Not only does fraud create both material and monetary loss, it can also inflict extreme emotional distress on victims. In fact, nearly all fraud victims blame themselves, which can leave to severe stress, anxiety, difficulty sleeping and depression.
Despite the damage fraud can do, it’s been going on for thousands of years – the earliest recorded (and unsuccessful) attempt was around 360 BC when a shipowner called Hegestratus planned to sink his insured vessel and pocket its value, along with the corn secretly hidden inside.
In recent years, fraudsters have moved away from traditional scams and focused their attention online instead. From data breaches and malware attacks to phishing and spoofing, internet fraud cost victims $1.4 billion in 2017 according to the FBI.
But while technology can facilitate fraud in a number of different ways, it also has the power to prevent it, from checks with security holograms to AI-powered predictions on when attacks will occur. Technology has even gotten to the point where people are asking whether we will have a fraud-free future.
Rallying against credential stuffing tools
Did you know that 14.7 billion data records have been breached since 2013? High-profile cases you may have heard of include Equifax (143,000,000 records), Marriott Hotels (383,000,000 records), Twitter (330,000,000 records), and Yahoo (500,000,000 records).
The breached data includes PII, login credentials, and in the case of the Facebook breach, it’s even data related to religion or political affiliations, and recent search history. explains Julie Conroy, research director for Aite Group’s Fraud and AML practice.
Once they have this data, fraudsters will quickly test login details against hundreds or even thousands of online properties to see where they’ll work in a practice known as credential stuffing. But in future, this could be a thing of the past thanks to fingerprint technology, multi-factor authentication and the use of CAPTCHA.
Cloud-based detection and authentication
Cloud has typically lagged in financial crime (fraud and AML) versus other parts of the bank just because there’s so much personally identifiable information involved – says Conroy.
However, cloud deployments are starting to address fraud with automatic software updates as soon as they become available, the provision of additional resources for better scalability and maximum flexibility for capital expense purchases.
Several organisations now recognise that the most common security features of the cloud are far superior to what they can provide on-premises.
Implementing a fraud and authentication hub
Conroy explained that using a hub results in one API going to one vendor. He added:
That vendor has relationships with a number of different fraud detection and authentication vendors behind it. As you build out your layered solution, you can effectively address your detection needs as well as your customer authentication needs.
Bringing more than one hub together strengthens defenses and allows fraud teams to spot alerts without having to manually manage several vendors.
What’s more, fraud and authentication hubs can overcome the challenges that slow down a bank or merchant’s ability to be nimble in the face of fraud.
We’re in a constant technological battle – with fraudsters and businesses trying to use the same tools and innovations to get the upper hand. If law enforcement, businesses and software providers can stay one step ahead of the criminals, that’ll be the key to ensuring a fraud-free future.