Losses resulting from identity fraud and fraudulent account takeovers have reached new peaks in recent years. According to Fiserv’s VP of financial crime risk management Andrew Davies, there were 16 million victims of identity fraud in the United States in 2017—an increase of nearly one million over 2016. The total amount lost due to fraud topped $16.8 billion that year, with 1.5 million identity theft victims having an account fraudulently opened in their name. So what’s behind this marked increase in identity fraud?
Certainly, high-profile data breaches such as the Equifax hack have been a factor, but Davies identifies three less conspicuous macro-level causes have been driving much of this growth in identity fraud. First, increased customer demand for digital services has provided greater opportunities for scammers looking to commit account takeover fraud. Second, as EMV technology has increased debit and credit card security, fraudsters have moved on to new types of account fraud that are easier to pull off. Lastly, P2P payment services—while offering unprecedented convenience and speed—also present new weaknesses that criminals can take advantage of.
These three factors driving the increase in identity fraud all have something in common: the ability to stop scammers from exploiting these new avenues for fraud is largely in the hands of companies, not individual consumers. With that in mind, how can companies take steps to foil identity fraud before it happens?
Educating customers should be a priority, Davies says. While individual consumers can’t stop all attacks, making sure that individuals understand what steps they need to take to protect their own personal information—and what tools are available to them—is critical.
On the business’ side, financial institutions should take care to implement thorough customer data protection on three levels: identification, authentication and activity monitoring. This ensures that customer data is protected at every stage of the business relationship.
Ultimately, says Davies, a balance needs to be struck between convenience and protection. While implementing Fort Knox-level protection on all accounts could stop almost every fraudster from getting in, the inconvenience it would impose on customers trying to perform everyday tasks would likely lead to heavy pushback.