COCC Insights Final - Flipbook - Page 3
SPONSORED CONTENT
Three Common Tactics Used by Fraudsters
Based on 2023 data; numbers don’t add up to 100% since more than one
fraudulent verification technique may have been used.
Source: Socure, “Unmasking document and biometric identity fraud: Exposing the
deceptions”
+ Document image-of-image
(photo or screenshot is used versus a live capture of a document)
63%
+ Document headshot tampering
(facial imagery is manipulated)
21%
+ Selfie spoofing
(common with impersonations or synthetic identity fraud)
20%
These forms of fraud are particularly
prevalent in digital channels. DR Bank in
Darien, Connecticut, has a long track record
in the digital space; it founded Laurel Road
more than a decade ago, an online unit
that it sold to KeyCorp in 2019. Today, the
$782 million subsidiary of New York-based
Alcar gathers deposits nationally through
its digital platform, powered by COCC, along
with a banking as a service arm focused on
deposits, payments and lending.
Syd Ally, the bank’s chief operating officer, is particularly worried about synthetic
identity fraud. “What we’ve experienced
in the past is rings of people trying to
create synthetic identities,” he explains.
Once those fraudsters have their cash, they
disappear without a trace.
Synthetic identity fraud — where a
bad actor uses a combination of fake and
existing information to create a faux identity — costs U.S. financial services firms
around $20 billion annually, according to
the Oliver Wyman/ABA report. “Whatever
the mechanism, a synthetic identity allows
a fraudster to attempt more complex and
damaging financial crimes, with the cost
typically being borne by the bank,” according to the report.
Artificial intelligence has “lowered the
costs” and enabled fraudsters to scale
attacks that are more convincing, says
Grisevich.
Matt Lidestri, vice president and
information security officer at COCC,
emphasizes the importance for institutions
to actively assess those critical moments
that require verification and identification,
especially during onboarding. “Is this a real
human being that is going to be a valuable add to the institution? When they’re
logging into their account, is this the actual
user?” he says. “Are these transactions reasonable for this user? Is this how this user
behaves? Such factors in observability
naturally help to differentiate true, valid activity from those that may be illegitimate.”
Layers of Security
Banks and credit unions tend to rely
on an array of solutions and protocols to
answer these questions. Document verifica-
tion, liveness or selfie tests, phone verification, one-time passcodes and multifactor
authentication are among the data points
used to identify a user when an anomaly
has been detected.
Vetting prospective customers on a
national scale requires a lot of data points
and “a lot of tools,” says DR Bank’s Ally.
“It’s like a waterfall. As you get deeper
into that stack, the better you’re able to
validate somebody’s identity.”
Institutions should look at a variety of
personally identifiable information and
leverage automation to approve or reject
an application, or kick it to manual review.
Ideally, the number of applications subject
to manual review should be small; not only
are those processes inefficient, but they can
introduce human error. “It’s always good
to have a wide array of verification checks
that feed into the automated decisioning
engine because it allows you to make a
more informed decision and have assurance
that the customer you’re verifying is a good
customer,” says Grisevich.
Ally says DR Bank is constantly tweaking its parameters and inputs to enhance
the user experience while protecting the
bank and its customers from fraud. “You
want to make [the process] frictionless,”
says Ally. Risk scoring — based on tenure
with the bank or the customer’s normal
behavior — is deployed to help identify and
authorize existing customers’ activity. DR
also leverages AI tools that can detect patterns and alert staff of potential issues.
“AI empowers banks to strengthen
identity verification while also maintaining
that seamless customer experience,” says
Grisevich. AI can help institutions analyze
large, complex datasets that can help an
institution detect and deter fraud. “Then,
they start to build a dynamic and robust
risk profile,” he says, “and leverage AI to
be constantly analyzing and comparing current patterns and behaviors against known
past behaviors” to detect anomalies.
3
