When starting a relationship, you don't always know what you are going to get. For businesses, new account fraud is especially perilous as there's no track record to compare to, and no history of trust. The initial activities might be benign or the act of fraud yet to be uncovered.
New account fraud usually occurs within 90 days of account opening. Also referred to as application fraud or account origination fraud, the occurrence of duplicity so close to account opening indicates the account's sole purpose was deceitful.
The costs of new account fraud are significant; a study by Javelin Strategy & Research estimates that financial institutions lose “more than $10B a year and that doesn’t even include synthetic or other identity related crimes.” The Federal Trade Commission (FTC) reported this type of fraud has been on the rise since 2018, including:
- New accounts with credit card fraud up 24%
- New mobile accounts seeing a 28% increase in fraud
- New fraudulent bank accounts seeing a 12% increase
With the increase of digital activities due to the COVID-19 pandemic, these costs look like they are rising even higher. One study by Aite Group found that 32 million Americans have been the victim of new account fraud in just four months this year; a rate that equals 14% of the population compared to 19% for the entirety of last year.
A fraud technology race
As technology improves, the ability to prevent unsophisticated forms of fraud has advanced substantially. Unfortunately, fraudsters are also taking advantage of new technologies and techniques to create more elaborate and profitable schemes. The proliferation of data breaches has led to wide-spread black-market access to so-called “fullz”, a full set of identity data that can be used for account opening. As hackers point out “buying identities was so much better for them than stolen payment card data, because card data could be used once or twice before it was no good to them anymore. But identities could be used over and over again for years.”
To ensure effective fraud prevention measures are in place, organizations need to integrate onboarding security measures that commensurate with the risk.
Fortunately, the technologies for identity verification and authentication are advancing rapidly and provide multiple layers of protection to combat new account fraud. While a data breach might expose one set of data, numerous other data sources can provide alternative information to verify against.
For example, a mobile ID number is less likely to be available in black market data sets, as people are more reluctant to share their mobile ID numbers. Mobile data can also include numerous data points that are hard to forge, such as location, IP and usage.
Two-factor authentication to the mobile number, or an email address, provides another layer of security. Having access to the data is one thing, but having access to that account requires a whole other level of sophistication.
ID document verification is yet another layer that can help provide fraud prevention. Demonstrating possession of valid government-issued ID ups the ante on what a would-be fraudster would need to perform. It’s important to note that the information on the ID itself needs to be verified, or mismatches might make it through the system.
A further requirement to take a selfie for a liveness check and matching that to the image of the ID document helps ensure that the applicant is the same as the one on the ID. As technology advances, other biometric measures may be deployed that further connect the applicant to a real and true identity.
Implementing holistic fraud prevention
While the technology is certain to improve, the costs to implement and update the security stack needs careful consideration. After all, while one technology might be "figured out", having multiple layers of security is more difficult to bypass. However, having multiple technologies and constantly adding and modifying the system without a holistic framework is complicated, time-consuming, and therefore costly.
Instead, an approach that can adopt new technologies, new processes and new types of analysis quickly and cost-effectively is more aligned with a fast-changing environment.
Fraudsters are becoming smarter and more technologically capable. To keep up and get ahead of any new fraudulent trend, organizations also need to become smarter and more capable. Limiting the damage of new account fraud lies in looking for solutions that can deliver fraud prevention measures now and into the future.