By Robin Love
Application fraud is an elusive problem, and the proof is in the numbers.
According to Aite Group research, application fraud attacks have been increasing at a rate of 16% year-over-year1. And amid the pandemic, a full 81% of financial fraud executives reported increases in application fraud—with 22% reporting sharp spikes of 10% or more2.
Those are troubling statistics for financial institutions (FIs)—because fraud at the point of account opening enables further fraud attacks down the road.
Application fraud involves the use of fraudulent information to open an account, with the intent to facilitate criminal activity. It opens the door to fraud attacks of all kinds, including check, deposit, card and loan fraud.
What’s more, application fraud gives fraudsters the opportunity to nurture and strengthen synthetic identities—resulting in pieced-together or fully fabricated identities that become so well-established, they may even pass as real to credit bureaus. Playing the long game, criminals can then use those fake identities to establish more accounts, build credit—and commit an ever-expanding succession of damaging fraud attacks.
Once application fraud has been committed, the downstream fraud events become increasingly difficult to prevent and detect.
This blog post examines the challenges of fighting identity fraud – in particular, synthetic identity fraud, the pandemic’s impact on those challenges, and why banks and credit unions of all sizes need to evaluate their current fraud risk solutions.
"Broken" identity is the root cause of application fraud.
Having a robust application fraud risk solution can detect and prevent synthetic identity fraud during the onboarding process.
In short, to help prevent synthetic identity fraud, FIs should focus on managing application fraud.
But managing application fraud requires effective identity verification.
And therein lies the challenge.
Historically, identity was associated with the basics—e.g. Social Security number, name, address and phone number—making identity verification fairly straightforward. That's no longer the case.
In recent years, as the digital economy has grown, personally identifiable information (PII) has become more complex. It has expanded to include other distinguishing data elements—from IP addresses, email addresses, and login details to credit card numbers and other personally identifiable financial information (PIFI)—and even social media posts.
As they have done time and time again, fraudsters pivoted quickly to capitalize on these changes in the industry landscape.
- More than 23 billion data records have been compromised since 20171
- Identity fraud losses in 2020 totaled $56 billion3
As PII becomes more complex and fraudsters become more sophisticated, FIs are finding their existing identity verification tools less effective at preventing application fraud—or the fraud attacks that spring from it.
Synthetic identity fraud is especially concerning. Although exact numbers are hard to come by, it’s clear that accounts opened with synthetic identities contribute to a significant percentage of first-party check fraud and first-party credit fraud attacks. According to Aite Group, for example, $1.2 billion of the $2.2 billion in total estimated credit card application fraud losses for 2020 derived from synthetic identity fraud.
The pandemic compounded application fraud challenges.
Amid the pandemic, many institutions had to shut down their branches and quickly shift to offer mostly digital services. Faced with stay-at-home orders and other pandemic risks and restrictions, consumer behavior shifted toward digital channels as well. And it looks like the trend will continue even as restrictions are lifted. According to BAI Banking Outlook research:
- Half of consumers are using digital products more often since the pandemic
- Of those, 87% plan to continue their increased usage after the pandemic
With more consumers turning to digital channels, financial criminals are continuing to innovate. And the industry's accelerated shift to digital gave fraudsters more opportunities to exploit the inefficiencies in traditional application fraud prevention technologies.
During the pandemic, many fraudsters turned their focus to economic relief payments in general—and unemployment benefits in particular—which were seen as low-hanging fruit. To intercept and cash out the payments, however, fraudsters needed accounts where they could deposit (and then quickly move out) the illegally acquired funds.
The high demand for new accounts, combined with relatively easy access to stolen and synthetic identities, contributed to accelerated growth in application fraud rates.
Although the pandemic-driven spike in application fraud is expected to drop back down as economic relief payments subside, the steady increases we saw in previous years will continue. According to Aite Group, application fraud losses are projected to reach $4.1 billion by 2023.
Preventing identity fraud requires additional layers of security.
To prevent identity fraud attacks, FIs need to fix the problem where it starts: during account opening. To accomplish that, most FIs need to update their processes with several additional layers of protection.
As FIs evaluate and update their verification methods, however, they must be careful not to make the process so difficult as to frustrate or turn away legitimate applicants.
Indeed, with application abandonment rates soaring as high as 60% for digital checking account openings4, FIs need to be able to deliver faster, easier digital onboarding experiences—or risk losing their customers to competitors.
To reduce application fraud risk, for example, FIs must be able to better detect synthetic identities—at the point of application. On top of that, once an individual is verified to be who they say they are, FIs need additional technologies to improve decision-making. They need to evolve beyond the traditional “yes/no” decisioning model—to enable nuanced determinations about who to do business with and what types of services and privileges to offer. And they need to do all that without adding friction for the customer.
Early Warning® provides a holistic onboarding solution that moves customers quickly and confidently through the application process. Sophisticated application fraud risk technologies— like ID Confidence Score, First-party Fraud Score, and Account Default Score—empower FIs to accept more legitimate account applications, acquire more new customers or members, and generate more revenue.