July 27, 2011

Credit Union Management magazine’s Web-only “Tech Time” column runs the fourth Wednesday of each month.

Online banking fraud continues to plague bank and credit union executives. According to Javelin Research’s 2011 Identity Fraud Survey Report, 8.1 million cases of fraud were reported, costing financial institutions $631 per incident. Government regulations and guidelines like Section 326 of the PATRIOT Act and the Bank Secrecy Act have been enacted to try to stop fraudsters. But so far rules and regs haven’t been enough to deter online fraud rings. Ultimately, products that offer real-time interception and behavioral analytics will most often enable financial institutions to catch fraudsters before the damage is done.

Currently, there are three classes of fraud protection geared toward those opening accounts online:

1. Identity verification. The first level of protection offers financial institutions the ability to verify an applicant’s identity and authenticate it in real time, relying on validated public sources. However, demographic profiles of an applicant can become infiltrated with fraudulent information when an identity is stolen and used successfully by another individual to acquire credit. In these cases, identity verification products become ineffective in combatting fraud.
   
   Identifying and combating fraudsters is difficult for individual institutions. Fraud networks work together to outsmart, adapt to and circumvent security systems. Fraudulent efforts are aided by increased online connectivity and the availability of information through social networks. Not only can a fraudster look up a name online and receive detailed information on a person, but social networking makes it easier for people who commit fraud to find and learn from each other.
   
   
2. Contributed data. These products supply historical information about applicants contributed by other financial institutions to databases at credit bureaus. For instance, they may indicate when a charge-off or fraud has occurred on an account. Contributed data products may also put out alerts and flag suspicious applicants based on past fraudulent behavior.
   
   Countermeasures based on contributed data models can’t keep up with the speed of evolving fraud rings. Previously, fraudsters were limited to a few attempts within a day at brick-and-mortar branches that required physical presentment of identification. Now, many attempts can be made across numerous institutions, netting opened accounts that can be overdrafted or credit cards that can be run up before the contributed data is even discovered or reported to the bureaus.
   
   
3. Real-time behavioral methods. The third is a real-time model that looks at unique applicant data to determine fraudulent behavior. It uses behavioral analytics to see where a person has applied for a loan or account, how often, and what type of information the applicant typically provides. Without looking at private details available via public data sources, the system is able to flag suspicious applicants, based on patterns that are associated with fraudulent behavior. When application data is entered, the network scan can reveal matching data and red flag information that appears fraudulent. The patterns are developed by running statistical analysis on prior fraudulent applications to determine how unique applicant data is utilized across a network by fraudulent applicants.

Real-time fraud prevention uses behavioral analytics to examine actions across a wide range of applications and institutions before the account is opened. For example, when an identity is stolen, it is the tendency of the fraudster to use the fraudulent identity at a high velocity over a short time across a large number of financial institutions to open as many accounts as possible before the victim realizes their identity has been stolen. A real-time network approach can keep track of the number of applications a person has across a network over a short time (for example 24 hours) to determine whether the activity by the applicant suggests that the identity is stolen. When the applicant has a higher number of applications than typical over that time period, the system can flag the account and not allow it to be opened without further review. This prevents the fraudster from accruing a high volume of losses in a short period of time and can also alert the consumer that their identity may have been compromised. Once applicant data triggers as fraudulent within the system, future use of that data automatically declines the applicant.    

Link analysis is a new development in real-time online account opening fraud detection that is getting much attention. This process takes contributed data from fraudulent accounts and uses it in real-time models to link fraudulent applicants to one another through pattern identification. Rather than researching just one person, a credit union using link analysis can see if a person is linked to other potential fraudsters with pending applications.

Link analysis works by highlighting when an applicant has entered a specific piece of information numerous times across several identifies. It then detects where else this identity data may have been used or associated with another fraudulent applicant or account.

Real-time fraud prevention during the online account opening process allows financial institutions to stay one step ahead of fraudsters at the earliest point during online account opening. Given its ability to stop the damage before it occurs, it will become an increasingly important requirement for credit unions to address in their online customer acquisition processes.

Andrea Hunter is product owner of fraud prevention and integration solutions at Andera, the leading provider of online account opening solutions in the United States. She has been with Andera for two years, specializes in risk management and core interfaces and is a graduate of Brown University.