The Role of Behavior in Predicting New Account Opening Fraud

Jul. 30, 2020 | by Heidi Bleau

Behavioral biometrics has evolved profoundly in the last decade.  What started as the analysis of user behavior based on clicks, swipes and typing patterns has developed into a technology that relies on deep knowledge of neuroscience and cognitive analysis that ventures into the unchartered areas of the human mind. 

The ability to distinguish between the good and the bad based on analysis of cognitive traits such as short-term and long-term memory and how that presents itself in human-device interaction requires more than just good machine learning models.  Expertise in online user behavior as well as the psychology of cybercrime and social engineering is key for developing the models that produce highly accurate behavioral biometric profiling to detect fraud.

Building risk models that focus on identifying patterns for both legitimate users and cybercriminals offer unique insights that traditional fraud prevention tools do not.  Here are three examples of ways that user behavior associated with the new account opening process can be used to identify fraud.

  • Application fluency: How familiar is the user with the account application process?

A cybercriminal repeatedly using compromised or synthetic identities will demonstrate a high level of familiarity with the new account opening process compared to a legitimate user. 

  • Low data familiarity: How familiar is the user with personal data?  

A cybercriminal is not familiar with the personal data and may display segmented typing patterns, excessive deleting, or rely on cut and paste techniques or automated tools to enter information that would be intuitive to a legitimate user.

  • Expert behavior: Does the user display advanced computer skills compared to the general population?

A cybercriminal often demonstrates advanced computer skills that are rarely seen among the general user population. Common examples include the use of advanced shortcuts, special keys or application toggling.

Let’s take a deeper look at specific risk indicators and how they correlate with detecting fraud in the new account opening process.  Segmented typing is one risk indicator related to the cognitive trait of short and long-term memory (data familiarity).  A legitimate user is going to be familiar with their own personal data so typing it into an online form is an intuitive action.  On the other hand, a cybercriminal, working off a spreadsheet of stolen credentials, will likely have to keep referencing the data resulting in segmented typing patterns.

While only one of hundreds of risk indicators, this one behavioral difference alone, when compared to the user population, increases the likelihood of fraud by more than 4x, according to BioCatch analysis.  It is also a risk indicator cited in 44% of all confirmed new account opening fraud cases.  When you start including other risk indicators, you can see how powerful behavioral biometrics is in predicting the likelihood of fraud events.

It has become easier than ever for cybercriminals to spoof location, IP address and device attributes.  Whether through publicly available tools or advanced malware, they are able to circumvent traditional identity proofing and fraud prevention controls to appear as a legitimate user.  On the other hand, attempting to spoof someone’s physical and cognitive digital behavior is near impossible.

Learn more about the financial and business impacts of new account opening fraud, the effect on customer experience, and how behavioral biometrics can be used to reduce fraud risk and increase customer acquisition in digital onboarding.

Topics: Behavioral Biometrics, New Account Fraud