A survey was conducted in 2018 among 500 Banking Executives focusing on banking fraud. The results below will paint a picture as to how big the problem is and how banks feel ill-equipped to fight it. See figure 1.
How Fraud/ Identity Fraud Starts
In the US, identity development begins with a Social Security number (SSN). Fraudsters obtain either actual numbers off the “dark web” or may create totally fake ones. When actual numbers are used, the criminals tend to prefer SSNs of children and deceased individuals − ideally, of deceased children. The criminal pairs the SSN with other personal and demographic information to create an identity.
Once an identity is created, there are several ways to develop the appearance of a person through credit profiles or records. Three common methods are:
- Applying for credit. The fraudster uses the identity to apply for credit cards, phone service, etc. The merchant, financial institution or other entity submits the identity information to the credit bureaus. If the credit bureau has a file for that identity, it sends the creditor a score. If there is no comparable record, the credit bureau creates a file and records the inquiry. Whether the initial request is approved or declined, at least now a record exists for subsequent applications using that identity. It starts to look more real.
- Adding an authorized user. The fraudster adds a new identity as an authorized user on an existing and mature credit file − either another synthetic identity or a real person who may get kickbacks for colluding in allowing the fraudster to use their credit identity. By association, the newly authorized user adopts the credit score of the original account, then splits off to a separate credit file. The number and relationships of authorized users can be an indicator of this type of fraud.
- Bringing a business entity in collusion. This scheme, also known as a data furnisher approach, is likely to involve an organized fraud ring. Business entities (fake or real) create sham credit accounts for synthetic identities, then submit monthly records to the credit bureaus, making it appear that these accounts are being paid and represent real, credit-worthy people.
The underlying theme is the same: The fraudster exploits the services of the credit industry − banks, other creditors and credit bureaus − to build a credible identity to use to gain access to yet more credit.
So how do you stop the fraudsters? It can be complex, however there are solutions available. DataHub is working closely with IBM & Senzing on helping banks get a handle on identifying fraud by using Identity Resolution Solutions. The challenge most banks are facing is that data is often siloed and comes from many different sources. To keep up with the data and piece it together is very labor intensive and involves many different tools. Here is an example of one person being represented from 4 different data sources. Is it the same person, or 4 different individuals? See Figure 2.
So how do you keep up with the fraudsters? If you are a bank, the first thing you have to do understand and protect your channels. Below is an example of the different channels within a bank. See Figure 3.
Often times, banks are using point solutions to try to protect each channel. That is extremely difficult because there are many point products for each channel. In addition, none of these products were designed to work with each other and you would never be able to build a complete profile on an entity or fraud scheme.
To combat this challenge, IBM has entered into the market with their Safer Payments offering. Safer Payments not only can help stop payments to fraudsters through many different channels, but it also can build profiles on entities. Building profiles and understanding fraud patterns is the best way to combat the ever-growing fraud that is plaguing the US banking systems.
DataHub is one of a few IBM US business partners that is fully trained and certified on the IBM Safer Payments solution. We work with many different size financial institutions to help them in their overall fraud prevention strategies.