How to Play Offense to Tackle Increasing Identity Fraud During a Downturn

Industry colleagues are asking for our insight into how the current economic climate will impact fraud trends and patterns, and this blog provides some of those insights. The underlying theme is that during economic slumps, identity fraud is countercyclical–in other words, as economic conditions worsen, identity fraud increases. For a hint as to what the future holds, let’s level set against current economic indicators and then look at what happened during the COVID-19 pandemic.

No one can deny that we’re knee-deep into an economic downturn. US inflation is at a 40-year high. To combat that inflation, the Federal Reserve has raised interest rates aggressively four times already this year. Real gross domestic product (GDP) decreased at an annual rate of 1.6% in the first quarter and fell another .9% in the second quarter of 2022, following consistent increases throughout 2021.

Even with that unwelcome news, the labor market remains fairly strong. The unemployment rate for June was reported to be 3.6%—which was flat when compared to the previous month. Where the unemployment rate is headed is a head-scratcher, given the other turbulent factors. But, drawing from college economics class, Okun’s Law explains a correlation between declining GDP and rising unemployment. According to the principles of this law, unemployment increases when GDP decreases. While Okun’s Law cites a 2% increase in unemployment for every 1% decrease in GDP, a timeline isn’t defined nor does it apply to the pandemic downturn. Maybe the biggest takeaway is that no two downturns or recessions behave the same way.

We can see an exception to the Okun’s Law principle that occurred during the COVID-19 pandemic. After the GDP decreased 3.5% in Q1 2020, unemployment skyrocketed to 14.7% the following month in April–over double what Okun’s Law predicts.

Even without escalating unemployment, catapulting inflation and reduced buying power can lead to rising bouts of financial crime.

To predict those conditions, industry professionals often rely on the fraud triangle,” a research-based concept developed by criminologist Donald R. Cressey, that outlines the conditions that must be present for fraud to happen: opportunity, rationalization, and pressure. “Opportunity” occurs when there is a lack of controls, “rationalization” exists when there is a mindset of “everyone is doing it,” and “pressure” emerges when incomes contract and the realization that there are bills to pay.  

Opportunity, rationalization, and pressure clearly were prevalent during the pandemic at levels unseen in normal economic conditions. At the height of the stay-at-home mandates from early March to late June 2020, Socure saw a massive 134% increase in attempted identity by applying fraud scores as proxies. The fraud spikes that occurred in that timeframe clearly correlated with the release of Paycheck Protection Program (PPP) and other stimulus funds—but the rate of unemployment, which capped at over 14%, coincidentally paralleled the trend line that occurred over that timeframe as well.

The fraud triangle proves so valuable to industry professionals that secondary research conducted by two trade organizations further reveals that:

• 10% of the population will NEVER commit fraud
• 80% of the population MIGHT commit fraud, if the conditions are right
• 10% of the population are ALWAYS looking for vulnerabilities and ways to commit fraud

Looking at those numbers, it means there’s a likelihood that a whopping 90% of the population is or could be committing fraud at this very moment. 

This combination of economic factors and social behavior tendencies indicate that it could get uglier over the coming months. As Socure monitors the fraud trends, we are seeing incongruous third-party fraud patterns by sector:

• The banking DDA and money transfer sectors are experiencing decreasing patterns.
• The cryptocurrency sector is flat.
• The fintech DDA sector is up 130%, investment is up 108%, and credit cards are up 47%. 

This scenario is a good reminder that an unstable economy presents the risk for surprise bouts of fraud attack vectors for financial institutions, fintechs, and other enterprises that digitally onboard new customers. Taking a proactive, offensive stance to protect your organization from this increased risk can sustain your growth and improve profitability—actions which keep fraudsters at bay and maintain your competitive advantage.

Here are three recommendations to bolster your fraud risk stance.

Double down on your fraud risk assessment

Although many organizations view a fraud risk assessment as an annual compliance exercise, a more thorough evaluation can increase your fraud prevention strategy. Reevaluate how you conduct risk assessments and create a fraud risk map to track the emerging threats you expect to face over the coming months to ensure there are no security gaps, especially for fintech start-ups that rely on explosive growth to gain and maintain their competitive edge. These companies can continue to grow at acceptable rates and keep an eye on their fraud risks if they prepare properly.

An important part of understanding your fraud landscape and establishing a strategy to address vulnerabilities is to properly define and label the type of fraud you are seeing. Identity fraud prevention tools are purpose-built—for example, those used to deter third-party or synthetic identity fraud. You need to be using the right controls for each type of fraud, and you can only do that if you know what’s in your portfolio.

Beware of “fraud as a service”

Fraud rings are a rapidly growing fraud concern. These groups assemble on the dark web to develop and market fraud technology, sell stolen personally identifiable information (PII), and disseminate known platform and system vulnerabilities. Essentially, fraudsters are sharing platform vulnerability intelligence in real time. During the pandemic, the industry learned that dark web chat rooms were humming with hourly updates on what platforms to attack. In other cases, complete “fraud as a service” packages are being marketed, with technology and primers on how to commit fraud.

Fraud teams can use threat intelligence services to scan the dark web to learn if they are the target of attacks, or to monitor fraud attack vectors in general. This allows them to be agile in planning risk tolerances and tightening and adding controls. It won’t eliminate risk, but it does provide the advantage of better awareness and security. 

Additionally, using a fraud solution provider that gathers and uses near-time reported fraud in their predictive models will also help you identify ever-changing fraud patterns and stop financial loss before it enters the front door.

Upgrade your identity verification and fraud prevention solutions

Identity fraud was up 79% in 2021 over the prior year, which is a holdover from the COVID-19 pandemic. Even as you continue to detect and prevent existing fraud, you should be evaluating new identity verification and fraud technology to be sure you have the right tools. Furthermore, if you are currently using disparate point solutions, streamlining your stack with a seamless end-to-end approach can reduce your total cost of ownership and your customer acquisition cost.

How Socure can help

To detect surging bold fraud attack vectors, you need the equally bold protection provided by Socure’s graph-defined identity verification, a machine learning (ML) and artificial intelligence (AI) approach to perfecting complex digital identity resolution and fraud risk detection. Our modern graph intelligence framework provides powerful deep learning using correlated data, discovers hidden patterns of risk not possible with isolated variables, and relies on the network structure and performance efficiency of the underlying data to retrain models.

It results in the ability to support data ingestion at scale, even when processing billions of datasets. By automating model training, graph intelligence fuels building the most predictive model faster for each of Socure’s purpose-built solutions to enable expedited and real-time decisioning, to stay ahead of evolving threats.

The tremendous advantage of Socure’s graph-defined approach is in building and refining proprietary capabilities that elevate fraud mitigation and identity verification performance. Exclusive to Socure, these state-of-the-art proficiencies deliver sustainable and inclusive growth for customers:

Complete view of identity—Socure analyzes all the dimensions of identity, including more than a dozen identity elements and thousands of curated signals, to maximize accuracy and reduce false positives, without increasing user friction.

Many legacy providers rely on single static identity elements, such as PII from credit header data only, email data only, or a combination of just phone and address data, which results in low accuracy, low coverage, high friction, and high false positives.

Native implicit risk signals—Device intelligence, encompassing elements like device ID, IP to geolocation, and VPN detection, which when combined with every other dimension of an identity and incorporated natively into ML models materially improves fraud detection accuracy. Socure provides this seamless solution at no additional cost—whereas with legacy providers, you would be forced to buy two disparate tools.

Redundant datasets—Socure evaluates and leverages a continually growing collection of data sources that provide broader, deeper, and redundant coverage for every data element as compared to other solutions. Applying graph intelligence, this data is married with more than 17,000 distinct model features to enable unparalleled accuracy.

Predictive models informed by near-time output data—Cleaned near-time output feeds from Socure’s 1,700+ enterprise customers, involving the known outcomes of one billion transactions, provide input to persistently improve ML models for better identity decision outcomes.

Socure has over 1,700 customers across the financial services, fintech, cryptocurrency, ecommerce, gaming, and other industries, as well as the public sector–with experience in helping them understand and identify fraud patterns to prevent financial loss, reputational risk, and consumer harm. If you are looking to strengthen your identity verification and fraud detection practices, contact us. Socure’s extensive team of experts stands ready to collaboratively explore your needs and focus on identifying solutions to your biggest identity verification and fraud detection challenges.