Fraud and cybercrime are increasing not only in volume but also in sophistication. With fraudsters constantly devising new ways of gaining access to consumer information, fraud detection and prevention are now non-negotiable throughout the customer lifecycle.
The financial risks fraud poses to your business are great, as is the potential damage it could do to the customer experience. Davina Myburgh, Director of Core Solutions at TransUnion, takes a closer look at how businesses can use advanced data sets to boost their fraud detection processes.
Fraud risks stretch beyond onboarding
The onboarding phase is a vulnerable one where fraud is concerned. Cybercrime is growing at a rate of six times that of branch crimes worldwide and, although South Africa lags these statistics somewhat, a customer’s information is at risk every time they sign up to your site or service. Even in-store or in-branch applications aren’t safe: one simple call from a fraudster can change the newly acquired customer’s account details. The account can then be used to purchase goods or even open other accounts.
But customer onboarding is only the tip of the risk iceberg you and your customers face. Stolen information can be used to change accounts long after the customer acquisition phase. Fraudsters can use information to change a contact number on a banking profile or approach a network for a SIM swap, so that any transactional or one-time-pin SMSes get sent to them directly. They can change details on a policy and successfully claim for something without a customer’s knowledge. They can bide their time and slowly gather information, then change a customer’s account details, step-by-step, until they eventually have total control over the account.
Customer information is available through any channel
Consumer information is constantly at risk, regardless of the channel your customers use to engage with your business. Online or analogue, it’s all the same to criminals. Any type of database or ongoing communication can be intercepted, and the information can be stored and used for fraudulent purposes.
Fraudsters can intercept banking transactions or hack into online shopping sites. They can obtain information from social media profiles, use card-skimming devices in establishments, or they can simply steal personal mail from a postbox or dustbin. Many of us don’t think twice about writing down our name, number, contact details and car registration number when we enter an office park or residential estate: a treasure trove of personal information just waiting to be paged through.
A massive impact on consumer trust
While fraud poses a huge financial risk to your business, there is also a huge amount at stake when it comes to reputational risk. Should a customer become a victim of fraud, they blame the fraudsters and your business in equal measure. They trusted your business with their personal information and had a reasonable expectation you would keep it safe. This break in trust is exacerbated by stock-standard customer interactions, drawn-out turnaround times and insufficient assurance that their information will be kept safe in future.
Here’s an example: it’s the last day of the month, and a customer buys a pizza from a store in Johannesburg using your bank’s card. Later that afternoon, about R5,000 worth of transactions from a Durban-based food delivery company shows up on their banking profile. Your bank lets these transactions through, then contacts the customer to verify if they were legitimate. Once it’s confirmed the transactions are fraudulent, the customer is assured the funds will be returned within three to six working days and the matter will be investigated further—but this doesn’t help the unhappy customer whose debit orders are going to bounce.
It’s experiences like these that can destroy a customer’s trust and do significant damage to the reputation of a business. You can imagine what this customer is saying on social media channels about your bank’s processes and customer services, and what the impact of this would be.
Business need to take a multi-layer approach to fraud
The first step to improving this experience is, of course, preventing the fraud from taking place at all. Standard fraud detection measures simply aren’t enough anymore: an individual’s name, surname, address and even ID number are all easily accessible on the Internet and social media. Businesses need to look beyond standard data and take a multi-layered approach to identity verification, using standard data, alternative data and data linkages to:
- Constantly monitor data. Set up triggers to notify you when, for example, contact details have recently been changed on a policy before a claim, address details have been changed on an account before a purchase, or someone has passed away and there is still activity on their profile.
- Match verification levels to customer profiles. If you use the right data, you will be able to identify high-risk or low-risk customers quickly. Verification processes can then include simpler questions for low-risk customers, or more complicated questions (based on alternative data) for high-risk customers.
- Use behavioural data for monitoring online transactions. Fraud velocity and device identification, email verification, and location verification give you greater confidence that an individual is who they say they are.
The real power lies in how to use this data given what you know about how fraudsters operate. This is where shared global intelligence comes into play: lenders share cases of fraud in a centralised database and have access to details on the individuals and entities implicated in fraud, as well as their modus operandi.
Automation is crucial for the customer experience
Balancing customers’ needs for a seamless transaction with your business’s need to manage risk can be tricky. Manual processes may deter fraud, but it’s difficult to maintain consistency with these sorts of measures. There are so many anti-fraud processes available that you could end up implementing too many of them. Given the number of resources and amount of time it takes to contact various data houses to verify information, it’s easy to see how your best intentions could frustrate good customers and deter them from dealing with your business.
Automated processes that incorporate the latest anti-fraud analytics make it difficult for fraudsters to steal data while providing a smooth and safe experience for customers.
You don’t have to do it alone
Partnering with a company that can provide various linked data sources, expert analysis and fraud prevention tools will enable you to implement additional fraud-prevention measures, lower the costs of developing in-house solutions, and gain access to data that would not be available in house, while allowing you to quickly adapt to evolving fraud threats and trends.
TransUnion’s IDVision solution examines physical and digital identity elements as well as transactional behaviours, and provides insights into known associations. It marries rules-based analytics with machine learning to stay ahead of evolving fraud activity, and uses predictive analytics to search for anomalies and patterns of risk.