Comprehensive Fraud-mitigation Solutions Support Consumer-friendly Mobile Device Account Origination Account access via mobile devices is exploding. For example, in the banking industry the number of people using their mobile devices to access their accounts was projected to reach 1 billion by the end of 2015. 1 By 2020, 2 billion people will use their mobile devices for banking purposes across the globe. Meanwhile, the number of financial accounts opened on mobile devices jumped 60% from 2013 to 2014. 2 This trend presents both an opportunity and risk for financial institutions. Without effective safeguards in place, mobile devices are vulnerable to fraud. The same convenience that mobile devices provide to their rightful owners is enjoyed by fraudsters, too. The efficiency of mobile account opening enables fraudsters to visit a much larger number of organizations to open accounts all from the same place. This executive brief reviews how robust fraud-prevention solutions can be applied to mobile devices to mitigate the risk of identity fraud during account opening while creating a user-friendly experience to reduce abandonment. 1 Juniper Research, Mobile Banking Users to Exceed 1 Bn This Year, Representing Nearly 1 in 5 of Global Adult Population (press release), Oct. 2015 2 Javelin Strategy & Research, Making Digital Account Opening Simpler, Safer, and Seamless, Sept. 15, 2015
How Mobile Devices Support Fraud Prevention Fighting Fraud On The Small Screen The features and functions that make mobile devices popular with consumers can also enable organizations to mitigate the risk of identity fraud. For example, mobile device cameras give organizations the ability to use facial recognition for high-risk transactions. Mobile device cameras can also be used to require applicants to scan images of their government-issued identification documents, such as a driver s license or passport. Already, some institutions require consumers to take a picture of themselves with their mobile devices, which is then compared against these documents. This is especially useful in preventing fraudulent account opening using a stolen identity. The features and functions that make mobile devices popular with consumers can also enable organizations to mitigate the risk of identity fraud. Other biometrics that can be captured on mobile devices, including voice and fingerprints, can also be used to help verify identities. 2
Mobile Device Data Data that is uniquely associated with specific mobile devices can enable nonintrusive or passive checks that contribute to fraud detection. For example, risk-detection solutions can quickly determine if the information about the device s registered owner matches the person opening the account. They can discover if the mobile device is connected to a Wi-Fi network, identify its IP address and assess whether the device is associated with previously known fraud. Device data can also be examined to uncover any other suspicious activity associated with the device. GPS features on mobile devices can help detect suspicious activity by comparing the device s real-time location to the address the consumer provides to establish the account. GPS features on mobile devices can help detect suspicious activity by comparing the device s real-time location to the address the consumer provides to establish the account. A significant variance could indicate suspicious activity. Fraud-prevention solutions can also scan address information to determine if the physical location of the applicant is associated with suspicious activity. 3
Enhancing The User Experience The passive checks that can be used with mobile devices give organizations information that can enable more reliable identity verification. And increasingly, some organizations are so confident in the passive checks that can be performed on mobile devices that additional verification steps are considered unnecessary. But organizations must still require that consumers provide information during account opening. Even here, supporting a user-friendly accountopening experience on a mobile device is getting easier. Emerging solutions enable mobile devices to instantly autofill application fields when consumers take pictures of their driver s license or other acceptable photo identification. The device and application data can then be authenticated with search-match analysis or through smartphone ID fingerprinting. The passive checks that can be used with mobile devices give organizations information that can enable more reliable identity verification. Organizations that require consumers to complete forms need to be judicious about the amount of information they require. Despite the increasing size of smartphone screens, most traditional forms are too long for a user-friendly digital experience. If dynamic sources are incorporated into the mobile account processes, identities can be reasonably verified by the fewest number of questions. For example, if the consumer provides a name, date of birth and a Social Security number, comprehensive fraud-prevention solutions can review credit data and additional information from third-party sources. This could include information ranging from payment histories to verified email addresses. Fraud-mitigation solutions with deep repositories of alternative data enable organizations to confidently engage with consumers who do not have detailed financial histories and who would otherwise be considered an unacceptable risk. 4
Knowledge-Based Authentication Knowledge-based authentication (KBA) remains an excellent fraudmitigation tool, especially in high-risk account-opening situations. But applying it in mobile situations requires some adjustments. Asking more than two questions in a mobile situation may begin to degrade the user experiences. If KBA in the mobile channel creates inconveniences for consumers, many will abandon the process altogether. That s why it s critical to meet the right balance between customer convenience and identity examination while still meeting applicable regulatory requirements. Topical, fast-and-easy questions can provide an adequate level of authentication. The complexity and number of questions should be based on the level of risk detected. Organizations that work with fraud-prevention solution providers that leverage insights across thousands of commercial entities are better able to identify suspicious activity. If searches of these databases don t provide a reasonable level of confidence on the account, more challenging KBA questions may be asked. For example, two-part questions where two correct answers are requested can help provide the assurance organizations require. Organizations that work with fraud-prevention solution providers that leverage insights across thousands of commercial entities are better able to identify suspicious activity. Moving from using static data to perishable data to verify an identity also helps combat fraud. Static data, such as the consumer s home address or mother s maiden name, can be obtained by fraudsters during a data breach. Perishable data, such as the name of a restaurant visited in the past week or information on a large purchase, changes frequently and requires significantly more effort for fraudsters to obtain and yet is easy for the real consumer to remember. 5
Summary Consumers expect more organizations to support mobile account-opening services. The data uniquely associated with mobile devices and the realtime information they can passively collect enable robust fraud prevention with a user-friendly account opening experience. But in order to maximize the fraud-detection capabilities that mobile devices support, it s critical to connect them to robust data-rich solutions. Organizations need access to up-to-date public and proprietary repositories of consumer data. They require solutions that offer sophisticated algorithms that swiftly analyze the data to deliver reliable risk assessments. And it s imperative that fraud-detection solutions nimbly integrate with camera-scanning data capture and fingerprinting technology. In order to maximize the fraud-detection capabilities that mobile devices support, it s critical to connect them to robust data-rich solutions. Contact Equifax for more information on how to select the most appropriate fraud-mitigation approach for account opening on mobile devices. CONTACT US TODAY For more information: 1-877-262-5261 equifax.com/business/prevent-fraud Copyright 2016, Equifax Inc., Atlanta, Georgia. All rights reserved. Equifax and EFX are registered trademarks of Equifax Inc. All other registered marks, service marks, and trademarks listed are the property of their respective owners. 6