Share
Large-scale security breaches unfortunately position fraud as a top concern and expense for the financial services industry. Especially alarming for banks is fast-growing synthetic identity fraud. These schemes use a combination of stolen real data and fake information to create new personas, and alone could hit $23 billion in losses by 2030 if unchecked, according to a Deloitte Center for Financial Services analysis. A number that size means the industry response must be equally strong, relying on real-time solutions, leveraging AI and pooling industry-wide fraud intelligence.
Crystal Blythe, vice president of customer success and fraud management at IDology, a GBG company, joins us to share her best ideas on technology and people-powered insight. Most of all, she urges cooperation, not competition, when it comes to fighting fraud.
A few takeaways from the conversation:
Transcript:
Crystal Blythe knows that fraud detection and prevention technology must get faster, but as banks compete in a digital-first marketplace, increased safety measures can’t create too much friction for legitimate customers, which could drive them elsewhere. And that’s where smart technology can help. Crystal, welcome to the BAI Banking Strategies podcast.
Thank you, Holly. Happy to be here.
So we’ll jump in, and I know we’ll get to solutions pretty quickly here, but I think it’s important to remind listers just how costly fraud can be for financial services for the industry more broadly, both in actual dollars as well as that hit to reputation. Crystal, maybe to get us going, could you share some of the latest numbers you’re seeing in terms of the impact of fraud?
Absolutely. Some of the larger scale breaches from last year will be a fraud issue this year. There’s no doubt about that. So cyber criminals stole an estimated 50 million personally identifiable information or PII, so they stole those records during the 2023 holiday season. In the financial sector, it’s expected to see an uptick in fraud, and about 70% of financial institutions lost over $500,000 to fraud in 2022. So 71% of respondents increased spending on fraud mitigation, and then 62% of breaches were labeled as first party fraud.
And I saw some research from your organization that ranks synthetic identity fraud or SIF as one of the fastest growing financial crimes worldwide. Could you talk a little bit more about synthetic identity fraud, what it is, how long it’s been around, and how it’s evolved?
Synthetic identity fraud is basically a collection of fake and real information to create this newer identity that hits some of the credit bureaus. So they’re taking information like your name and address, social security number, a date of birth from different individuals. Some of it’s fake, some of it’s real, and they’re creating this fake identity. So the thing to know about SIF or synthetic identity fraud, it’s particularly prevalent in the financial space, but it’s been around for quite some time. It’s nothing new, it’s nothing that’s new under the sun. So research into synthetic identity fraud projects that threat to cause upwards of $23 billion in losses by 2030, which that’s a huge number.
Wow.
Yeah. And some of our own research indicates that synthetic identity fraud basically is one of the fastest growing financial crimes worldwide. During our tax season, which we call fraud season, we see synthetic identity fraud really increase around Super Bowl time. So we just had our Super Bowl and then lottery are periods of time where we see those huge transactions that correlate with an uptick of synthetic identity fraud.
And what are some of the solutions to fight that type of fraud that you’re seeing out there?
I think one of the top ways to kind of fight this is by setting up real-time notifications on high-risk activity. So financial institutions can give visibility into fraud patterns and monitor high-velocity attempts. Institutions can also limit specific attributes associated with known fraud.
Can you talk a little bit more about those real-time velocity alerts? And are they among the best places to dedicate that fraud-fighting budget as people are looking at how they can best use their budgets in dollars?
Velocity alerts are based on rules that an institution can set internally to track certain trends they know to be suspicious or probably fraud. So real-time velocity alerts are great because they’re looking for the rate of occurrence or repetition of certain data elements. So we can cast a wide net to monitor on activity or we can kind of hone in on granular activity. So it makes it very effective when used correctly. It relies on fraud attributes that have been detected in the past, but also should allow for customization of those attributes that may be a new trend.
And certainly the onset of ever-faster real-time payments and banking through FedNow and other services also means that fraud detection and response has to be virtually instantaneous. Can you talk about real-time fraud response? Certainly because without it real-time payments will definitely be undermined.
Real-time alerts can be a key tool in preventing fraud, but I think the real strength comes when an institution can pair things like your velocity alerts with cross-industry data and intel along with a dedicated fraud analyst. So I feel like the more visibility an institution has on non fraud, the greater their defense can be. Things like adding additional layers of real-time alerts along with velocity and other fraud tools. It can offer a more accurate picture of your customer. I like to think of it as a layered approach. It can help empower institutions to prevent synthetic identity fraud and protect against identity theft and minimize other types of fraud threats.
And Crystal, I know you’ve written about the importance of data sharing in the past, and you’ve shared that there’s an established fraud fighting consortium that cuts across companies even across industries. Would love to learn more about that. Can you share more about that consortium and what it does?
We just call our consortium Consortium Fraud Network. It’s been around for a while. It’s one of the first that we had in the industry and we’ve spent a few years trying to perfect it. It’s more of a, I like to call it a give and take scenario. So we have clients from different industries that actually come and share their data with each other.
And certainly that’s so important to the consortium. Can you talk a little bit more about why that data sharing is important and has there been strong financial services industry?
Yes, it’s really important because what we know is that fraud moves fast, right? And it’s forever changing. So once something works for a fraudster, they’ll take the same tactic and apply it as to many targets as they can. On the flip side of that, if an attack doesn’t work, fraudsters may still end up taking a shotgun approach until they can find a situation where something does work. When they do that, they’re hitting a client constantly. So our network functions as a sort of neighborhood watch where companies in different industries can report and share that suspicious activity.
And it sounds like you built a really good foundation with that consortium. Where do you see it growing from here? Where would you like it to go?
Well, I would like everyone to opt in to share their data, right? Of course. And I think in the situation, a lot of times when we talk to our clients, they kind of want to hold their information. They don’t want to tell everybody that they have this amount of fraud. But I think what I would like is for clients and companies to understand when you share that data, you’re only helping yourself, right? We’re trying to build a community to share the data and try to stop the fraudsters. So that’s where I would like for it to go.
Yeah, I mean, it does seem like something just for the greater good of the industry, so it’s great to see that you’ve had success in getting those banks to band together for that greater good. Certainly we know that banks need protection from fraud. Consumers need protection, but it’s challenging when fraud prevention creates too much friction for that customer. I think that’s one of the ongoing discussions that we’ve had here at BAI. What is the right messaging for banks to use around fraud protection to make sure customers don’t feel unduly targeted?
So I think the important thing to consider when dealing with friction is understanding how to deliver the right verification journey to the right customer at the right time. Banks want to be able to fast track trusted identities while escalating those higher risk ones to a more secure path, and it makes sense. So applying the correct amount of friction is a challenging thing to kind of get it right, but it’s also something consumers are looking for. Consumers may expect faster banking experience, but they also want that security. A couple of numbers. So 68% of consumers rank a secure process as most important to them when opening up a new account online while 37% abandoned signing up for new online account because the process didn’t seem trustworthy. So with the right verification solutions, institutions can orchestrate flexible low-friction, customer journeys that are also safe.
Can you talk a little bit more about that intelligence identity verification technology, how it reduces friction? More specifically how it works?
With intelligent verification, tech banks can employ automated multi-layered identity verification technology that can help streamline workflows and apply friction only when it’s needed. 76% of consumers report that they have a positive impression of businesses that use advanced identity verification. So in terms of how it works, institutions are in control to customize those rules and settings. They can define their own workflows and decide who is safe to onboard. This allows institutions to set their own risk tolerance and the amount of friction they want to introduce into their workflow. So they may not want to always have someone scan a passport if it’s not needed.
And we know AI continues to shape financial services and its impact on fraud is no exception. You’ve stressed, I know, the importance of a combination of AI-powered data, but still having human-led interpretation and application of that data. Can you talk a little bit more about that fraud-fighting combination for us?
AI brings flexibility and scalability to identify verification with its ability to kind of quickly scrutinize vast volumes of data and uncover patterns of suspicious activity. But I do feel like AI falls short and its lack of transparency and visibility into why decisions were reached. So our fraud analysts are experts in an important manual review layer that confirms machine learning models are making the correct assertions. I believe humans supervise AI safeguards against any new fraud threats while offering a layer of insight into how an institution can reach a specific conclusion. And additionally, I think a fraud analyst can step in if an AI system rejects a legitimate ID. They can determine how the error occurred and teach the computer how to spot similar issues in the future. And so with that continuous feedback, machine learning models are improved through constant input and refinement.
And Crystal, as we wrap up here, we know you and your team worry about these solutions so that consumers can rest easier at night so that banks can be in the business of growth, not always working to limit loss. What leaves you the most optimistic in this fraud fight here moving into the future?
The thing that leaves me most optimistic is probably our consortium, because even though we have all the tools in the world, we have all of our fraud tools, all of our machine learning, I still feel like the way to kind of fight these things is building that consortium. With that consortium sharing of data is how we’re really going to get ahead and be more proactive and stopping these things. Even if a fraudster can hit one client, if that client is willing to share some of that data, it can prevent the fraudster from going to throughout an entire industry. So that’s where I’m probably most optimistic.
Well, that’s a good point to end on, especially when we’re talking about fraud. Love to end on an optimistic note for sure. Crystal, thank you so much for joining us today, sharing all your great insights. It’s been great talking with you.
Thank you so much, Holly.
Join our community to unlock exclusive content, connect with industry experts, and gain access to valuable resources that will help you stay ahead.
