How Insurance Companies Can Defeat Application Fraud

Nov. 30, 2018 | by BioCatch

There’s one thing we know for sure about digital transformation: Cybercrime is an inherent risk of offering services online. For insurers, the biggest threat is application fraud, also known as new account fraud (NAF), which leads to billions of dollars in losses every year.

Cybercriminals use two main techniques to initiate false insurance policies online, either taking over existing identities or creating fake identities forged from stolen personal information. Worryingly, application fraud is only the beginning. Once fraudsters successfully create an account, false claims, diverted payments, and other forms of fraud quickly follow, often going undetected for weeks.

Online insurance services are popular with both consumers and fraudsters alike because of their speed and simplicity. New tools are giving insurers the capability to defeat application fraud in real-time, catching fraud before it even becomes an issue, preventing downstream criminal activity, and ensuring consumers get the online experiences they desire.

The Problem with Current Identity Verification Solutions

Despite having insurtech solutions in place, new account fraud continues unabated and will only grow. Cybercriminals have traditional identity verification tools figured out.

The underlying problem is the reliance on personally identifiable information (PII) to establish an individual’s identity. Data breaches have made consumer data a readily available commodity. The exact information fraudsters need to open an account, from a person’s social security number to their home address, can be easily bought or traded for at low cost.

The success of synthetic identity fraud is a symptom of the broken identity verification process. By piecing together real data with fabricated information, fraudsters evade database searches insurers use to confirm information entered into an online policy application. Weeding out fraudulent applications will require a proactive approach to insurance fraud detection that doesn’t depend on static identifiers.

Beating Application Fraud with Behavior-Based Identity Proofing

Recently, independent advisory firm Javelin Strategy and Research released a report on the role applicant behavior has to play in identity proofing. Their conclusion is that “verifying static identity elements is now a largely useless tactic in preventing fraud.” The answer is to replace identity verification with identity proofing, which will provide “certainty that not only is the identity itself valid but also that it belongs to the applicant.”

Connecting someone’s online presence to their physical presence is the biggest struggle in verifying online account openings. Behavior-based identity proofing resolves the challenge, focusing on how users enter information into an application to differentiate fraudsters from genuine applicants.

Behavior-based identity proofing looks at specific activity within an online application to determine risk of fraud:

  1. Application fluency: Fraudsters that repeatedly use compromised or synthetic identities demonstrate a high level of familiarity with the new account opening process.

  2. Expert users: Cybercriminals regularly use keyboard shortcuts and function keys that are rarely used by real users. Advanced computer skills are a sign of a fraudster at work.

  3. Low data familiarity: When cybercriminals enter stolen personal information, they are far more likely to cut and paste data that would be intuitive to a legitimate user.

  4. Machine and bot activity: Behavior-based solutions can spot criminal behaviors in the application flow, even if the access is from a new device or IP. Automated attacks also demonstrate unique behavior patterns that can be used as a distinguishing marker.

From the moment someone starts the account opening process, behavior-based identity proofing goes to work to keep future policyholders secure. Not only does it detect malicious automated activity and suspicious applicant activity, behavior-based identity proofing does so without introducing friction into the user experience. While keeping fraudsters out, insurers don’t have to worry about turning legitimate applicants away.

With over $1 trillion in premiums collected each year, it’s no surprise that fraudsters see insurers as a lucrative target. Behavior-based identity proofing gives insurers the insurance fraud detection solution they need to eliminate fraud at the source and keep policyholders protected online.

Learn more about BioCatch’s approach to behavior-based identity proofing for the insurance industry.

Topics: Fraud Prevention