With the pandemic having accelerated the shift away from face-to-face credit applications, the fraud landscape continues to evolve – and this trend shows no signs of a reversal. Given the inherently remote and anonymous nature of internet-based credit decisioning, this presents higher risks for lenders. The lender landscape has changed too. More consumer payment options, like Buy Now Pay Later, have seen businesses that previously didn’t need to consider fraud, having to implement further security measures.
Lenders are facing increasing challenges as fraudsters become more sophisticated. Gone is the perception that fraud is conducted by rogue individuals behind a keyboard. The days of organisation-wide programmatic bot-based attacks have largely replaced the threat from individual fraudsters.
There has also been a rapid growth in the number of data breaches with organisations suffering cyber-attacks and phishing scams. An abundance of identity, personal data, and security data is available on the dark web and provides fuel for identity fraud. According to the National Fraud Database, identity fraud surged in the first six months of 2021 with an 11% increase in cases, and CIFAS has warned businesses to expect these numbers to rise throughout 2022 as the cost-of-living crisis may prove to be a catalyst.
The rise of identity theft and synthetic identity fraud
Data is utilised in different ways with a significant emergence of ‘synthetic fraud’, where the fraudster acquires initial details that have been compromised to create the basis of an identity. Typically, this data can enable a digital presence and the opening of basic facilities e.g., a utility account, for which barriers are low. Through gradual nurturing of the identity, further facilities can be granted, eventually resulting in full banking facilities and extended credit lines prior to a large break-out fraud. The problem for lenders is that this type of fraud can pass checks for additional facilities with little suspicion and large losses can occur, masked as bad debt, with no chance of debt recovery.
Combatting fraud with artificial intelligence and machine learning technology
A natural reaction to increased threat at the stage of customer onboarding is to heighten the measures taken to avoid future losses. However, this needs to be done carefully as consumers expect lenders to quickly acknowledge identity and credit reputation without the need of extensive personal details or credentials. The danger is that authentic customers abandon applications and find a supplier offering similar facilities with less friction. So, lenders need to strike a balance between fraud protection and online user experience.
One of the biggest developments for lenders has been the emergence of artificial intelligence (AI)/machine learning (ML) fraud prediction techniques that enable powerful scoring models. In a data environment where many niche rule-based inputs are available for modelling, and anomalous data patterns abound, the use of advanced AI/ML techniques create dramatically stronger results than traditional statistical approaches. These techniques capture complex patterns within the data, but the individual-level predictions they make can be more difficult to understand than with traditional models. Jaywing created a model with full transparency and explainability, using our multi award-winning AI software, Archetype, that identified nearly 80% of fraud activity within a 2% segment of high-risk applicants. These explainable results are becoming increasingly important to businesses looking to understand the factors that contribute most strongly to fraud predictions and to underwriters wanting to survey these key risks. Archetype also helps shield lenders from fraud losses whilst limiting false positives and protecting customer experience. The latter is crucial when onboarding new customers in the fight against fraud, as the integrity of a best-in-class experience and simple usability must remain.
Using data sources to differentiate between genuine and fraudulent applications
A notable development has been the increased availability of device and connection data. Evidence that a device has been masked or modified provides clear warning signs, highlighting that the operating system has been jailbroken to enable illegal or unauthorised programs to be installed. Tracking of historic applications from 3rd party data providers also gives valuable insight as to where and how devices have been used in the past and whether they can be linked to fraud perpetrated with other lenders. This is particularly valuable when investigating professional fraudsters who find the switch between devices more difficult than the change between identities. Another advantage of these data sources is that they present zero friction to the consumer as the data gathering occurs in the background.
The gathering of email addresses and mobile phone numbers should present a minimal burden to a genuine applicant requiring a credit facility. Advances here have added insight into the risk associated with this information, such as date of creation, date of latest usage, and location, which can corroborate information provided elsewhere. These data sources all add value to the traditional data from the credit bureau, and shared data relating to historic fraud and genuine applications.
Indeed, the problem for lenders is almost the availability of too many data sources that, if used independently, can result in duplicated effort that suffocates the application process and result in delayed and poor decisioning. But, with appropriate technology and advanced decision systems, it is possible, based on initial and internal data capture, to make an up-front assessment of fraud risk levels. From here, an appropriate customer journey can be designed for specific segments so that friction is incurred only where necessary. This is key to effective fraud strategies in which the importance of maintaining a positive customer experience at all touchpoints should never be underestimated.
There are many 3rd party data sources on the market, all of which on a standalone basis would support fraud detection. However, all external data systems carry material costs. Lenders need to understand the incremental return on investment they achieve from each vendor either on a portfolio basis or, for those used on a pay-per-click basis, at a segment level. By having an architecture that allows systems to be easily ‘switched in’ or ‘switched out’, data strategies can continue to evolve as future threats emerge.
It is clear that the fusion of technology and data science can have a significant and almost immediate impact on the bottom line. The development of anti-fraud technology and data sources will continue and, inevitably, some lenders will embrace change more readily than others. Lenders must assess what data and technology best align with their business needs and goals and look to quickly implement these in order to stay ahead of the curve.