Improving fraud detection rates with device profiling
For many years we have known that contact details such as mobile phone numbers, email addresses and bank details are key fraud detection points.
More recently focus has been placed on implementing software within fraud prevention suites to create alerts based on multiple uses of these details across applications. This is done in order to verify the details provided as genuinely belonging to the applicant, along with further profiling around social media activity and other behavioural indicators.
Is device profiling by banks merely forcing the fraudster to play a longer game by being ever-more meticulous about how they incept the fraud?
Many years ago, a fraudster would start small and establish a presence at an address by applying for low level credit, perhaps through a catalogue company or by opening an account with a utility company.
"This must raise questions around the robustness of the checks that are in place with Telecoms and other device retailers, when consumers are buying devices and services”
Savings accounts would then be opened, which were not subject to credit scoring methods, in the context (at the time) of a perceived low threat of fraud - with the long term aim of fooling credit scoring and fraud detection, when eventually applying for major credit cards.
More recently fraudsters have also been inclined to open current accounts using stolen identities. This method of fraud is used as a prelude to apply for an unsecured loan using the same compromised identity. The purpose behind the opening of a current account is two-fold. The first is to pass through bank account checks (unless investigators are wise enough to ask for more than just account holder and address confirmation). The second purpose is for an account to serve as a conduit for the distribution and spend of the ill-gotten gains from an unsecured loan.
A recent publication by Cifas has highlighted the increased trend in compromised identity fraud in the Telecommunications and Online Retail sectors. On the face of it, it shows a potential for fraudsters to move to where rich pickings are easiest to come by. But are these increases more significant than at first glance?
Are they actually a result of those looking to perpetrate fraud reacting and becoming aware of the use of device profiling techniques, by banks, to prevent fraud?
In the great ‘fraud arms race’, could it be that fraudsters have become aware of new detection methods and are now using compromised identities to purchase devices, serving to validate both the identity and purchased device, and then enabling them to obtain financial products leading to lucrative rewards?