New account risk assessment: Digital identities are the key

Effective new account risk assessment is a challenging proposition for banks of all sizes. Consumers and businesses are actively transitioning their banking activities to the online and mobile channels, particularly the digital-native Millennials and Generation Z. While this migration to digital creates new opportunities for engagement, it also provides a myriad of new opportunities for criminals to exploit the faceless channels.

The idea that personally identifiable information (PII) is still personal or private is an illusion. Identity fraud is on the rise in countries around the globe, fuelled by reams of personal data compromised in data breaches. More than 14.7 billion data records have been compromised since 2013, many of which included PII.

Application fraud, which is fraud that takes place at the time of application for a new financial relationship with a bank or credit issuer, manifests in any of the following manners:

• Identity theft: The attacker steals and uses the full identity of the victim;
• Synthetic identity fraud: Fraudsters either create a new identity from scratch or compile bits and pieces of stolen data to establish a new identity;
• First-party fraud: An individual establishes a financial relationship with no intention to repay his or her obligations.

As FIs work to shift application volumes to digital channels to expand their footprint and reduce operational expenses, there is a price to be paid in the form of higher risk. On average, FI respondents to Aite Group surveys report fraud rates eight times higher in the digital channels compared to the branch. As a result of the elevated risk, FIs also decline a far higher proportion of accounts in the digital channels. One large US bank interviewed by Aite Group is declining just over 50% of its online applications. Another large regional bank stated that after all its risk screenings are complete, only 8% of the applications it receives online result in an opened account.

Customer experience: the key consideration

While the threat environment is escalating, the pressure to reduce or eliminate friction from the customer experience is a critical factor in technology investments. Consumers’ expectations are increasingly shaped by the easy and elegant experiences provided by brands like Apple, Lyft, and Amazon. FIs are under pressure to provide similarly friction-free interactions.

As a result, FIs are looking for solutions to help more seamlessly and effectively conduct identity verification at onboarding. When asked about key business case drivers for new-account risk assessment tools, 88% of FI fraud executives surveyed by Aite Group indicate that improving the customer onboarding experience is a key business case driver, as shown in Figure 1.

Figure 1: Factors driving investments

As a result of the need for better fraud mitigation that is also customer-friendly, nearly half of FI respondents plan to either change or add new-account risk assessment vendors in the next one to two years. This is a substantial increase from a similar survey conducted in 2015, in which only 27% of survey respondents planned to add or change new-account risk assessment vendors.

Digital identity solutions to the rescue

Given the vast quantity of data that has been breached and lies in the hands of criminals, simply assessing PII is no longer sufficient — the data input into the application form could just as easily be provided by a criminal that purchased the data off the dark web as the genuine consumer. This reinforces the importance of assessing data associated with the consumer’s digital identity to aid in risk assessment. There is a variety of technologies that can help pierce the digital veil, a few examples are described below:

• Mobile operator data: A handful of vendors provide device authentication services in the North American market through direct, real-time interfaces with mobile operators and/or core telecom infrastructure.
• Behavioural biometrics: Behavioural biometrics evaluate the manner in which a person is interacting with his or her device to determine whether it is indicative of bot activity or a fraudster.
• Device identity: Device identity technology examines a combination of identifiable hardware and software attributes associated with a computer or mobile device. The resulting unique fingerprint can be used to provide recognition of devices associated with fraudulent activity as well as ongoing recognition of devices with trusted reputations.
• Machine learning analytics: The vast amount of data associated with digital identities requires a sophisticated set of analytics to effectively analyse the inputs. Machine learning routines are essential in maximising the potential of digital identity data and optimising the balance between detection and customer experience.

Effective fraud prevention is increasingly a competitive issue for financial services companies. Early adopters of next-generation technologies will be able to do more than reduce fraud; the associated improvements to the customer experience give them a decided advantage over their competitors that lag in these investments. Data is the new currency, and creating intelligence from data at scale can give companies a competitive edge.

This editorial was first published in the Fraud Prevention and Online Authentication Report 2019/2020. The Guide covers some of the security challenges encountered in the ecommerce and banking, and financial services ecosystems. Moreover, it provides payment and fraud and risk management professionals with a series of insightful perspectives on key aspects, such as fraud management, identity verification, online authentication, and regulation.

About Julie Conroy

Julie Conroy is a research director at Aite Group focused on fraud, authentication, and AML issues. She has extensive product management experience working with FIs, payments processors, and risk management companies, including several years leading the product team at Early Warning Services.

About Aite Group

Aite Group is a global research and advisory firm delivering comprehensive, actionable advice on business, technology, and regulatory issues and their impact on financial services. With expertise in banking, insurance, wealth management, and capital markets, we partner with our clients, delivering insights to make their businesses smarter and stronger.