When’s the last time you went to your bank? Chances are, it's been a while since you filled out a slip while waiting for the next available teller.
Today, almost all financial transactions can take place digitally—anywhere, any time—and in the palm of our hands. Financial institutions, both new and old, compete for business and onboard new users at record levels.
However, this rapid expansion and adoption of fintech brings with it additional issues of fraud and security threats. Sophisticated online criminals are exploiting the same technology designed to transform the financial world, to commit a range of crimes, from money laundering to identity theft, fraud, and more.
How can you best protect your customers? The answer lies in effective onboarding.
This article provides insights into the types of onboarding fraud the fintech industry is facing and offers best practices for reducing and eradicating it on your platform to keep your customers safe.
Fintech is transformative digital technology and services designed to overhaul and improve the overall use of financial services for financial institutions and consumers.
Fintech companies create solutions that enable companies and consumers to take control of their financial operations and processes. Fintech solutions can be developed by specialized tech firms that sell solutions to financial institutions as part of their overall strategy.
There are also new fintech businesses—better known as neobanks—that are in direct competition with traditional banks and lenders and offer fast approval and low/no-fee accounts without the need for a physical branch. Digital-first banks are attractive to consumers. In fact, 80% of consumers prefer digital banking—using text messaging, emails, apps, and third-party messaging services.
Fintech is quickly transforming the financial world using seemingly limitless data on consumers and their behaviors. It streamlines financial services and makes credit and other banking functions available to a larger group of people. The global fintech market is exploding, with recent estimates suggesting it will reach $305 billion by 2025.
As the fintech revolution continues to connect people and their finances around the globe at light speed, fraud schemes and regulations to protect consumers are also growing. Here are a few of the methods bad actors use to scam fintech.
Synthetic identity fraud is the combination of real and fake personal information used by bad actors to create a new identity. This new identity is then used to apply for credit, loans, open new accounts, and make unauthorized purchases.
The fake identity is typically built from stolen personal information, such as a date of birth, social security number, address, or name.
Synthetic identity fraud costs online lenders $6 billion dollars annually. The driving force behind the uptick in cases of synthetic ID fraud is that more financial transactions are now taking place online. And when this data is made available on the dark web after a breach, fraudsters have a a seemingly bottomless well of personal data they can use to build new, fraudulent identities.
Once the synthetic identity is created, the fraudster behind the account can exploit financial institutions and their consumers anonymously. Even with enterprises working to verify who is on the other side of the transaction during the onboarding process, many slip through the cracks, as common detection methods are often ineffective against synthetic identity fraud. It’s no surprise that the FBI has found synthetic identity to be both one of the fastest-growing and hardest to detect financial crimes in the US.
KYC (Know Your Customer) are guidelines in the financial services industry that require financial institutions maintain detailed information about their clients and are able to effectively identify and verify that their customers are who they say they are.
KYC implementation occurs during the onboarding process, stomping out fake users and fraud before they’re able to build new accounts within a company’s digital ecosystem.
KYC compliance ensures businesses know who their customers are, including their:
KYC is the result of numerous regulations put into place in the fintech and financial service industries, designed to provide a standard for regulatory requirements. However, with the rapid technological changes, these regulations are growing in tandem.
KYC regulations aim to prevent financial crimes and help financial institutions comply with other regulations, such as AML (Anti Money Laundering).
But when companies fail to comply with KYC and AML regulations, it can lead to costly fines and lost revenue. For example, in 2020, Goldman Sachs was fined $3B dollars for failing to prevent money laundering on its networks. It’s also important to note that 76% of customers said they would leave their bank in the wake of a money laundering scandal.
The fintech revolution is making it easier for consumers to bank the way they want to bank, conveniently and at a speed unthinkable a few decades ago.
However, these benefits don’t come without risk.
The risk comes from greater chances for fraudsters to steal personal identifiable information (PII), build fake accounts, and then carry out fraudulent transactions using the fake identity. The more information exposed online through an increase in digital transactions, the likelier it is for data to end up in a fraud scheme. When this happens, victims are often left with unexpected debt, lowered credit scores, and destroyed trust in the business they feel should have protected them.
The increasing market for fintech means that, unfortunately, children are more exposed to fraud as well. These attacks happen as a result of bad actors acquiring stolen social security numbers on the dark web, which they then combine with fake contact information to commit fraud. To make matters worse, these types of fraud are less likely to be detected for years until the child becomes old enough to monitor their credit score.
In a recent child identity fraud report, it was found that US families foot the bill of $1B annually for child ID fraud, which affects one out of every fifty kids. The consumer, in this case the parents of the child, suffer from the burden of having to deal with collection agencies, government agencies denying benefits, contacting credit bureaus, filing police reports, filing an ID theft report with the FTC, and freezing their child’s credit. The average cost to fix a child’s stolen ID is around $1,000.
Due to the uptick in fintech fraud and data breaches, some merchants no longer accept digital bank cards. This harms the fintech, as well as the brand reputation of the merchant, as customers take their business to merchants who accept their preferred payment method.
In a recent example, Hertz stopped accepting payment from cards backed by popular fintech companies, such as PayPal. And even though the customers may believe the merchant to be inconveniencing them, the merchant’s position is certainly understandable, as the cost of chargeback fraud is growing in cost, and the chances of the merchant successfully disputing chargebacks are slim (21%).
Whether you’re under attack from fraudsters or looking for ways to prevent it from happening, there are some simple steps you can take to reduce the potential for fraudulent attacks.
Here are a few ways to prevent common fintech fraud tactics.
As explained, synthetic identity fraud occurs when fraudsters piece together stolen PII with fake data to create a new identity. Here are ways to prevent these fake identities from committing fraud on your platform:
Promo abuse is when a bad actor takes advantage of valid promotions, using loopholes and numerous accounts in order to maximize the number of times they’re able to utilize a company’s signup offers, such as free stock, credit card reward miles, and welcome bonuses.
This costly form of fraud is damaging to businesses because they not only lose out from the direct promo abuse fraud, but also because it often forces them to be less generous with their offers, shutting out valid users who might have used them.
Similar to synthetic identities, fake users are accounts fraudulently created using stolen or false information during an onboarding process. Using fabricated email addresses, names, and phone numbers, fake users create accounts and build profiles that appear valid, and then access company platforms to disrupt ecosystems, steal virtual currency, scam other users, and more.
Most often, fake users artificially inflate (or deflate) influence to deceive the public on an app’s valid downloads, installations, or reviews. As person-to-person (P2P) payment applications, like Venmo, continue to surge in popularity, fraudsters use fake accounts to anonymously carry-out scams—conning victims out of billions of dollars every year.
The following steps will help you eliminate fake users on your fintech platform:
The process of onboarding is dynamic, forcing companies to remain vigilant to prevent fraud while quickly bringing valid customers onto their platform. That being said, there are still some general principles of onboarding that fintech companies should adhere to, such as:
Lastly, one of the easiest ways to optimize your onboarding is by staying KYC-compliant. As we laid out in detail above, strong KYC processes give organizations a way to easily monitor and respond to all types of suspicious activity. By preparing for KYC compliance, a financial institution minimizes their risk and protects themselves from money laundering and legal fines.
With the increase in digital financial services, and the increase in fraud, onboarding is both extremely important and challenging at the same time. Fintech companies that are concerned about improving their customer experience while cutting down on fraudulent new accounts must implement the right onboarding strategies and solutions into their security stacks to protect consumers and keep them coming back.
Telesign has long been the solution for fintech companies in need of onboarding solutions, as we apply dynamic risk intelligence, ID verification, and phone number intelligence, while maintaining KYC-compliance, in order to prevent synthetic ID fraud, account takeovers, and SIM-swap attacks.
We verify over five billion unique phone numbers each month, and have AI-backed solutions to quickly and accurately handle onboarding processes.
If you’re interested in learning how Telesign shuts down onboarding fraud for fintech companies, chat with us today.