New account fraud, also known as application fraud, is rapidly outpacing other forms of cybercrime, making it one of the largest concerns for companies offering digital account openings.
According to a survey conducted by Aite Group, 52% of financial institutions said application fraud has increased in the online channel over the past two years. Corresponding with that trend, of all fraud types, application fraud now tops the list as the biggest pain point for FIs.
What’s behind the new account fraud problem and how can it be addressed? Julie Conroy, Research Director at Aite Group, joined BioCatch’s Uri Rivner for a webinar to cover this topic. In this blog, we recap the main points of their conversation.
Watch the full webinar on-demand here.
Why Companies Are Waking Up to New Account Fraud
US financial institutions are expected to lose more than $2.5 billion to application fraud within the next year. New account fraud has seen a rapid rise for several key reasons.
- The bad guys have our static data.
Equifax, Twitter, Marriott. Large scale data breaches of the past decade have filled cybercriminals’ coffers. Personally identifiable information (PII) used to verify identity at account opening is no longer a reliable means of authentication.
- Cybercrime rings are shockingly proficient.
Not only is PII readily available, cybercrime rings have mastered selling and monetizing sensitive information on the dark web. They are masters at monitoring available data and rapidly converting it into automated fraud attacks. With social security numbers, phone numbers, home addresses, and more at their fingertips, opening a fraudulent account is all too easy.
- Synthetic identity fraud is going unanswered.
65% of fraud and AML professionals believe that synthetic identities are a bigger challenge than identity theft, according to an Aite survey. Synthetic identities at account opening are particularly hard to detect and also get written off as a credit loss, causing banks to try and collect on individuals who don’t exist.
- Digitalization is increasing the attack surface.
Banks are seeing a drop in branch applications as more customers choose to move to the digital channel. However, that shift opens new avenues for cybercriminals. According to Conroy, application fraud is eight times higher in the online channel than in the branch.
The bottom line is that application fraud attacks will continue to escalate, fueled by the ready availability of stolen and synthetic identities. But at the same time the threat landscape is escalating, firms are under pressure to remove friction points that lead to abandonment. 88% of executives said improving the customer onboarding experience is the key driver for determining investments in new account risk assessment tools.
To address all these concerns, financial institutions need a solution for digital identity that is effective and capable of providing a seamless user experience.
Cybercriminals, Beware. How Behavioral Biometrics Reveal New Account Fraud Red Flags.
Behavioral biometrics is an AI-driven fraud detection and authentication technology that is paving the way to the frictionless customer experiences coveted by today’s online banks, lenders, payment providers, insurers, government agencies, and more.
The secret to the effectiveness of behavioral biometrics is that the technology does not focus on data itself, but on how a user interacts during the entire account opening process. Behavioral biometrics works behind the scenes to analyze positive and negative behaviors that are indicative of a fraudster versus a legitimate user. To verify identity, the technology looks at three core categories:
- Application Fluency: Fraudsters that repeatedly use compromised or synthetic identities demonstrate a high level of familiarity with the account opening and log in processes.
- Navigational Fluency: Cybercriminals are often expert users and demonstrate a proficiency with keyboard shortcuts and function keys not typically seen with genuine users.
- Data Familiarity: Criminals entering stolen personal information are more likely to cut and paste data, such as date of birth, that would be intuitive to a legitimate user.
As a result, behavioral biometrics technology is highly valued for its detection and authentication capabilities as well as its ability to work behind the scenes. Aite Group research found that 83% of financial institutions believe behavioral biometrics are highly effective from a detection perspective.
Cybercriminals and fraudsters know how to beat existing controls and behavioral biometrics provide an answer for top new account fraud challenges. Many solutions are still reliant on knowledge-based authentication (KBA), device ID, and mobile network operator (MNO) solutions like SIM cards. BioCatch looks beyond these options, which cybercriminals all too easily circumvent. Instead, our technology extracts cognitive preferences to recognize the differences between genuine users, human fraud, and bots.
If you’re interested in implementing behavioral biometrics, note that solutions vary by provider. BioCatch has been in the game from the start, and has developed a unique approach that looks beyond with 60+ patents to our name, we’re leading the way to stronger fraud prevention and a world where companies can confidently secure digital identity.