussion about cybersecurity and third-part risk management (TPRM). Synthetic identity fraud provides a vivid illustration of the evolving continuum of cybersecurity and fraud: Party A’s data breach today (facilitated by poor cybersecurity defenses) becomes Party B’s synthetic identity fraud tomorrow. In the auto lending industry, most cases involve a multi-step process between one party’s data breach and another’s fraud. Sometimes these parties are business partners operating in the same automotive ecosystem.

In dollar terms, synthetic loan fraud comprises about $ 600 million of the $ 1.2 trillion in outstanding auto loans. That’s a small proportion overall, but still a significant number in terms of fraud losses.

An Empirical Tool to Gauge Third-Party Risk

Synthetic identify fraud is a sobering outcome of the unknown, and largely uncontrolled, cyber risk exposure companies face from the partners they do business with. Addressing it requires effective third-party risk management (TPRM), starting with a baseline measurement of business partners’ cyber risk.

The FICO® Cyber Risk Score is an ideal empirical tool to measure and monitor third-party risk exposure at any scale. FICO enterprise customers are using the Cyber Risk Score to continuously measure the third-party cyber risk posed by tens of thousands of partners (and more) they do business with.

TPRM is a big theme for FICO and the entire enterprise cybersecurity industry, because companies recognize that while their own cybersecurity defenses may be strong, those of the third and fourth parties (vendors of vendors) they connect with may not. PwC, which, along with Deloitte, KPMG and McKinsey, has a major TPRM practice, sums up the business imperative:

“In a business landscape loaded with potential pitfalls like cyber threats … that result in supply chain disruption, making sure your partners are following appropriate procedures is vital and will enable you to avoid risks and reputation damage.”

Using the FICO Cyber Risk Score to empirically assess third-party cyber risk is a critical first step.

In addition to helping organizations recognize and measure cyber security risk, for themselves and for their extended supply chain, FICO is an industry leader in fraud detection and prevention technologies. For more information on the mechanics of synthetic identity fraud, please download our Synthetic Identity e-book to learn more.

Follow me on Twitter @dougoclare for the latest developments in TPRM and the FICO Cyber Risk Score.

Let’s block ads! (Why?)

FICO

Read More
« Older posts

  • Recent Posts

    • Accelerate Your Data Strategies and Investments to Stay Competitive in the Banking Sector
    • SQL Server Security – Fixed server and database roles
    • Teradata Named a Leader in Cloud Data Warehouse Evaluation by Independent Research Firm
    • Derivative of a norm
    • TODAY’S OPEN THREAD

  • Categories

  • Archives

    • April 2021
    • March 2021
    • February 2021
    • January 2021
    • December 2020
    • November 2020
    • October 2020
    • September 2020
    • August 2020
    • July 2020
    • June 2020
    • May 2020
    • April 2020
    • March 2020
    • February 2020
    • January 2020
    • December 2019
    • November 2019
    • October 2019
    • September 2019
    • August 2019
    • July 2019
    • June 2019
    • May 2019
    • April 2019
    • March 2019
    • February 2019
    • January 2019
    • December 2018
    • November 2018
    • October 2018
    • September 2018
    • August 2018
    • July 2018
    • June 2018
    • May 2018
    • April 2018
    • March 2018
    • February 2018
    • January 2018
    • December 2017
    • November 2017
    • October 2017
    • September 2017
    • August 2017
    • July 2017
    • June 2017
    • May 2017
    • April 2017
    • March 2017
    • February 2017
    • January 2017
    • December 2016
    • November 2016
    • October 2016
    • September 2016
    • August 2016
    • July 2016
    • June 2016
    • May 2016
    • April 2016
    • March 2016
    • February 2016
    • January 2016
    • December 2015
    • November 2015
    • October 2015
    • September 2015
    • August 2015
    • July 2015
    • June 2015
    • May 2015
    • April 2015
    • March 2015
    • February 2015
    • January 2015
    • December 2014
    • November 2014
© 2021 Business Intelligence Info
Power BI Training | G Com Solutions Limited