Customer-Friendly and Cost-Efficient Technology to Prevent eCommerce Fraud

Online fraud rose 15 percent between 2015 and 2016, and approximately $32 billion in costs associated with e-commerce fraud occurred in 2014. LexisNexis reported that 1.5 percent of retailers’ revenue is linked to fraudulent transactions. Continued data breaches also put online shoppers and retailers at risk. However, you can safeguard your eCommerce business from fraud by enhancing your existing security with easy to use, cost efficient technology tools.

How People Are Gaming the System

Before safeguarding your e-commerce operations, it’s important to understand how people are getting around security measures in the increasingly card not present (CNP) transactional environment. Some common ways eCommerce fraud occurs include:

Vulnerability in Mobile Devices and Infrastructures. Data breach occurs when vulnerabilities exist. Even the largest and most sophisticated businesses are vulnerable, as evidenced by headlines regarding Sony, Yahoo and retailers like eBay and Target. They can happen on almost any device, too, and with the rise in the use of mobile devices for both personal as well as business purposes, there has been an exponential growth in the number of well-organized cyber-crimes and independent hacks.

Account Takeover Fraud. Account takeover occurs when a fraudster uses a piece of stolen personal information to attempt to gain access to a private account. This does not have to be a social security number or PIN code – anything from an email address to a username, any identifier used in the validation process can work. As an example, a fraudster could use an email and login for any account and run that against services such as PayPal, eBay, Amazon and virtually any other mobile app – in minutes. Validated credentials can then be sold for hundreds or thousands of dollars on the Dark Web.

Chargebacks and Reversed Transactions. This form of “friendly fraud” happens more often than you think. More than 86 percent of chargebacks are estimated to be fraudulent. It makes it easy for customers to get a refund via their credit card companies by disputing charges while putting the burden on the e-retailer or business owner to prove that the charges are valid.

Identity Theft. While ushering in the EVM chip helps to reduce fraud in person, it doesn’t stop fraudsters from viewing the physical card number, recording it and using it online. Moreover, hackers can get personal data online from doxxing (the internet-based practice of researching and broadcasting private or identifiable information) and can often link public information with bits of personal data, such as the last four digits of the social security number and the birth date and address from a voter’s registration database online.

Tech Solutions That Work

With the increase of card not present (CNP) and mobile transactions, the good news is that you can safeguard your online business with the right tech tools. Here are some quick and easy tech solutions to instantly prevent eCommerce fraud:

ID Verification via ID Authentication. Quick and easy ID capture can allow online retailers to validate an ID in seconds. Forensic tests can be performed in real time to ensure that the ID presented is authentic. Scanning the ID also allows retailers to get necessary information that is accurate to populate into your point-of-sales (POS) system and CRM. This allows for quick verification of customer data such as age and address to verify the sale of an alcohol wine club membership or other age or geographically restricted business. It also removes the inconvenience of manually entering in data, improving shopping cart abandonment rates.

Biometric Security Measures. Facial recognition match makes it easier and more user-friendly to verify identities and integrate with existing apps or systems. Customers can simply snap selfies to verify that they match the photo on their government issued ID from a webcam or mobile device. This extra step prevents fraudulent transactions by further binding a person to their identity.

By recognizing that there are quick and cost-effective tech solutions to manage online retail fraud, you can instantly reduce your risk and recognize good transactions while flagging bad ones. As a bonus, you get the added benefits of:

  • Verifying Age and Address
  • Clean CRM/Customer Database with Accurate Information
  • Fast and Friendly Customer Check-out Experience

See what verification tools are right for your business!

 

IMPROVING IDENTITY VERIFICATION SOLUTIONS IN FINANCIAL SERVICES

Despite advances in technology, such as the spread of credit cards with microchips, in 2016 more than 15 million Americans lost $16 billion as a result of identity theft.

Financial services is an area where identity verification is crucial. Financial institutions must ensure that customers are who they claim to be, but they also do not want to make the verification process very difficult and annoying for customers. Mistakenly giving a malicious actor access to a user’s bank account could result in devastating consequences. But what are customers willing to do and what should they do in order to have security? We know that today, answering a few questions and providing a password is easily hacked by sophisticated fraudsters.

Fortunately, there are a number of solutions to protect customers from fraud that are also user-friendly and fast.

Onboarding and New Account Creation

Bringing new customers on board needs to be quick and easy, but also secure in order to protect both institutions and customers. When a new bank account is opened, it’s the institution’s responsibility to verify the identity of the user. The bank must first verify that the given name and Social Security number match a real person, typically by contacting one of the three major credit bureaus. Next, the bank must verify that applicants are who they claim to be by asking questions about their personal history, such as cities or streets where the applicant has lived in the past.

Financial institutions in the U.S. also need to comply with applicable security regulations when opening new accounts. “Know Your Customer” (KYC) is a policy for businesses who need to verify the identity of their clients in order to prevent crimes such as fraud, identity theft, and money laundering. KYC programs begin by collecting and verifying information about customers and checking them against a list of known criminals. Higher-risk customers have additional information collected, and their activity is monitored for potential red flags.

All of these processes can be streamlined and automated by the intake and authentication of data from a government issued ID, like a driver’s license. Authentication solutions that scan an ID, on a desktop or mobile device, can verify a credential in seconds to validate it. This then allows the institution to match the verified credential to the person. You may do this visually at a bank, or through a mobile facial recognition app that will match the photo on the ID to a selfie taken.

Mobile Banking

Mobile banking is a trend that is set for explosive growth in the years to come. In 2015, KPMG estimated that the number of mobile banking users would double in the next 4 years to 1.8 billion people.

This rapid growth of mobile banking makes the identity verification process even more important. Traditionally, mobile banking customers have logged onto their accounts using a username and password. In the event that they forget this information, customers need to provide data such as their Social Security number or credit card, or answer “out-of-wallet” security questions.

However, in recent years, banks have explored alternate security measures, such as biometric security. For example, many banking apps now make use of fingerprint and facial recognition technologies. In addition, some financial institutions allow users to verify their identity using their voice when they call the company’s phone number.

It is possible today to open an account and conduct all your banking without ever stepping foot in a bank, but you want to make sure that your financial institution is taking proper security measures and all the better if they are fast and easy for customers!

 

Identity Fraud Prevention in Today’s Digital Economy

With cyber criminals becoming increasingly sophisticated and hackers making headlines regularly, it is imperative that businesses employ advanced security technology. Identity proofing is a term for identity verification that is being adopted by analysts such as Gartner. From Gartner’s study1:

Identity proofing, a process that demonstrates with sufficient confidence that the user is who he claims he is, helps to establish and maintain trust in the identity throughout the relationship.

Identity Proofing Process

Collecting and verifying information about a person, provides businesses with another layer of assurance. Financial institutions can use identity proofing to prevent financial fraud and money laundering, while ecommerce companies can rely on it to combat card-not-present fraud. And with today’s technology, businesses can ensure that their processes are user-friendly, adopting technology that users are familiar with (i.e. fingerprints and selfies for facial recognition).

According to research by Aite Group, card-not-present (CNP) fraud in the U.S. is expected to reach $7.2 billion per year by 2020. Government agencies need sophisticated identity proofing for security clearances. Identity proofing also helps organizations in the healthcare industry prevent HIPAA violations. As identity fraud becomes a concern across industries, identity proofing solutions are needed to establish trust in digital relationships.

Organizations that need to proof identities are turning to third-parties to build solutions. According to the Gartner study1, third-party solutions have come up with various options for companies to use to verify identities, including:

  1. Knowledge-based verification: In this approach, the user is asked a series of questions that they would need to know the answer to in order to confirm their identity. Examples of these questions include past mailing addresses, mortgage amounts, and lender names. Knowledge-based questions aren’t entirely secure, though, since the answers to these questions can be obtained through a hack. Back in 2015, scammers were able to steal tax refunds by figuring out the answers to these questions.

 

  1. Secondary passwords: ID proofing services can issue temporary one-time-use passwords to verify identities. Users are sent a one-time password via an “address,” like a home address or email address. They then have to enter the one-time password to verify their identities. Organizations may ask users to bind themselves to an identity associated with a known trusted online account, like their social media accounts. The risk with these other accounts is that social media profiles and email addresses can be hacked.

 

  1. Biometrics: In countries with fingerprint registries, organizations can require fingerprint scans to verify identities. However, some users may take issue with this method if they are concerned about privacy. Organizations can also use voice recognition and facial recognition to verify identities, although facial characteristics change throughout life. As biometric technology becomes more commonplace in the business environment and more accepted by consumers, industries can leverage it to ensure stronger identity security.

Proofing identities in other countries can be challenging since different countries use varying forms of government-issued IDs. According to the Gartner report1, some of the problems global companies can run into are:

  1. Social Security Numbers Create Vulnerabilities: In the U.S., citizens are often identified by their Social Security Numbers, but this method of identification doesn’t translate over into countries. Some countries also do not have official national IDs. Instead, these countries will issue out IDs for specific purposes like access to healthcare or tax collection, which may not be considered sufficient for identity proofing.

 

  1. Different Global Standards: Privacy and data protection legislation vary between countries, which limits the information identity proofing services can capture, gather, and store. This legislation can even block companies from sharing data across borders.

 

  1. Technology Verifications Often Falls Short: Technology limitations and regulations can prevent identity proofing providers from being able to conveniently verify information against government lists like registries of births, marriages, and legal permits.

Although fraud is an increasing concern for global companies, the good news is that options for solutions are also increasing with a wide range of identity proofing services that can be adjusted to fit different industries.

 

1Source Gartner Identity Proofing Is the Cornerstone of Trust in a Digital Relationship, October 2016

Avoiding ID Fraud, Car Theft and Auto Rental Chargebacks

The advent of the Internet of Things has turned 20th-century cars into automated smart cars that harness sensors and the Internet for connectivity and convenience. In fact, connected cars can contain as much as 100 million lines of coded information. With such large amounts of data, the chances for a possible hack and access to personal data increase; moreover, the growth in car sharing services as a car rental option or a growing division of an existing company also presents cybersecurity issues. However, these problems are resolvable by taking the right steps to avoid ID fraud, car theft and auto rental chargebacks. Here are a few actions to consider.

1. Consider ID scanning & verification

Car rental and car sharing services are susceptible to fake IDs and auto theft, especially during a test drive or when loyalty programs can make it easy for multiple online reservations without the need to swipe a card. However, ID scanning can help reduce this issue. Solutions via mobile devices or scanners allow for quick data capture, ID authentication and even identity verification in real time.

2. Use biometric technology

According to the FBI, more than 700,000 cars are stolen on an annual basis in the United States, with one stolen every 45 seconds, as of 2015. Weak links in code and anti-theft systems explain why car thieves can easily steal vehicles and access personal data from consumers and even suppliers and manufacturers. However, biometric technology, such as facial recognition, offer viable solutions for mitigating this issue. For instance, facial recognition can be used in real-time to authenticate the driver and send a text message to the owner of the vehicle, should an unauthorized person enter the car.

3. Spot potential chargeback signs

While the sharing economy offers car sharing as a new revenue stream, dishonest customers can present security issues in the form of chargebacks. Chargeback fraud is often associated with increased customer complaints, and a history of chargebacks can increase this fraud. That’s why it is vital to recognize risks. Additionally, car sharing services can engage facial recognition to ensure that only drivers signed up for the program are using the authorized account and consider engaging further ID verification services while assessing vulnerabilities.

Final Thoughts

Technology is very often the driver of better services and better products for cars. However, connected cars can leave their drivers and passengers vulnerable to ID fraud and car theft if not secured properly. Business owners and managers of car sharing services or traditional car rental services can also leave their businesses exposed to chargeback fraud from their own customers. You can prevent these actions by using the right technology or consulting with an expert on ID verifications and security services.

Five Ways to Protect yourself from Identity Theft During the Holiday Season & Beyond

Holiday season means consumers are on the prowl for perfect gifts. The problem is that identity thieves are also on the prowl and taking advantage of the busy shopping season.

In 2015 the Federal Trade Commission received over 490 thousand complaints related to identity theft, almost doubled from 2014. Identity theft and the associated spike in activity during the holidays impacts millions of people. According to the 2016 Javelin Identity Fraud report, identity theft cost consumers more than $15 billion in 2015.

The good news is that there are ways to protect yourself. Certain behaviors during the holidays leave consumers more exposed and at greater risk of identity fraud. Learn what you can do now!

    1. Conduct your Business with Institutions that Verify Identity

Taking the step online and in-person to verify an identity saves millions. Verification solutions range from fast and easy (show your valid ID) to cumbersome and time consuming (enter your password and answer 3 questions, etc.), but they are rapidly changing. It is in businesses’ best interest to adopt verification solutions that are fast and customer friendly, encouraging loyalty and trustworthy transactions. We are past the days when a password meant you were covered and manual ID checks by untrained employees were sufficient. Proper document authentication via a quick card scan, biometric matching via a selfie, fingerprint or voice to match a person to their ID- these are solutions that are available today to institutions of all industries. Find businesses that are adopting this technology.

    2. Don’t get lost in the Holidaze: Monitor Accounts & Secure your Smartphone

It’s easy to get distracted this time of year with a flurry of activities, travel and many transactions. All the more reason to be vigilant; monitor your accounts and make sure to report any unusual activity right away. Also, don’t discount the value of securing your device. As we move increasingly into a mobile world where your smartphone holds most of your life, why wouldn’t you take the time to safeguard these targets for cyber crooks? Apply software updates when they become available, use protection on Android and iOS devices, such as a passcode or biometric lock (fingerprint), and engage the ability to encrypt and remotely wipe the contents of the device in the event it is stolen.

    3. Mind the Data Breaches

One in five data breach victims suffered fraud in 2015, rising notably from one in seven in 2014. 2016 was unfortunately a banner year for data breaches. There was no shortage of major hits including the U.S. Department of Justice, LinkedIn, Snapchat and a contender for the biggest data breach to date Yahoo. Chances are, if you’ve ever had a Yahoo account, your information has been leaked.
The first step is to pay attention and update your security information on any site that has been breached. Follow instructions from the institution and keep up to date on recommended actions. Find out from the company what information was stolen, even if they tell you that your stolen information was encrypted. You might consider calling credit bureaus to alert them you are a victim of identity theft as well as banks and credit cards companies- doing so will lock your accounts and prevent further transactions.

    4. Go Private with your Wi-Fi

If we know that major companies are susceptible to hacks, you can be sure that your local coffee shop’s Wi-Fi is also a target. Best to keep any activities that require your personal and credit card information for secured internet connections only.

    5. Don’t be a Sucker for Scams

When it comes to suspicious special offers in your inbox and tempting links to click for crazy good deals, just say no. This is prime time for email phishers. Thieves are becoming more and more sophisticated using branding and names of trusted retailers to look like a legitimate source- mind the URL’s, when in doubt do not click! And never give personal information to an untrusted site or source. Scams can be related to shopping, false charities, and even utilities during the cold winter months, so be on guard!

    Identity Verification Solutions Help Businesses and Consumers to Transact with Trust

As hackers become more sophisticated, identity fraud is turning into a primary concern for consumers and companies alike. Companies should be showing consumers that they are taking measures ensure identity validation and document authentication.

Manually checking ID’s by untrained staff and comparing information from the document to the ID’s barcode doesn’t cut it today. Proper document authentication is a key investment for companies. An automated authentication solution can have multiple benefits including accurate information capture from ID’s for CMS and database management, streamlining staff workflows and preventing unintentional errors or oversights.

Companies should adopt layered approaches to identity verification: trusted authentication software to authenticate documents like driver’s licenses and passports and identity verification technology (that goes beyond passwords and knowledge-based questions that can easily be hacked) such as biometric options for facial, fingerprint and voice matching. Be sure that solutions are fast and customer friendly!