By Finding The Gaps
The problem with fighting fraud — according to GIACT EVP of Product David Barnhardt — is how much information fraudsters have at their fingertips about regular consumers. Between the Equifax hack last year, the Exactis hack last month and the thousands of other data breaches, big and small, that happened between them (not to mention before them), the average American consumer can rest assured that some or all of their personal data is floating around the dark web these days.
With consumer data now available in what Barnhardt called “wholesale” quantities, fraudsters have a real incentive to create synthetic identities — fraudulent consumer profiles, engineered to defeat traditional fraud detection solutions by using as much real consumer data as possible.
He said, “The situation we see all of the time with our customers is they experience a fraud where almost everything looked right. The ‘customer’ in question used all the right real data: real address, right name, right social security number, right password. The two things that were different is that they placed a different phone number in as their contact point and signed up for text notifications.”
Of course, in these cases, appearances were deceiving. The “customer” was really a fraudster who came into a verification process armed with all they knew would be necessary to fool the system. The dispositive data (the phone number and new contact method), Barnhardt noted, is crucial but easy to overlook, since it is only when one goes under the surface that the problem with the data sends up a red flag.
“The closer look says this is a prepaid phone, opened in another city 20 days ago,” he said, “which sends up a huge red flag. And those red flags can be found, but companies need to look at data in much greater detail to really see minute discrepancies. In this case, it is two pieces of secondary data that trigger the discovery that this is a fraud.”
The key, he said, is not to simply try to associate a customer with a data set, but to think about all the metadata that underlies the data set that a customer creates and leaves evidence of throughout all their interactions on the web. That metadata, he noted, is the customers’ digital DNA, and firms that want to fight the next evolutionary phase of fraud will need to whip out their microscopes, so to speak, to find it if they want to win the battle.
Read the Complete Article