Article 3 min

Application Fraud Raises the Stakes During Onboarding

Application Fraud

September 13, 2024  


Application fraud is a constant threat during account opening for organizations in markets around the world.

Application fraud occurs when someone uses false or stolen personally identifiable information when applying for credit, a loan or another financial product. The problem is prevalent, with the U.S. Federal Trade Commission reporting 88% of all credit card fraud reports in the first half of 2024 involved new accounts. 

Measures that detect fraud without creating additional friction when onboarding good customers can deliver secure growth.

Types of Application Fraud

Bad actors can choose from a variety of application fraud techniques.

Identity fraud occurs when someone uses real identity information for an unauthorized application. The fraudster presents information from real people without their knowledge or consent.

Synthetic identity fraud involves creating an identity by combining fake information with actual ID data. For example, a fraudster could pair a real Social Security number with a fake address and other synthetic data points. The fraudster can then use the fake identity to apply for a financial product.

Fraudsters can attack any financial product. Some of the more common application fraud targets include credit cards, mortgages, loans and rentals.

The availability of those products on digital channels widens the bull’s eye. Online applications give fraudsters the chance to refine and scale their schemes without being physically present. 

They also seek security gaps as companies try to limit onboarding friction and reduce abandonment. That strategy increases the importance of finding the right balance between onboarding speed and security.

Strategies to Detect Application Fraud

Detecting application fraud calls for a proactive approach that could include stricter verification processes, such as through advanced technology that cross-checks identity information against reliable databases.

There are hundreds of risk indicators, but no single signal guarantees fraud. For example, fraudsters often use a VPN to mask their IP address because they know it won’t match the personal data of the real person. But on the flip side, high net-worth people who are security and privacy conscious also often use VPNs.

It takes multiple signals to determine a risk score. 

Those signals can include personal data – for instance, name, address and birth date – as well as device intelligence, such as email, phone and IP address. Organizations also face the challenge of applying sophisticated analysis to those signals. 

Fraud detection best practices vary by market, use case and risk tolerance. They also evolve as fraud techniques and regulatory requirements change. 

The shifting nature of fraud places an emphasis on flexible detection systems that allow organizations to fine-tune data input to match any scenario. When organizations combine that flexibility with the right data, technology and expertise, they can deliver onboarding security without compromising the user experience.

Digital Identity Crisis

White Paper

The Digital Identity Crisis

Learn how businesses can apply layered, agile identity verification that allows for real-time adjustments to emerging threats.