1217 application fraud the reemergence of an old tactic with a...
TRANSCRIPT
Application FraudThe Reemergence of an old tactic with a new
approach
Nicole Braccia, Senior Director Enterprise Fraud Strategy
Session Agenda
2
• Growing Fraud Concerns
• Old Habits Die Hard
• Maneuvering through the Barriers
• Centralize Fraud Management
3
Growing Fraud Concerns
4
“One in four US
consumers have had
their personal medical
information stolen. 50%
of those were victims of
identity theft.”
Source: Healthcare Data Breaches Among US Consumers, Accenture Survey 2017
Identity Fraud Trends
5
• 15.4 million consumers in the U.S. affected by
fraud incidence
• Total Fraud Losses in 2016 reached $16.0
billion
• Fraud losses increased across most
categories
• Account Takeover rose 64%
• Existing-Card Fraud rose 4%
• Existing-Non-Card Fraud dropped 8%
• New Account Fraud rose 24%
• Existing Account Fraud remained flat
6
“Exposure of SSNs was
evidenced in 52.0 percent of
the overall number of
breaches in 2016.”Source: ITRC Data Breach Report 2016, Identity Theft Resource Center (ITRC)
Fraudsters Continue to Evolve
7
• Fraudsters continue to target the Business
Sector representing 45.2% of overall breaches
• Health/Medical sector close 2nd representing
34.5%
• Hacking/Skimming/Phishing leads data
breach schemes accounting for 55.5%, an
increase of 17.7%
• CEO spear phishing efforts or business email
compromise schemes and ransomware
attacks main driver
Phishing Example
8
9
Old Habits Die Hard
New Account Fraud Trends
10
• New Account Fraud continues to grow thanks
to continued data breaches, malware, and
social engineering involving compromised PII
• Fraud incidents rose 40% impacting 1.8
million victims in 2016
• Total losses increased 24% from $2.9 billion in
2015 to $3.6 billion in 2016
• Misuse time periods also increased from 94
days in 2015 to 130 days in 2016
New Account Fraud Landscape
11
• Fraudsters continue to leverage new horizons
to keep their shops productive and profitable
• EMV liability shift has influenced the push
from counterfeit card fraud to new account
opening
• General-purpose credit cards represented
30% in 2016, increasing by 43% from 2015
• Checking or savings account experienced
50% increase 8% in 2015 to 12% in 2016
Fraud Application Predictions
12
• Application fraud will continue to surge
annually resulting from data breaches for
both Credit Card and DDA accounts
• Credit card expected to rise 170% in 2017 to
$1.4B and increasing to $2.1B by 2020
• DDA expected to rise 161% to $541M and
increasing to $694M by 2020
Source: EMV: Issuance Trajectory and Impact on Account Takeover and CNP, a report by Aite,
sponsored by Iovation
New Account Fraud Challenges
13
Family Fraud
Victim’s Identity fraudulently used by relative
First Party Fraud
Individuals Identity fraudulently used
by self
Stolen Identity
Victim’s identity fraudulently used as result of true compromise
Synthetic Identity
Manufactured identity using real PII or combination
of real and fake PII
Dissecting Synthetic ID Fraud
More than 65% top financial institutions
use SSN as identifier
Fraudsters seek SSN of people who don’t make use of credit
Fraudsters target the elderly and children as
they are unlikely to check credit reports
• Creating Synthetic ID relatively simple and growing trend
• Data breaches are primary source
– Fabricate name to be used with compromised SSN
– Create false birth dates tend to coincide appearance of fraudster in case in-person appearances required
– Provide untraceable or stale phone numbers by the time fraud is realized
• Many Synthetic IDs do not generate red flags as “real people” won’t see the activity on any account created
14
Source: The New Reality of Synthetic ID Fraud WhitePaper, Equifax
15
Maneuvering through the
barriers
16
Extensive identity
verification processes may
lead to high abandonment
rates and loss of revenue
Efficient deployment
of resources difficult due to
high levels of false positives
High levels of manual
review drive additional
abandonment and client
acquisition costs
Reputational risks increase
with increasing fraud and
customer dissatisfaction
Trouble meeting USA Patriot Act
and red flag compliance requirements
Business Challenges
Risk vs. Convenience
17
• New account originations continue to be the
riskiest transactions with nearly 1 in 10
rejected
• In Q3 2016, blocked new account origination
transactions grew 160% compared to Q3 2015
• 63% of financial institutions said they've been
victims of account origination fraud
Prevention, Detection & Mitigation
18
Consumer
Authentication
Digital
Identification
Risk Tolerance
Behavioral
AnalyticsCIP, KYC & AML
Compliance still require
consumer PII verification
Establish a secure
channel of the device to
prevent fraud
Establish holistic view of
consumer to reduce
friction
Ensure policies and
procedures define risk
Device Fingerprint
Geolocation Authentication
Static Biometrics
Velocity Anomaly
Device Analysis
Dynamic Biometrics
19
Centralize Fraud Management
20
New Account Fraud Account Takeover Payments Fraud
Authentication Data AnalysisPost TransactionConsumer
Engagement
Transaction
Monitoring
ID Verification
Biometrics
OFAC
Device Authentication
Consumer ControlsTransaction Monitoring
Machine Learning
Business Intelligence
Predictive AnalyticsTransaction WarrantyCompromised Cards
Dedicated Analyst
Custom Rules
Global Rules
2-way Messaging
Fraud Mitigation
AssociationsTravel
Notification
Attack Types
Solutions in the Market
CAMS Alerts
Mitigation Categories
Malware Detection
Internal Fraud
Employee Fraud
Detection
Automated Chargeback
Dynamic Jailbreak Root Detection
ANI Spoofing
Fraud Solutions LandscapeAs the complexity of payments increases, so does the demand for new fraud solutions
Enterprise Strategy for Omni-Channel Protection
21
Leverage each channel’s unique processing to create a holistic view to fraud mitigation
• Fraud strategy across
multiple product lines
including credit, debit,
prepaid, & merchant
• Create a forum to allow
various fraud analyst
groups to talk and share
• Identify gaps in business
lines to start the solution
process
• Combine various fraud
roadmaps to drive into a
single through line
©2017 FIS and/or its subsidiaries. All Rights Reserved. FIS confidential and proprietary information.