As financial fraud attempts become more audacious due to criminals using new technologies to mask their behaviour, some of the anti-fraud measures deployed by businesses begin to feel obsolete.
And while it might seem daunting at first to try and keep up with constantly evolving fraud methods and bad actors who work overtime to perfect their schemes, firms like AU10TIX can use their knowledge to support crime fighting efforts against fraud.
Now, AU10TIX has shifted focus as it enhances support to its network of partners looking to combat fraud in a digital ecosystem.
Ofer Friedman, Chief Business Development Officer at AU10TIX, gives us a brief glimpse of the scale of professional fraud, as well as the company’s vision of fighting it through industry cooperation.
“Just a couple of years ago the usual way to do ID verification for account opening or for whatever reason was through a case level,” Friedman explained, “which means that you ask a customer to send you a picture of their ID, a selfie, etc., after which you analyse it and assess the results.”
But as it turned out, AU10TIX found that companies on a global scale catch only amateur fraud when on the lookout for ID fraud and impersonation, detecting it only on a surface level – e.g. if the data doesn’t match or if something looks partly suspicious. Sophisticated intruders however have a higher chance of infiltrating a network due to their attempt being better masked.
“Because of our accumulated experience and feedback we got from the market, while also leveraging our knowledge, we started to understand that there’s actually a limit to how much you can detect through the case level. By studying the behaviour of professional fraudsters, there are tools like photoshop, deepfakes etc. that can make the identification task more difficult.”
When comparing amateur to professional fraud, Friedman hurried to point out that while the latter is times more prominent than the former, it is also times less detectable due to the advanced approach used when attacking organisations.
The main characteristic of professional fraud according to the AU10TIX Chief Business Development Officer is that people make a living out of it, hence the bigger determination and higher level of sophistication when it comes to penetrating defences.
“Professionals are launching swarm attacks that can either attack the same organisation in multiple ways, or cross an entire industry if it’s very lucrative,” Friedman said.
“They also try to attack businesses that are more vulnerable due to their inability to keep up with developing regulations. The problem is many companies have no idea that they’ve already let fake accounts slip in.”
To minimise this problem, Friedman expressed that there is space for improvements when it comes to regulatory bodies cooperating with the private sector. He continued by highlighting that collaboration with the industry will be immensely beneficial for the ID verification process.
“Regulatory regimes define the need, define the standards, and define the cost of failure to comply. Without regulations, identity verification would still have a place as an operational efficiency driver, but fraud would be way higher, with the cost of it falling on the victims who would pay higher premiums to compensate service providers for the significant losses.”
In this sense, until the grounds have been laid out for better collaboration between governments and businesses when it comes to ID verification, the threat of professional fraud will continue to loom over.
But to build a long-lasting relationship there needs to be mutual understanding, and according to Friedman the commercial sector knows more about the regulators than the regulators understand about the commercial sector.
“Regulators are government entities, while identity verification solution providers are commercial companies. Regulators tend to address customers and regulated entities, while the technologies used for identity verification remain unregulated. This creates a false picture for decision-makers, with all solutions appearing to be the same even when they may actually be significantly different in capabilities, performance, and coverage.
“If hotels get ranked by the star system which suggests what customers can expect from them, then why don’t technologies get proper accreditation that attests to what they can perform? The coming European identity wallet system will be the first attempt in that direction, but it is very specific to its purpose, rather than addressing the solutions that make the world go around.”
And finally, when it comes to the added security that ID verification provides, developing technologies are pushing the way forward. With Open Banking ever so prevalent, how much more can it change the landscape?
Friedman added: “If Open Banking functions the way it sounds, then ID verification would become stronger. But with Verifiable Credentials, digital IDs, and identity wallets already rolling in, the game is changing.
“Every bit of reliable information sharing can help. But why only banks? Why not law enforcement (Interpol, for instance) as well? All have the same interest, but are still not geared to work together. We have already suggested this type of cooperation, and we keep the invitation open.”
