InfoSecurity

July 13, 2006
Financial Services Well-Placed to Survive Fraud Onslaught

Gary Wood

• Chip and PIN would lead to displacement of fraud into other areas;
• Businesses need to take steps to prevent consumers becoming victims;
• Electronic methods of authentication minimise the risk of identity fraud;
• Ongoing data sharing is crucial;
• Data sharing is being encouraged.

NEW DELHI -- Fraud is continually evolving, with fraudsters getting ever more persistent and sophisticated every day. Once one avenue for fraudulent activity has been made secure, fraudsters will simply move on to the next.

It is this level of fraud displacement that makes it so critical for financial services organisations to stay one step ahead of the game through the deployment of the most effective fraud prevention solutions and through data sharing. One recent example of fraud displacement can be seen as a result of the introduction of Chip and PIN technology to help combat plastic card fraud.

By actively talking to our clients, collecting data and trend information, we expected that Chip and PIN would lead to displacement of fraud into other areas and this has certainly borne true. In particular, it was expected that identity theft (when criminals assume an unwitting person's identity), card-not-present fraud and the so-called soft fraud areas, such as credit application fraud and sleeper fraud, would all rise. Thankfully, in all these cases, there are solutions available to protect businesses and data sharing continues to prove very effective at reducing the incidence and impact of such fraud. However, businesses need to be proactive and take the necessary steps to help themselves and also help prevent genuine consumers becoming victims.

Fraud displacement on the rise

Fraud displacement has been most visible in the rise of the UK's fastest growing crime, identity theft. By its very nature, identity or impersonation fraud is where a fraudster uses the identity of another person, living or dead to obtain goods, services or money. However, it could be argued that this distress and its growth could have been largely preventable. Why? Well, at its most basic level, it is quite astonishing that in this day and age, some businesses still accept paper-based documentation as proof of identity.

One of the most powerful steps businesses can take to help prevent this and other types of fraud, and their impact on their business and unwitting victims, is to check and authenticate the identity of customers to ensure that they exist and are who they say they are. Electronic methods of authentication are accepted and approved by the Joint Money Laundering Steering Group (JMLSG) as an alternative to paper documentation checks, are less intrusive and highly effective at minimising the risk of and impact of identity fraud. Ongoing data sharing is also crucial.

A number of data sharing initiatives and centralised databases are widely used in the credit and financial services arena, such as Detect, HUNTER and CIFAS, to enable organisations to share data within their own organisation and between each other to combat fraud. These and similar data sharing systems have been highly successful at detecting and preventing fraud - which, to some extent, accounts for the constantly evolving and changing frauds employed by criminals. But, as always, more needs to be done.

Scope for data sharing has widened

Today's current data sharing practices are largely confined to silos within the financial services sector - but fraudsters don't respect silos. The insurance sector has embraced data sharing activities, such as the CUE database and through Insurance HUNTER, achieving excellent results in detecting would-be or known fraudsters at both new business and claims stages, without affecting customer service levels. But, this type of data sharing and expertise is mainly confined within a sector, thus the opportunities to maximise the benefits of sharing fraud information are lost. For example, the fact that an applicant for a personal loan is known to have attempted to commit multiple insurance claim frauds should lead to greater scrutiny of the loan applicant.

Today, the scope for data sharing has widened as its impact on fraud reduction is becoming more widely recognised. Data sharing across vertical markets, and across the public and private sectors, is being encouraged and we are continually developing systems and its capabilities to enable effective data sharing across, within and between organisations, across industry sectors and within closed user groups to increase fraud detection.

Using advanced data matching capabilities, these systems are able to identify and target previously unknown fraud patterns and match current application data against suspected fraud cases to prevent the fraud from occurring in the first place. Historically, shared fraud databases have only flagged up proven fraud cases. Many organisations have much larger suspect fraud files, which new data sharing systems are able to tap into, providing access to both proven and suspect fraud cases for better decision-making and to increase overall fraud prevention and detection.

Data sharing illuminates fraud patterns and helps put a face on the crime. Data that can be shared include application data, account performance information, public data and proprietary information - all of which help businesses to know their customers better. By detecting and subsequently sharing information about fraudsters, businesses can prevent repeat fraud and minimise the impact on their genuine customers.

(The author is managing director, fraud solutions business, Experian)