Today, business growing digitally. The pandemic has accelerated this process, pushing online services to evolve to digital onboarding procedures instead of traditional, face-to-face ones. As always happens, fraudsters are moving in the same direction, resulting in a significant increase in Application Fraud. The security issues related to the onboarding process transversely concern and Financial Services, eCommerce and PA. Therefore, it is necessary to allow digitized access to the service while recognizing fake or fraudulent users in this context.
Application Fraud is one of the fastest-growing types of fraud. Aite Group found that credit card losses from Synthetic Identity fraud (a kind of Application Fraud) reached $968m in 2018 and projected this to reach $1.26 billion in 2020.
Application Fraud is a form of identity fraud that involves a fraudster applying for a new account for a service or product using stolen or synthetic identities.
The targets are often bank accounts, credit or debit cards, public administration, eCommerce and loans, to name but a few.
It should be pointed out that it’s not just a financial-related threat. Fraudsters target public administrations to hijack tax refunds or pension funds, or eCommerce loyalty programs. This type of fraud is often the consequence of previously accomplished data breaches that provide fraudsters with massive personal information data sets. These are used to forge synthetic identities or to impersonate somebody else.
As a form of identity fraud, being a victim of identity theft can lead to becoming a victim of application fraud.
When a passive fraud occurs, a customer becomes the victim of a scammer who takes over his or her account and targets the user’s assets, as happens with Account Takeover attacks. Instead, Application Fraud is often related to an active fraud scenario. The fake customer tries to scam the service provider using its poorly designed validation processes.
Then, when personal details are stolen, fraudsters can use them to open up a new account and start completely new accounts for a digital service.
Fake accounts are usually opened with banks or credit card companies to access funds using the victim’s details easily, or within other digital services such as a mobile phone contract.
The digital onboarding procedures focus on onboarding as many new users as possible. Pursuing this main goal often means preferring user experience over security during solution development. An easy and enjoyable onboarding experience is sure to attract new users, but balancing it with identity checks is a must unless you want your service to be affected by fraud. Here is why application fraud imposes new challenges and requires new approaches in detection and protection.