The Dreaded Trinity of Identity Theft, Application Fraud, and Account Takeover, commissioned by Accertify and produced by Aite Group, examines trends in identity theft, application fraud, and account takeover. Aite Group’s 2021 consumer research reveals insights into how these criminal activities relate to one another and impact financial services providers, merchants, and any company interested in managing the security of customer accounts.
Identity theft can be viewed as the act of stealing someone’s personally identifiable information (PII). This may include a credit number, Social Security number, tax ID, or other credentials for the purpose of committing fraud. Many different types of fraud can result from identity theft.
Market forces have driven growth in identity theft over the years and environmental conditions caused by the coronavirus pandemic accelerated the growth. Financial services firms are a prime target, but fraudsters also attack merchants, hospitality companies, travel companies, government agencies, and any institution charged with protecting customer accounts and managing cash or cash equivalents. In conjunction with the increase in attack rates is pressure from consumers to enhance security measures, without adding friction to the user experience.
Read on to learn statistics from the survey about the impact of identity theft and available solutions for identity fraud management.
Estimated 90% of the U.S. Population Impacted by Identity Theft
The Aite Group’s Financial Crime Forum surveyed 47 fraud executives. The data from this online quantitative survey revealed the following:
- 90% of the U.S. population has had personally identifiable information (PII) acquired without their authorization.
- 47% of the respondents say that their personal information has been used for either application fraud or account takeover fraud.
Extrapolating these percentages to the total adult population, around 120 million U.S. adults are victims of identity theft each year. Due to large-scale data breaches, and common protocol for measuring such breaches, accurate numbers for individuals whose PII has been fraudulently acquired may not be fully known. Most fraud experts say it is safe to assume that most individuals’ PII has been or will be stolen at some point.
Two Types of Identity Theft
There are two primary ways that cybercriminals make use of identifying information in the financial industry:
- Application fraud, in which a new account is opened using a stolen identity.
- Account takeover fraud, in which someone obtains control of an existing account to commit criminal acts.
These are almost equally distributed forms of criminal activity:
- 37% of U.S. consumers have experienced application fraud in the past two years.
- 38% of U.S. consumers have experienced account takeover fraud in the past two years.
Account Types Vulnerable to Identity Theft
There are a wide variety of account types commonly targeted by criminals for identity theft. The survey broke down those which are most common:
- Checking account: 27%
- Credit card: 25%
- Mobile phone account: 21%
- Health insurance: 17%
- Utilities: 14%
- Life insurance: 14%
- Property and casualty insurance: 12%
- Federal and state tax authorities: 14%
Consumer loans, investment accounts, mortgage loans, and unemployment benefits also made the list.
Identity theft occurs on almost every platform online. Businesses can assume that their customers’ personal or financial information is a vulnerable target for fraudsters. Once login credentials, account numbers, or other information is stolen, untold damage can occur. The platform itself is at risk for losing money through chargebacks, as well as suffering reputational loss.
Streamlined identity fraud management protection may render the outcomes of identity theft less impactful, even useless.
Accertify: Identity Fraud Management
Accertify provides digital intelligence solutions that protect online platforms from the effects of identity theft. While identity theft is not easily preventable, it is possible to reduce the impact of typical outcomes, which include application fraud and account takeover fraud.
Identity fraud management solutions should provide layers of protection to protect customers’ digital identities and reduce the risk of financial loss. Accertify solutions are built on five pillars of trust, all of which can be analyzed to protect genuine users:
- Device: The device used to connect to the internet.
- Connection: How a user is connected to the internet: assessment of the network provider, the two typical endpoints (or ISPs), or other aspects of connectivity.
- Location: Geographical location, or where a user logged in or connected to the internet.
- Behavior: User behavior, such as T-stroke dynamics, including how a user typed in their name, address, password, or other information.
- Reputation: Historical data, or insight into reputation and what is known about the information a user entered with respect to the network.
This is an end-to-end analysis. While it may be possible for fraudsters to spoof one of these points, it is extremely difficult to spoof all five.
This is even harder if Accertify digital identity tools are actively analyzing and checking all of this information. Developed by former in-house fraud and risk managers, Accertify solutions are a reliable way to address the sophisticated and complex threats your organization faces daily.
Request a consultation to learn how implementing an identity fraud management solution will help you fight application fraud and account takeover fraud.