For many years we have known that contact details such as mobile phone numbers, email addresses and bank details are key fraud detection points.
More recently focus has been placed on implementing software within fraud prevention suites to create alerts based on multiple uses of these details across applications. This is done in order to verify the details provided as genuinely belonging to the applicant, along with further profiling around social media activity and other behavioural indicators.
Is device profiling by banks merely forcing the fraudster to play a longer game by being ever-more meticulous about how they incept the fraud?
Many years ago, a fraudster would start small and establish a presence at an address by applying for low level credit, perhaps through a catalogue company or by opening an account with a utility company.
"This must raise questions around the robustness of the checks that are in place with Telecoms and other device retailers, when consumers are buying devices and services”
Savings accounts would then be opened, which were not subject to credit scoring methods, in the context (at the time) of a perceived low threat of fraud - with the long term aim of fooling credit scoring and fraud detection, when eventually applying for major credit cards.
More recently fraudsters have also been inclined to open current accounts using stolen identities. This method of fraud is used as a prelude to apply for an unsecured loan using the same compromised identity. The purpose behind the opening of a current account is two-fold. The first is to pass through bank account checks (unless investigators are wise enough to ask for more than just account holder and address confirmation). The second purpose is for an account to serve as a conduit for the distribution and spend of the ill-gotten gains from an unsecured loan.
A recent publication by Cifas has highlighted the increased trend in compromised identity fraud in the Telecommunications and Online Retail sectors. On the face of it, it shows a potential for fraudsters to move to where rich pickings are easiest to come by. But are these increases more significant than at first glance?
Are they actually a result of those looking to perpetrate fraud reacting and becoming aware of the use of device profiling techniques, by banks, to prevent fraud?
In the great ‘fraud arms race’, could it be that fraudsters have become aware of new detection methods and are now using compromised identities to purchase devices, serving to validate both the identity and purchased device, and then enabling them to obtain financial products leading to lucrative rewards?
"More recently fraudsters have also been inclined to open current accounts using stolen identities. This method of fraud is used as a prelude to apply for an unsecured loan using the same compromised identity"
In placing increasing reliance on device and email checks when vetting applications for finance, are we merely pushing responsibility and control for ID verification (IDV) checks on to the Telecoms or other service providers?
This must raise questions around the robustness of the checks that are in place when consumers are buying devices and services, to mitigate against the threats posed by identity fraudsters. Without robust IDV in place at the point of purchase, we run the risk of finding and acting upon these fraud attacks even more difficult.
Although operating in a different world technologically, it’s clear we are back to seeing the fraudster playing the long game. Putting in earlier ground work, and working a little harder, to yield greater opportunities to access illegal funds, and defeat the fraud checks in place by finance companies.
"Blocking finance applications through device profiling alone means fraudsters still have the use of a compromised identity."
When the ease of access and cheap outlay of buying a new device, such as a smartphone or laptop, is considered, there needs to be caution in relying on device profiling as a silver bullet to screen and block applications at an early stage. It’s just feasible that the fraudster will have used a ‘clean’ device for their finance applications and transactions relating to the same identity, rather than across multiple identities.
Another potential danger of blocking finance applications by purely using device profiling, is that companies may not capture the details of the compromised identity being used and use it to enrich the intelligence of their existing fraud databases. Blocking finance applications through device profiling alone means fraudsters still have the use of a compromised identity - and can go elsewhere to use that profile with a new device, on a different bank or finance company, or to make applications outside of the web channel.
Given the potential for resubmitted applications using the same compromised identity, just from a different device, device ID profiling is only going to be truly effective when used in conjunction with syndicated fraud databases, painting a bigger picture of potentially fraudulent inception.
If you are interested in finding out more about how Device Profiling can be used in your organisation to help prevent, detect and investigate fraud, then please call 01782 664000 or email email@example.com
Banking & finance
SIRA integration with LendInvest to automate fraud detection
Monday, September 21, 2020Read more
Banking & finance
Nationwide sees 20% uplift in adverse fraud identified after implementing Precision
Wednesday, April 28, 2021Read more
The evolution of fraud prevention, detection and risk mitigation
Monday, September 17, 2018Read more
Let us prove how we can help you. Click the button below for more details.Find out more