Identity (ID) fraud losses reached $52 billion US in 2022 and are expected to double by 2024. ID theft is contributing to the growth, along with synthetic fraud, which involves the creation of a fictitious identity using a combination of real and fake personal information. ID scams and other tools are constantly being used to skirt ID verification technology, raising the question of why technological advancements such as biometric authentication have not solved the problem.
There are a few reasons for this, including the advent of high-level forgery, which has never been easier. Anyone can search the internet and dark web to find falsification services offering downloadable templates online. Moreover, criminal groups have been utilizing automation to steal personal data, and leveraging machine learning, bots and other software techniques to convert fake IDs into a large-scale business.
Compounding the problem is that personally identifiable information (PII) data is exposed constantly. Applications collect and analyze PII data and, without noticing, users give them permission to share their personal details online. This makes it even easier for fraudsters to intercept the information and build up a synthetic identity using a combination of real and manipulated data.
The problem is clearly getting worse, but how can technology come to the rescue?
Fortifying fraud prevention through IDV
Identity intelligence, which refers to the process of gathering, analyzing and interpreting information about an individual's identity, has become crucial. In the past, a person's identity was limited to physical identification such as passports and driver's licenses, but now, digital IDs are prevalent.
Businesses must become knowledgeable about identity intelligence. This involves calculating the risk of ID fraud — and protecting customer privacy without interrupting the ease of accessing services such as medical care, transportation or workplace resources.
It’s important to invest in a reliable ID verification (IDV) system — the technological infrastructure and processes that gather and verify identity information and detect fraud. To improve identity verification and fraud detection, companies must utilize a defense-in-depth approach, which involves identifying and preventing ID fraud before it occurs. Establishing a secure, automated and dependable IDV system is crucial to ensuring a secure and fraud-free environment.
Answer these six questions to fight fraud
The IDV system should be able to answer the following questions in each transaction:
- Is this person really who they say they are?
- Are they a live person and not a bot?
- Have you seen them before?
- Are they a "real" person with no synthetic components?
- Are they on a sanctions list?
- Are you completely sure about everything?
To fight fraud, security leaders must fortify their ID system. A comprehensive defense-in-depth approach should include biometric testing to determine "liveness," electronic identity verification to flag blacklisted individuals and neural networks, which are well suited for sniffing out synthetic fraud because they can process large amounts of data, learn from patterns and identify anomalies or inconsistencies that may indicate fraudulent activity.
An orchestrator that accommodates customization can make it all come together through a predetermined workflow. This should involve the seamless and efficient integration and coordination of various fraud prevention measures, including biometric testing, identity verification and neural network analysis.
Like every year in recent history, 2023 has brought with it new challenges in fraud. The impetus to understand identity is clear, but it's up to businesses to invest the time and effort required to prevent ID fraud and protect their own reputations with a future-proof IDV system.
This article originally ran in Security, a twice-monthly security-focused eNewsletter for security end users, brought to you by Security magazine. Subscribe here.