After exploring Ancestry.com to assemble her family tree, a woman was shocked to discover that someone had been using the identity and social security number of her deceased nephew who had died in infancy, for more than 20 years. That story, as recently reported by CBS News, is just one example of the growing trends of identity fraud that Americans and businesses are facing today. It’s also become a key challenge in the financial and lending sector and has raised an important question across the industry: how do we thwart the rise of fraudsters while still offering consumers fast, accessible lending options? For many organizations, the answer lies in a multi-layered approach.
FRAUD: A GROWING THREAT
As with most things today, consumers want immediate, convenient results. The same is true for getting a loan. Many consumers are choosing to go online for lending options as opposed to a traditional bank. At the same time, online lenders are also serving a significant portion of the population with little or no credit history. It’s been reported that approximately 45 million Americans fall into this “thin file” applicant category.
Vetting loan applicants can be complex and incomplete without a credit report. A lack of information combined with lightning speed turnaround times (typically loan decisions are made within 24 hours when traditional lending can take up to a week), means online lenders are faced with big loopholes that savvy fraudsters can take advantage of, often without consequence.
One of the main types of fraud that lenders should be aware of is loan stacking. This involves taking multiple loans from different lenders at the same time without intent of paying them back. Since most online lenders typically approve loans in less than 24 hours, lenders aren’t able to pinpoint a fraudster or someone who’s applied for many loans within a short period of time, until it’s too late.
It’s become a growing concern for lenders recently and the occurrence nearly doubled between 2013 and 2015. In fact, the speed at which borrowers apply for loans seems to correlate with risk of fraud. It’s also been reported that borrowers who apply for a second loan within 15 days are four times as likely to be identified as fraudsters with no intent to repay, while a third loan makes borrowers 10 times as likely to be fraudulent.
Account takeover, via identity theft is another dangerous type of fraud for online lenders. While identity theft is not a new issue, fraudsters have taken it to a new level by targeting wealthy individuals, also called “whale phishing” or “whaling.” Proofpoint estimated whale phishing rose an estimated 45 percent in the last three months of 2016. Just recently a Lithuanian man was arrested for defrauding two U.S. Internet companies for more than $100 million through whaling attacks.
That kind of massive blow can be accomplished in a shockingly straightforward way. Fraudsters simply harvest pieces of identification of a targeted individual (i.e. social security number and mother’s maiden name) to take over accounts, apply for as many loans as possible within a short amount of time and then cash out. The pace is simply too fast for lenders to see red flags and criminals are rarely caught. As a result, those fraudulent loans act like money transfers for criminals and lenders must pay the hefty price.
Similar to account takeovers, lenders are also recognizing the need to protect against synthetic identities. In these scenarios, fraudsters use a synthesis of real (stolen) data and fake data to create a new identity. This has created a complicated challenge for lenders, since some of the information supplied might be real, but the combination is fraudulent. This fraud type is a major risk for banks and lenders; Gartner estimates synthetic identity fraud makes up about 20 percent of credit charge-offs and 80 percent of losses from credit card fraud
FINDING THE RIGHT SOLUTION
So how do lenders protect against the rapidly growing risk of fraud? Many lending institutions are joining forces as a first step. Online Lending Network, recently announced by ID Analytics, enables key online lenders like Lending Club, Prosper and Marlette Funding to report when a consumer requests an offer for a loan, submits an application or when a loan is funded.
While collaboration and communication are beneficial, experts are also pointing to the tools that institutions are using to combat fraud. “In the ongoing battle against fraud, online lending institutions would do well to use a broader set of tools that provide additional layers of protection and assurance,” said Robert Capps, VP of Business Development for NuData Security Inc. “Verifying if a particular device or IP address has been used for good transactions in the past (i.e., device authentication), that the transaction came from an actual human, demonstrating the legitimate online behavior of consumers, and utilizing positive consumer identification tools can make fraud attempts less successful and ultimately less profitable for the criminals.”
Tools like Identity Check from Whitepages Pro offer a unique solution to connect many disparate identity attributes to create dynamic and powerful linkages in one search. Identity Check immediately validates a phone number while checking to see if a mobile number has been linked to an applicant in the past. It also checks for an address, email and IP address from which the online account was created. In this way, it brings a more comprehensive vetting solution to online lenders, without sacrificing efficiency.
Fraud is a complex and expensive issue. To effectively tackle the growing threat, online lenders can take strategic steps to protect themselves without treating their good customers like criminals. By validating more identity elements and utilizing linkages, lenders can squeeze fraud out of their application queue, while preserving fast online lending options for legitimate consumers.
Written by Tom Donlea, Vice President of Whitepages Pro
Tom Donlea is Vice President of Pro Marketing and leads the global marketing efforts of Whitepages Pro, the definitive identity verification data provider for risk management in banking and online lending worldwide. With over ten years of online payments and risk experience, Tom previously was the founding Executive Director of the Merchant Risk Council.