Traditional ID verification has given birth to synthetic identity and automated attacks. Fraudsters rely on the widespread industry practice of simply verifying personally identifiable information (PII) to determine the identity of an applicant. Credit cards remain the top transaction fraud target, but debit and prepaid are on the rise.
In 2015, 60% of respondents reported they were victims of new account fraud... Of those, 38.5% reported new credit card accounts were opened in their names.
Criminals will make small deposits and withdrawals over time in order to establish a pattern, build trust and establish credit.
Intermediary Account Fraud
Fraudsters are leveraging the breadth of PII at their disposal to open new accounts.
A viable method for completing application fraud when the issuer relies strictly on the verification of PII.
Many fraudulent new accounts are opened through online banking, telephone banking or mail. Checks deposited into a fraudulent new account are often stolen and forged, counterfeit or drawn on fraudulent accounts at other financial institutions.
Compromised credentials from a data breach or malware are frequently exploited by financial criminals to perpetrate new account fraud.
COMPROMISED identifies stolen PII and delivers scored risk intelligence to help flag high, medium and low-level vulnerabilities for new account creation or account takeover. Risk scoring can be performed by single data descriptors or by weighting all of an individual’s exposed credentials.
Our workflows let you set up rules whenever specified events occur. These rules enable you to route users to different outcomes based on the risk score. When you send COMPROMISED an API call, the output of your workflow is immediately returned to help your risk engine make a time sensitive decision.
Risk scores are requested at the key events where fraud or abuse occurs (e.g. ask for score when sending a create order event, open new account, login to existing account, etc.).
How New Account Fraud risk could be scored when considering compromised credentials: