So how can we protect against fraud without impacting the insurance customer journey? At each interaction – point of quote, purchase, and claim – we have the opportunity to gather a whole set of other information, without customers really being aware of it. And that’s about the device they’re using.
Understanding a person’s device usage
Are existing customers using the same device as usual, or one that’s completely alien? Is one device making multiple applications under different names? Has a device been associated with fraud before? Does the configuration match the personal data?
If we can capture this device intelligence without interrupting the customer journey, and put it through a rules engine that’s optimised for the insurance industry, we stand a very good chance of filtering out bad transactions and letting the good ones flow through to fulfilment.
As an example, if a customer says they’re Joe Bloggs from London, but their device is detecting a foreign location that we wouldn’t expect to see, we might start to get suspicious.
Every time a flag is raised for suspected fraud, it costs you money – and customers
Any kind of risk engine or fraud tool, if it thinks it detects fraud, costs you money. Because every time it red flags an interaction, you either need to pay someone to look at it, or you need to stop the business, potentially saying goodbye to a good customer. And the only certainty is that the number of times the fraud engine alerts you to a fraud is always going to be higher than the actual fraud level – the false positive rate.
So if the fraud engine gets it wrong too often, it’s actually going to be a burden on your business, even if it catches all the fraud. We put a lot of effort into making sure the false positive ratio is low.
The mobile era is paperless, driven by mobile, digital usage
More of us are choosing to manage our interactions with organisations online, but the digital journey is far from perfect. Filling in forms can mean a lot of scrolling and the process is interrupted if customers have to provide ID in a branch or through the post.
Experian has partnered with Mitek to provide the technology behind our AutoDoc-ID product. Auto-Doc has helped to enhance digital interactions as it allows customers to verify their ID by capturing a photo of their identity documents on a mobile or tablet. It can also reduce the number of fields the customer has to fill in by extracting ID information from the document captured and using it to pre-populate online forms.
Products like AutoDoc-ID speed up the process for customers, letting them apply for an insurance quote in just a couple of minutes, with information you know is authentic. It reduces drop outs, provides extra protection against fraud and lets you approve more genuine customers.
How fraud moves between channels
Ghostbrokers are persistent. Some will adapt instantly to a rule and, once they realise they can’t get any further, just move offline. They know your call centre is your weakest point, with no way for you to use the device information you’ve collected.
Fraudsters are also able to use stolen credit cards offline because the rules are slightly different. The challenge now is to link the offline to online so a continuation of device monitoring can happen across multi-channels.
Fraudsters are dynamic – they’ll use a technique until it doesn’t work anymore, then either change target or enhance the technique. They’re now using technology, such as device emulators, to make it harder for them to be detected.
But, interestingly, as they try to disguise their identity they stand out even more. Unless they can tell a perfect story at each data point they can be easily seen, as the whole story doesn’t match up. This is why robust and agile fraud solutions are important. Not only with device monitoring but using fraud databases and connecting fraud controls. The result is a multi-layered fraud detection and prevention platform that can be adapted as and when needed, or as and when trends evolve.
Fraud evolution is an interesting one. In the future, people will own and control their data, and share it with anybody they want to. So having solutions in silos doesn’t really mean a lot – by themselves, it’s just an attribute. It’s important to tie all the attributes together, proofing the identity of the attributes and ensuring they correlate to one another.