Dean Nicolls: Addressing the problem of new account fraud
New account fraud isn’t new, but it’s fast becoming one of the biggest problems in the digital banking era, costing the financial services industry billions each year.
In fact, 48% of all fraud value stems from accounts that are less than a day old (according to ). Experian’s 2020 Global Identity and Fraud Report found that 57% of businesses report higher fraud losses associated with account opening and account takeover than other types of fraud.
This is a problem that must be addressed from many different angles.
That’s why organisations need to adopt a risk-based approach and leverage a number of fraud signals.
Naturally, our value proposition here at Jumio is based on the capture of a user’s government-issued ID and a corroborating selfie.
But, sometimes additional data points are needed.
equip financial service organisations with an improved ability to uncover deeper data relationships in real time by confirming the existence of a given address and/or confirming the subject actually lives at the address captured on the photo ID.
At Jumio, we offer two flavours of address services:
- Address Validation: determines if the address extracted from a government-issued ID exists in the real world.
- Proof of Residence: checks to see if the person being verified actually lives at the physical address extracted from their ID document. In the US, if the user moved, we would return whether the address provided matches the most recent address on file.
These services help bankers and their underlying systems become more efficient and smarter, while also delivering several other compelling benefits:
- Meet compliance mandates: Some regional regulations require you to validate addresses and establish proof of residence using independent public sources. This is especially helpful in the UK, where Financial Conduct Authority regulations require FIs to collect two different documents (one for ID and one for address).
- Properly formatted addresses: Jumio returns a valid and standardised address which ensures that only valid billing and shipping addresses are captured and used in your systems. With this, you can help ensure that any future communications to the new customer by regular mail will be delivered to the intended person on time.
- Single API: Instead of integrating multiple APIs for identity verification and address validation, you now just use one API.
The most comprehensive way in which to combat new account fraud without negatively impacting the end user experience is with a holistic, multi-layered approach to onboarding.
The combination of identity verification and address services helps organisations corroborate digital identities, combat new account fraud and keep their CRM data clean.
Organisations want to have higher levels of assurance when they onboard new customers, but this is becoming increasingly difficult with increasingly sophisticated fraud tactics.
Layering in address services helps triangulate a user’s digital identity with higher levels of assurance.
Report: Financial institutions face cloud-based threats
Over one year into the pandemic, different financial institutions report costly consequences to falling short of protecting their data storage from cloud-based attacks and network disruptions. The report is based on more than 800 responses from IT professionals working in the financial services industry in North America, Latin America, Europe, and the Asia-Pacific region.
- Data breaches are an increasingly significant cost burden for the industry: Worldwide, financial firms that experienced a data breach reported estimated average losses of roughly $4.2 million per attack, with U.S. organisations hit hardest at $4.7 million in estimated losses.
- Network outages also result in costly burdens: Institutions lose an estimated $3.2 million on average with Asia-Pacific followed by European institutions carrying the heaviest losses at $4.3 million and $3.1 million respectively.
- The industry remains a popular target for cloud-based attacks: Over half of all organisations (54%) surveyed suffered a data breach in the last 12 months with 49% plagued by a cloud malware attack as well.
- Cloud and network-based attacks will continue to be a major threat vector: More than 50% of respondents expect to face a combination of IoT attacks, cloud vulnerabilities including misconfigurations, and data manipulation attempts over the next 12 months.
- Threat resolution teams are embracing network visibility for security hygiene: Globally, network monitoring (76%), threat intelligence (64%), and threat hunting (57%) are considered the most effective mitigation tactics against these threats.
Even before the pandemic, tech companies were increasingly seeking moves to the cloud. The COVID-19 crisis has accelerated the adoption of cloud computing by the financial sector as part of its process of digitalisation. As companies transition and move data, there can be a lack of protection due to a number of factors such as undertrained staff and insufficient firewalls.
“The financial services sector has long been a target for bad actors who are following the cyber money trail into the cloud,” said Anthony James, VP of Product Marketing at Infoblox. “As the pandemic pushed IT infrastructures to rely on remote work, cloud-based technologies that enabled digital transformation also created soft spots for cyber criminals to exploit.”
“This report shows us that cloud compromise has become the biggest cybersecurity issue for financial institutions and the investments they are making to protect themselves,” James continued.