Identity fraud cases are costing businesses money, reputation, and customers — with no company being immune to these risks.
Such examples include onboarding fraudsters and fake bots onto your online platforms or dealing with scammers committing unwanted transactions.
Traditional methods are no longer sufficient — fortunately, there are AI solutions available to rectify these issues.
What Is Identity Fraud, and How Does It Affect Businesses?
Identity theft is a type of cybercrime that occurs when criminals steal the personal data of their victims. This includes their names, dates of birth, addresses, credit card number, and so on. For many businesses, identity fraud is typically executed in two ways:
- By using the victim’s personal information to open up a new account
- By impersonating a staff member, supplier, or customer as a means of committing data breaches.
Having an abundance of fake user accounts will adversely affect the integrity of the brand. Hence, many companies are taking great lengths to counter this problem. Even before Twitter’s acquisition, Elon Musk has prioritised removing fake online accounts on the platform. Governments are looking for ways to overcome fake online reviews . Even the recent Black Friday sale saw a rise in synthetic identity theft.
How Bad Is the Problem?
Since the Covid-19 pandemic, consumers have increasingly relied on the Internet for shopping, browsing, and entertainment. This surge in traffic has resulted in users being even more susceptible to online scams which is especially true for those who are not aware of their digital footprints and points of vulnerability.
1 in 3 Southeast Asians have experienced online fraud since the pandemic, according to a 2021 report. 71% of fraud originates from identity theft, two-thirds comes from phishing, while 63% comes from account fraud. This has resulted in companies prioritising online fraud and fraudulent charges as critical enterprise risks – with fraudsters able to take advantage of the benefits of opening a fake online account.
On a global scale, the UK’s Office for National Statistics reported that overall crime increased by 14% in the year to September 2021. Fraud and computer abuse spiked during the lockdown and increased by 47%.
Consumers are also constantly worried about fraud. The 2022 GBG report states that almost one in ten (9%) people fell victim to fraud, and another 18% weren’t sure if they had been defrauded. Consumers in the UK and Germany were most likely to fall prey to fraud (both 9%), and the percentage was 8% in Spain and 7% in France.
Monetary Effects of ID Fraud
Fake customers are still customers, right? Not exactly. Fake accounts tend to lead to platform abuse — such as spam, phishing, scams and more. More notable examples include deposit fraud, where fraudsters will use a stolen credit card number to purchase prepaid SIMs, and alternate currencies, as a way to launder money.
Losses are estimated to reach US$635 billion globally, stemming from misdirected marketing dollars, account recoveries, damage control and more. FIVerty states that half of new accounts in the US were fraudulent in 2021 . Arkose Labs also found out that fake account creation has jumped over 70% between 2020 and 2021 alone.
Social Effects of ID Fraud
Brand reputation is a company’s most delicate asset — it takes a lot of effort to build, but is easy to dismantle. It establishes the standard of interactions with consumers, business partners, and creditors.
A company that unknowingly onboards fraudsters, scammers, and fake bots will experience a negative effect on their public perception. An example would be legitimate companies operating within the cryptocurrency space and inadvertently causing their consumers to lose trust in crypto projects, exchanges, and tokens.
Digital businesses are supposed to make commerce a better experience for their consumers but the rise of online fraud is driving consumers back to physical brick-and-mortar businesses — which are costly to upkeep.
Business matters aside, the biggest identity theft victim are children. About 1.3 million of their personal identifying information is stolen every year, with foster children posting a greater risk compared to other children. Identity fraud not only affects mere profits and losses but they can also negatively affect the safety of future generations.
Why Traditional Methods No Longer Work
User authentication typically relies on these traditional methods:
- Username
- Passwords
- Email Verification
- SMS OTPs
Unfortunately, these four methods can be easily bypassed. About 4,800 websites are compromised monthly, with usernames and passwords being leaked onto the dark web.
Many countries also do not have breach notification laws, so users are not informed even after their passwords are leaked. What’s more, many accounts suffer from weak passwords that can be easily guessed or brute forced.
Email verification and SMS OTPs are also vulnerable to spoofing techniques. Users today can easily create a disposable email account and password. Fraudsters can also trick victims into installing 3rd party software that can read SMS messages and use them to steal OTP codes. We have gone into this topic in-depth in another article, which can be found here .
How To Fight Identity Theft
Businesses need to implement new authentication and security measures to combat the ever-evolving threat of identity fraud. Electronic Know Your Customers (eKYC) is a great start to prevent identity thieves and bots from opening fake accounts.
Through eKYC, customers first perform a live selfie and capture a live photo of their identity document (driving licenses, passports, ID, etc.) AI solutions then perform facial matching, liveness detection and document authentication to ensure that the submitted information is genuine and legitimate. As required by regulations, such eKYC measures are currently in use by the average financial institution and telecommunications company.
Instead of SMS OTPs, businesses today can also implement hardware or software tokens instead, which are more secure. The latest development within this space would be push notification, or password-less authentication, which provides a seamless user experience while being relatively cheap to implement.
There are also low-hanging fruits that companies can implement — such as having a risk-scoring system, implementing a cooling-off period when onboarding new devices or account transactions, or implementing a robust breach notification policy.
Innov8tif is the market leader within the ID Assurance space across the ASEAN region. Our solutions are currently in use by banks, telecommunication companies, the financial sector, as well as local governments. We service companies both large and small, giving companies confidence that the users onboarded are genuine and legitimate.
Subscribe to Innov8if’s newsletter and explore our official website to keep up to date on the latest ID Fraud prevention methods.
