Most companies big and small tackle identity fraud daily and have come to rely on a fleet of tools, including multifactor authentication and CAPTCHA (completely automated public Turing test to tell computers and humans apart) codes, to help identify potential identity fraud. While these tools help to some extent, they don’t catch everything. According to research from Ekata, a Mastercard company, “It’s not foolproof. Good customers get declined, and bad actors sneak through. It’s tough to know who to trust.”
We dive into these challenges, and explore how sophisticated machine learning models can give companies a better understanding of the data they’re processing, as well as help them with identity verification and fraud protection.
Synthetic Identity Fraud
Synthetic identity fraud involves combining real identity information — such as name and addresses — with fake information. As a result, a new identity may be fabricated and used to bypass fraud detection systems. Over time, as simpler forms of fraud have become easier to detect, synthetic identity fraud has become a dominant approach for fraudsters.
According to Tim Sloane, Vice President of Payments Innovation at Mercator Advisory Group, synthetic identities are built up like a house of cards. “A fraudster might use the Social Security numbers of people who died, change the name, change the age, create a background for that individual, and then create accounts,” he said.
And the more accounts fraudsters create, the more credible that identity becomes.
“Fraudsters might start out by going to a merchant; identifying themselves with name, street address, telephone number; creating an account; [and] then do some shopping,” he said. “From there they get a credit card that matches that identity and start building that identity up.”
Machine Learning Tools Help Address Identity Fraud
According to Ekata, businesses trying to prevent fraud should focus on two important questions, “Is the customer real?” and “Is the customer who they claim to be?”
That requires establishing a link between customers and their digital identities. This also provides “an analysis of how they are interacting and behaving online,” per Ekata.
Modern fraud systems can typically accomplish this by leveraging machine learning. Essentially, they’re looking at the various components of the identity and using third-party data to validate what’s true and what’s not.
What’s more, a fraud system uses information about where the person is logging in from. “A fraud system will question why a resident of New York’s personal information is coming in from an IP [internet protocol] address in China,” said Sloane. In essence, modern fraud systems fingerprint the device to see if it matches the customer’s claimed identity.
Machine Learning Systems in Practice
As previously mentioned, one way to better optimize fraud detection is making sure you have a comprehensive view of an individual user, including their IP address and digital habits.
A fraud prevention tool can help companies easily spot red flags.. For example, the Ekata Identity Engine can help identify good customers vs bad actors by answering the following questions:
Does this email belong to the person?
Is this address valid? Is it residential?
What type of phone number is this?
When was the email address first/last seen?
Is the IP address risky?
Are there any anomalies in the use of identity elements?