Identity fraud can cause the cost of doing business to skyrocket to billion-dollar proportions. Proper data analysis can slash the price tag.
ISOs use credit bureau and other data aggregators’ databases everyday to process high-value transactions and build business. But did you know there’s only a 7 in 10 chance that the transaction you process is legitimate? That’s because, according to industry sources, up to 30 percent of the identity information in aggregators’ databases is inaccurate or false.
This exposes your business to two major risks: unnecessarily spending time and money to process illegitimate transactions, and enabling con artists to reap the financial benefits of identity exploitation.
ISOs can reduce these risks by implementing proper data analysis tools to scrutinize data and ensure its accuracy before using it. Without proper data analysis techniques, ISOs only hurt their bottom lines and help feed the vicious cycle of identity fraud.
Databases Leave Security To Be Desired
All the information that’s linked to a name—including Social Security number, address, phone number, date of birth, online user names and passwords, maiden name, spouse’s name, license plate number and bank and credit card numbers—can comprise an identity.
Credit bureaus and data aggregators are the biggest storehouses of this identity information. They collect data from other, smaller credit bureaus, financial institutions, utilities and other private and public sources and mistakes can occur in the process.
The major aggregators have databases containing upwards of 1 billion unique identities (identities with completely different information for each name) for all living adults in the United States. However, there are only 220 million living adults in the country! This means, on average, there could be more than four unique identities recorded for every living American adult.
This vast discrepancy can be largely attributed to the dynamic properties associated with collecting and aggregating data. The inconsistency comes from the sheer volume of data collected from various sources. Corporate America has discovered the value of data mining, and the collection of this data is an important aspect of decision making in areas such as marketing and product development, application processing and granting credit, employment and more.
As the demand for this data increases, more data is gathered from sources where the accuracy and reliability of the data is considered questionable at best, especially in applications where there is little identity scrutiny (such as magazine subscriptions or prepaid cellular telephones). All of this data makes its way through the system, is aggregated and then used in environments where identity validity is extremely important.
At the stage where the data is generated, frequently, the information is not cleansed or verified for accuracy–and this is where the problem arises. As a result of unfiltered data, aggregated databases are cluttered with information that is innocently inaccurate, and, in many cases, fraudulently inaccurate.
These alterations and manipulations are the work of fraudsters taking advantage of the inexact science of aggregating and matching identity data. The fraudsters’ main objective is to manufacture new versions of existing identities while creating uncertainty that will lead to the mismatching of identities or even the creation of a new credit or identity file. This confusion surrounding the identity leads to the identity information having drastically less integrity, and results in less reliability of the information retrieved from this data, including credit information.
One Mistake Leads to Another
Just how secure and effective are today’s management capabilities in combating this problem? How sound are decisions built on these compounded discrepancies? It’s difficult to quantify specifically. One thing is certain—the risks definitely increase for ISOs when they use inaccurate data to make business and financial decisions.
When ISOs process credit cards, the consumer’s identity is sent to a bank that checks the identity against a data aggregators’ database. If a credit history is found for the applicant, the bank assumes the identity is legitimate, and the transaction is cleared.
The ability to do more extensive analysis than this would require an extensive, labor intensive process, absent the advent of sweeping technology-based analytical tools. Without such tools, a company, bank or other institution may end up relying on a simple match between a name and an identity—perhaps one of four or more associated with the original name. In fact, that company or institution might have just cleared a transaction for an identity thief, who can now get whatever it is he or she was trying to pilfer—perhaps property or finances worth millions of dollars.
Also consider the customer relationship management (CRM) platform. If 25 percent of an ISO’s mailing list is fraudulent or fictitious identities, the company’s marketing effectiveness is immediately knocked down by 25 percent. That means wasted mailers, lost customer opportunities and lost money.
The annual cost of identity fraud alone is $52.6 billion, or approximately $5,686 per victim, according to a recent study by Javelin Strategy and Research. This is just the tip of the iceberg. This number represents only the victim-related losses, and although this number is significant, the real loss to businesses is far greater. The by-product of inaccurate and fraudulent data can result in customer dissatisfaction harm to business reputation, inefficiency and waste.
Scrutinize, Then Utilize
To avoid this slippery slope, ISOs must take steps to ensure the data they build their business on is accurate. A way to ensure accuracy and deter fraudulent use of identity data is through proper data analysis.
Quality data analysis technology verifies identity information is correct and matches up with a real person. The technology scrutinizes all the information attached to identities, and searches identity databases for any incidences of fraudulent activity and other anomalies surrounding each identity. If the technology detects any fraudulent activity, it alerts the inquiring company, who can immediately take steps to mitigate any damage.
Thorough data analysis also warns companies and institutions when an identity might be fraudulent. This helps companies decide whether it’s safe to do business with the individual before accepting him or her as a customer. This background verification helps companies comply with governance standards, such as the U.S. Patriot Act.
With a robust data analysis system in their tool belt, ISOs have the foresight to prevent criminals from exploiting private information. That way, they avoid being attacked by perpetrators of identity theft, and spending hundreds or thousands of dollars to process customers that don’t exist.
ISOs can find quality data analysis technology from various identity security and fraud management companies. One great way to find vendors for these types of solutions is to check with your local or national industry association who may have a list of preferred providers.
Here’s a typical identity fraud scenario and preventative data analysis technology in action:
A fraudulent perpetrator creates an identity by slightly altering the identity data multiple times in different environments where information is not scrutinized for accuracy. With each new application and new version of the identity, the information is aggregated and matched, or in some cases, mismatched with an information file. The resulting identity is several degrees removed from the original, but still has connections with the underlying information.
When the perpetrator applies for a new account in the future, the identity is checked against the aggregator’s database. Since the fake identity exists in the aggregator’s database, it will be authenticated. This new identity may even be screened against the Office of Foreign Assets Control (OFAC) checklist or a terrorist watch list. The fraudulent person behind the identity information is unknown to these groups and represents monumental risks to the organizations allowing this identity access. The more successful the perpetrator is in using this identity, the more powerful the fraud becomes. Once the identity is legitimized, it can be used for obtaining a driver’s license or to create a fake birth certificate and build an entirely new persona.
But with proper data analysis technology in place, the criminal would never make it past the first application. The technology would analyze the identity’s data attributes and patterns of usage, and then compare it with what is being presented in the new application. If the attributes of the data or its patterns of usage are suspicious (for example, a new version of an identity, or the use of an identity for applications outside the normal frequency) bank and law enforcement officials would be alerted about a potential fraud.
This instance proves the risk ISOs take when they use fraudulent data to conduct business and make financial decisions. But companies can protect themselves by properly analyzing data and confirming its accuracy before using it. In the end, proper data analysis is the due diligence that can help ISOs to save their business, and individuals, their assets.
|
