Fraud prevention with trusted identities
The past years was marred by data breaches, hacks and data theft. With every successful cyber attack, the black market for personally identifiable information grew, widening the pool for hackers to buy stolen identities and engage in fraud. These crimes directly affect financial institutions bottom line causing millions of dollars in credit losses not to mention the indirect loss from wasted collections effort and lost employee productivity. Stopping this fraud without adding friction requires a unique approach.
In 2016, mobile fraud accounted for 62% of all fraudulent transactions, card-not-present fraud experienced a rapid surge, and losses from account takeover increased over 60%. The cybercrime landscape makes it clear that new approaches are needed to secure digital payments and combat the rise of digital fraud. By 2021, mobile payments are estimated to reach an impressive US$3 trillion. With this growth – and the rapid growth of e-commerce as a whole – comes an unfortunate but not unexpected increase in international payment fraud.
A report published recently by Worldpay, Fraud Trends 2016, relates to this growing risk of fraud and provides actionable insights into some of the key issues: trends in mobile payment adoption globally, mobile payment fraud, social media authentication analysis, machine learning, and general reliance on data to combat fraud.
Identity theft and the challenge for banks
Identity theft is when your personal details are stolen and identity fraud is when those details are used to commit fraud. If you’re a victim of identity theft, it can lead to fraud that can have a direct impact on your personal finances and could also make it difficult for you to obtain loans, credit cards or a mortgage until the matter is resolved.
The challenge for financial institutes and banks, however, is to implement offering as loans and mortgage at speed so they can maintain a competitive edge in the market, but without putting security at risk. Traditionally, banks have managed different categories of fraud within silos. As traditional risks converge with new risks, such as cyber threats, banks are becoming exposed to security threats that can fall between the cracks of the various silos. At the same time, organised criminals are targeting several channels. Increasing the speed of transactions and clearing times means there is less time to review transactions for suspicious activity. Financial institutions must have updated and agile security and fraud detection systems in place to combat this. These systems must produce immediate fraud indicators with low false positive rates and a real-time transaction validation process.
Frictionless trust, moving beyond security
How can you ensure if the person you are communicating with over the Internet is really who they say they are? How can you verify the authenticity of the (mobile)device or system with which you are engaging? Next to that, you have different levels of trust degrees. Without the right context, any decision to grant access to valuable or sensitive data is a high-risk decision. By adding context, the risk of permitting access can be reduced. Digital trust is achieved by properly identifying, verifying and authenticating individuals. With enough trust, transactions can be made with the minimum of inconvenience to both parties.
Trusted IDs that integrate security, privacy and convenience will provide a new level of assurance to financial applications and transactions. Trusted IDs should be managed and provided by 3rd-party identity providers as part of trust frameworks. Trusted IDs are extremely effective mechanisms for consumers, businesses, and government agencies to use to protect their digital assets and information from fraud. One of the security solutions to protect a trusted identity could be two-factor authentication (2FA) as it strengthens access security by requiring two methods (also referred to as factors) to verify your identity. These factors can include something you know – like a username and password, plus something you have – like a smartphone app to approve authentication requests.
Our layered approach of ConsentID offers benefits for your customers and organisation. From a user’s perspective, security and privacy is stronger, yet more transparent. Mobile app notifications simply allow them to accept or decline confirmation of transactions, requests of consent and sign documents in a digital way. Security behind the scenes is safeguarding them from highly sophisticated attacks, but the user experience is quick and easy. For your organisation, the solution of ConsentID allows you to build a security framework that can be applied to all channels quickly, including mobile apps and e-commerce sites.