In today’s highly competitive market, financial institutions and businesses must walk a fine line between streamlining customer experiences and preventing fraud. Customers expect interactions to be fast, easy and available on every device – slow them down and they’ll go elsewhere. But fail to properly authenticate them, and fraudulent activity skyrockets.

As online shopping and banking continue to grow at an unprecedented pace, fraud prevention needs to stay front and center. According to The Nilson Report, credit card fraud cost businesses $16.3 billion in 2015 -- a number that’s expected to more than double to $35 billion by 2020. The driving force behind this massive rise is more than a decade’s worth of data breaches. In 2016 alone, 4.2 billion records were leaked, and 17 million medical records were compromised.

So why does this fraud problem seem unstoppable? Because over the past several years, the nature of fraud has fundamentally changed, forcing businesses to make the tough choice between slowing down transactions and limiting fraud. And from the bad guy’s perspective, if the means, motives, and profit for online fraud exist, it’s guaranteed to grow. The only thing that will stem the tide is if businesses get creative, fast.

Before internet banking, if a customer wanted to open a new account, they had to visit a bank in-person to verify their identity with a driver’s license, social security card and a utility bill. If you wanted to open a fraudulent account it was a slow, hit or miss prospect – if you could even falsify enough credentials to make it happen. Now, thanks to today’s faceless online banking environment and billions of bits of personally identifiable information (PII) available on the dark web, the situation has vastly improved for the bad guys.

Several major developments have contributed to the recent explosion in online fraud, not the least of which is the rise of the professional cybercriminal. While once operating alone in their proverbial basements, today’s cybercriminals have evolved into highly organized entrepreneurs who run companies in office parks. They sell malware and ransomware and are staffed with product managers and support agents. They are in the business of launching sophisticated attacks for increasingly bigger payoffs, and it seemingly has no consequences.

So how do we improve the odds for the good guys? Well, the idea isn’t new, it’s what bankers did years ago when someone opened a new account - you verify the person. The concept seems simple, but it can be hard to recreate in today’s world since devices can act as proxies for people. Add in stolen PII, and you have the potential for a certified identity crisis for all of your applicants.

But accurate verification can be accomplished by answering three questions:

  1. Can the customer’s identity be verified?
  2. Can the device being used for access be verified?
  3. What level of trust can be assigned to the identity and device combination?

Fraud prevention today needs to be about verifying offline identities, linking them to verified online identities and keeping track of the linkages to create trusted identities. By checking offline data (e.g., name, address, phone numbers, email addresses) against online attributes (IP address, location, cookie data) along with device fingerprinting data and mobile number operator data -- all in real time -- you can identify red flags before you’re compromised and let real consumers through without additional multifactor authentication methods

If you would like to learn more about how using trusted identities can help reduce customer friction and reduce fraud you can watch a webinar from Julie Conroy, Aite Group and Ken Jochims from Neustar as then discuss how Using Trusted Identities Can Fight Fraud and Reduce Customer Friction.