Reduce fraud losses and improve operational efficiency with advanced fraud detection technology

Transcription

1 Technical White Paper Reduce fraud losses and improve operational efficiency with advanced fraud detection technology Risk Solutions

2 Most institutions know identity fraud exists and many already have identity fraud prevention tools in place. However, identity fraud continues to be an evolving and emerging problem for financial institutions and service organizations. In February 2012, Javelin Strategy released its annual Identity Fraud Report often used as a benchmark for identity fraud trends and reported fraudulently opened new accounts drove losses of $5 billion across 1.95 million victims in the United States in Furthermore, consumers reported that they are increasingly spending more of their money and time to remediate the effects of application fraud, with average consumer out of pocket costs of $1,205 per event, the highest reported over the past 6 years. These losses can certainly be attributed to the significant limitations in existing fraud mitigation tools, tools that simply do not have a wide-reaching and deep source of identity information necessary to paint an accurate picture. Additionally, not all identity fraud looks the same and identity fraud schemes will certainly continue to change as technically savvy fraudsters aggressively attempt more sophisticated deception schemes. These limitations are making it exceedingly difficult for lenders to effectively balance new account fraud losses with the operational costs required to catch more fraud without delaying or denying legitimate customers. To address the evolving and emerging challenges posed by identity fraud, LexisNexis offers a robust, non-fcra identity fraud prevention suite to strengthen existing fraud mitigation strategies. The LexisNexis FraudPoint solutions are designed to help lenders make their identity fraud prevention efforts more efficient and effective with minimal impact to legitimate customers. With access to one of the nation s largest and most advanced identity data repositories, coupled with intelligent fraud profile pattern recognition, FraudPoint delivers a robust foundation for identity fraud prevention that seamlessly fits into core operations and risk strategies. These predictive tools help lenders quickly ascertain fraud threats and manage exceptions without compromising services or delivery channels. While a great deal of identity fraud is the result of a stolen identity, there are growing trends in many identity fraud schemes such as synthetic identities, manipulated identities and friendly fraud. LexisNexis Identity Content LexisNexis Risk Solutions has a unique vantage point to observe the identity activity of U.S. consumers, boasting over 35 years of experience as the nation s largest compiler of consumer identity information. LexisNexis has compiled an industry-wide repository of identity information that traces and monitors how identities are created and modified over time. Comprised of more than 34 billion records from more than 10,000 sources and growing daily by millions of records, the identity repository enables all of the LexisNexis identity solutions used by thousands of financial institutions. In total, the LexisNexis identity repository contains 290 million active identities, of which just over 7 million identities were newly reported in Strengthening Identity Fraud Prevention through Unique Identity Insights The LexisNexis identity repository is at the heart of the new patent-pending LexisNexis FraudPoint Score and LexisNexis FraudPoint Attributes solutions and is unique in the industry in its ability to consider identities from a truly multi-dimensional perspective to detect suspicious or fraudulent events. 2

3 By monitoring identity information from four major categories within the identity repository, FraudPoint achieves a real-time, comprehensive view of each identity: Category #1: Tri-Credit Bureau Credit Header Identity Activity. LexisNexis has a unique perspective on consumer credit identity manipulation driven by visibility into identity records from three major credit bureaus. These identity feeds are frequently updated to provide near real-time insights into high fraud risk identity activity, including attempts to create and manage synthetic identities. Category #2: LexisNexis Customer Network. The LexisNexis customer network provides visibility into identity activity across multiple industries. This real-time data, comprised of over 15 billion distinct identity events associated with over 270 million identities, functions as a network to help us create a picture of identity variation, velocity and high identity fraud risk behavioral insights not found in any other data platform, as only LexisNexis has access to this information. This network spans over several years and across thousands of institutions to help provide insight into both normal and suspicious identity activity. Category #3: Online, Utility, Phone and Other Identity Activity. LexisNexis receives daily address and phone change updates from electronic directory assistance and frequent updates from white pages, cell phone directories and utility sources in order to confidently track consumer residential moves. These behavioral markers are included as validation information, particularly to combat identity takeover and other fraudulent change-of-address schemes. Other sources like college directories, social media directories and other online registrations provide proprietary identity insights that broaden an identity s footprint and enable more refined identity fraud analysis. Category #4: Local, State and Federal Government Records. LexisNexis leverages identity insights derived from a majority of the U.S. county courthouses and many state and federal agencies. Property records, vehicle registrations, court documents, tax records, voter registrations, accident records, occupational licenses, business filings and other government records are incorporated into the identity repository. They help provide very difficult-to-compromise patterns of identity information that are recorded by government entities and less likely to be subject to manipulation. As identity elements are aggregated and analyzed, FraudPoint follows the links between identities (addresses, social security numbers, phone numbers, etc.) to make subtle suspicious identity events become evident and visible. It is through this process that FraudPoint has proven to better detect evolving fraudulent identity events and schemes. Using this information, FraudPoint delivers key tools for detecting and mitigating multiple types of identity fraud to help lenders quickly ascertain fraud threats and manage exceptions, including: Fraud Risk Attributes: A series of identity elements that capture key pieces of an identity profile that are strongly related to the probability of identity fraud. Fraud Risk Score: An empirically-derived score that leverages FraudPoint Attributes to assign a probability that an application will result in identity fraud. Fraud Risk Indices: A set of fraud type classification scores that aid in fraud investigations by helping identify the specific types of fraud being perpetrated. Fraud Warning Codes: Diagnostic codes that help pinpoint the specific high fraud risk conditions which contributed to the score. 3

4 FraudPoint Solutions With access to some of the most authoritative fraud prevention data and analytics, the FraudPoint solution is an analytic suite that delivers critical, relevant insight to substantially improve the ability to identify fraud. The FraudPoint solutions are available through the FraudPoint Score - an effective, dynamically calculated fraud risk score with associated fraud risk indices and fraud warning codes or through FraudPoint Attributes which provides lenders with the power of the FraudPoint Score identity intelligence for modeling within internal scoring or rules engines. FraudPoint Score The FraudPoint Score is a detailed examination of account applications that leverages known fraudulent behavior patterns, the identity repository, and high-powered analytics to detect fraudulent applications with extremely high precision. By examining identity information against identity manipulation trends, FraudPoint Score is significantly more effective than standard match logic technology confirming that identities exist. This approach allows financial institutions and other providers to focus their fraud mitigation efforts on the applications with the highest likelihood of identity fraud without disrupting valuable, low fraud risk customer relationships. FraudPoint Score has proven to be highly effective in combating a variety of identify fraud schemes, including stolen identity fraud, synthetic identity fraud, friendly fraud, vulnerable victim fraud, manipulated identity fraud and other suspicious identity fraud activities. A valid FraudPoint Score can be generated with as little as a name and address supplied as input. Optimal fraud detection results are achieved when all application identity elements are supplied. Joe Smith 555 Crabapple Ln. Anywhere, US FraudPoint 702 FraudPoint Score provides three unique components that allow institutions to more accurately detect fraud and to identify the type of identity fraud potentially being perpetrated. These three components are key tools to equip fraud investigators and enable them to more efficiently investigate high risk applications. Fraud Risk Score. The first component of FraudPoint Score is an empirically-derived three digit numeric risk score based on a patent pending proprietary combination of parametric and non-parametric statistical processes. This risk score predicts the likelihood an application will result in identity fraud if the account is opened. The risk score ranges from ; with a score of 999 indicating the lowest likelihood of fraud and a score of 300 indicating the highest likelihood of fraud. The risk score allows lenders and other service providers to identify up to 75% of fraudulent applications while generating alerts on as little as 5.9% of total applications. The ability to hone in on more suspicious applications helps institutions focus their fraud investigation efforts on applications most likely to result in fraud losses. Fraud Risk Warning Codes. The second component of the FraudPoint Score solution is a set of insightful fraud risk warning codes that pinpoint the high-risk conditions that most significantly contributed to the risk score. Up to six warning codes are returned in priority order with each FraudPoint Score. These warning codes better equip fraud investigators with granular insights into why a high fraud risk score is returned. 4

5 Fraud Risk Indices. The third component of the FraudPoint Score solution is a set of six unique risk indices that provide additional insights into the specific type of fraud attempt underlying suspicious applications. Each risk index ranges from 1-9; with a 1 indicating the lowest likelihood of that fraud risk scheme and a 9 indicating the highest likelihood of that fraud risk scheme. These unique risk indicators have been designed by analytical fraud experts to effectively detect different identity fraud schemes. This capability enables fraud investigators to quickly determine the type of identity fraud potentially associated with the application and quickly take the appropriate fraud prevention and investigation measures. The six fraud indices include: o Stolen Identity. Indicates the identity is a real identity that may have been compromised. o Synthetic Identity. Indicates the identity may be a manufactured fictitious identity. o Manipulated Identity. Indicates an established identity has evidence of being intentionally manipulated. o Vulnerable Victim. Indicates the identity is at risk for being a victim of identity fraud. o Friendly Fraud. Indicates the identity is at risk for being a victim of identity fraud perpetrated by a relative or close associate. o Suspicious Activity. Indicates the identity has previous high risk activity attributable to identity fraud. FraudPoint Score: Six Powerful Risk Indices Stolen Identity Manipulated Identity Friendly Fraud Synthetic Identity Vulnerable Victim Suspicious Activity 5

6 FraudPoint Attributes FraudPoint Attributes are the foundation of the FraudPoint Score solution and are available as raw attributes for use in lenders internal scoring algorithms, acceptance models, or fraud risk policies that drive efficiency across multiple fraud prevention processes. FraudPoint Attributes assess independent facets of both the application input elements and the actual subject of the application to provide a more holistic view to predict and prevent identity fraud. Consisting of over 220 model-ready, highly-predictable fraud variables containing insights not found in other identity aggregator products, FraudPoint Attributes provide lenders with the powerful identity intelligence used by FraudPoint Score. FraudPoint Solutions provide visibility into the applications profile and the applying identity to detect multiple forms of identity fraud. Characteristics Validation History Sources Relatives & Associates Correlation Application Identity Velocity Velocity Divergence Characteristics Variance The Power of Predictive Analytics FraudPoint Score Case Study The following case study highlights the effectiveness of the FraudPoint Score. A large credit card issuer evaluated the effectiveness of FraudPoint Score prior to deciding whether or not to implement the solution. Figure 1 demonstrates the performance of the FraudPoint Score on this credit card issuer s validation sample. The chart plots the fraud rate (number of true frauds divided by the total number of applications) for each score band. In the lowest score band ( ) the fraud rates are roughly 500 times higher than fraud rates in the highest score band ( ). As demonstrated in the chart, the fraud capture rate for FraudPoint Score was an impressive 72% of fraudulent applications detected while generating alerts on only 4% of total applications for this particular credit card issuer. 60% 50% 40% 30% 32.4% 72% of fraudulent applications detected in 4% of total applications 20% 19.5% 10% 10.8% 5.6% 0% 2.0% 1.5%.7%.3%.1%.1%.1% Cum. % of Frauds 33% 46% 57% 65% 72% 77% 83% 88% 95% 100% 100% 100% 100% 100% Cum % of File 1% 1% 2% 3% 4% 7% 11% 23% 49% 93% 100% 100% 100% 100% Figure 1- FraudPoint Score detects a large percentage of fraudulent applications while generating very few alerts 6

7 Predicting Identity Fraud Schemes with FraudPoint Score Risk Indices The FraudPoint Score Risk Indices have been proven to effectively distinguish between different fraud schemes. Each of these fraud types are uniquely predicted by the fraud indices, as evidenced by a small correlation between the indices in the table below. Interestingly, these results show that individuals who are vulnerable victims, including minors and the elderly residing at retirement homes, are highly correlated with friendly fraud activities. This chart also highlights the insight that friendly fraud victims often have their identities heavily manipulated by the fraud perpetrators. Risk indices have low correlation with one another and predict different types of fraud schemes Friendly Fraud Vulnerable Victim Suspicious Activity 0 Stolen ID Synthetic ID Manipulated ID Suspicious Activity Vulnerable Victim Synthetic ID Manipulated ID Positive Correlation Negative Correlation 7

8 Predictive Power of FraudPoint Attributes The following tables demonstrate the predictive power of selected FraudPoint Attributes in differentiating fraudulent applications from legitimate accounts. These charts show attributes in isolation. By combining these attributes in predictive models, such as FraudPoint Score, the value of these attributes is much greater than that of each variable as a stand-alone indicator of fraud risk. A low number of sources or number of credit bureaus reporting an identity is effective in detecting fraudulent applications. ## of of Sources Reporting the the Identity ## of of Credit Bureaus Reporting the the Identity 25% 25% 22.8% 22.8% 25% 25% 20% 20% 19.7% 19.7% 20% 20% 18.5% 18.5% 15% 15% 10% 10% 5% 5% 0% 0% % 6.0% 2.8% 2.8% 1.5% 1.5% 1.0% 1.0% The identity activity within the LexisNexis customer network effectively highlights elevated fraud risk of an identity by looking at the number of searches conducted on the identity. 15% 15% 10% 10% 5% 5% 0% 0% 10.6% 10.6% 1.8% 1.8% 1.1% 1.1% Applications Received Pr F # of Fraud Prevention Searches for ID in Past Week # of Locate Searches for ID in Past Month 40% 35% 30% 25% 20% 15% 10% 5% 0% 35.0% 21.7% 21.7% 19.1% 19.1% 11.5% 11.5% 4.2% 4.2% % 40% 40% 35% 35% 30% 30% 25% 25% 20% 20% 15% 15% 10% 10% 5% 5% 0% 0% 3.5% 3.5% 4.6% 6.0% 7.4% 8.3% 4.6% 6.0% 7.4% 8.3% All All Applicat Through A high number of suspicious identities or suspicious identity activity at the input address is also very effective at detecting fraudulent applications % 25% # of Suspicious Identities Recently Reported at Address 26.9% 26.9% # of Searches with Input Address & a Suspicious Identity 30% 25% % 15% 10% 5% 0% 1.1% 11.6% 7.9% 7.9% 4.1% 4.1% 2.0% 2.0% 1.1% 11.6% 20% 15% 10% 5% 0%

9 Analytic Methodology To provide effective and immediate information when an application is submitted, FraudPoint retrieves the relevant identity information from the identity repository to calculate the underlying FraudPoint Attributes in real time. From these attributes a segmented fraud risk profile of the application is derived through a proprietary combination of parametric and non-parametric statistical processes to fully mine structured and unstructured components of fraud behavior, to identify any inconsistencies and highlight potential fraud risk associated with the application. This segmented risk profile is then used to calculate the three components of the FraudPoint Score: fraud risk score, fraud risk indices and fraud warning codes. FraudPoint Score Segmentation Strategy Fraud is a rare event and is only present in approximately 1-2% of applications. To compound the problem of detecting fraudulent applications, fraud trends are constantly changing and evolving. Because of this, when fraud does show up on an application it looks more like an anomaly in the data results. As such, building predictive models to find hidden (and evolving) anomalies without creating an abundance of false-positives becomes a challenge. The key to successfully identifying these hidden anomalies (rare fraud events) is the use of advanced segmentation, which sifts through the large amount of available data to monitor and detect newly emerging trends, patterns and relationships. Rather than applying a single methodology to all applications, FraudPoint focuses on identity combinations to differentiate between fraud schemes. During segmentation each application is allocated to a specific segmentation scheme, based on the individual characteristics of each application. Specifically, the population is segmented into different cohorts of consumers based on the most likely patterns of suspicious identity behavior in that cohort. The models are then built to differentiate nuanced identity anomalies within each cohort which separates the needle from the haystack in each particular cohort. This allows for more targeted fraud analysis, based on the identity fraud patterns uniquely associated within each segment. By utilizing a sophisticated segmentation scheme FraudPoint Score is able to effectively detect fraud attempts while reducing false-positive rates. Separate scoring systems were created to detect synthetic identities, stolen identities, manipulated identities, friendly fraud, vulnerable victims and suspicious identities. Customizing and Optimizing Fraud Prevention Strategies FraudPoint Score Custom Model Development While the FraudPoint Score has been developed to help detect fraudulent applications across a variety of industries and use cases, many institutions benefit from a custom FraudPoint Score model. Custom models are specifically developed for each customer based on the specific outcome information provided. LexisNexis has created hundreds of custom models for customers who needed a scoring solution fine-tuned for the challenges they uniquely face. LexisNexis is able to partner with institutions to receive their unique outcome data, build a powerful and customized model and deploy it for their use in just a matter of weeks. Custom models also typically boost FraudPoint Score s ability to detect fraudulent applications, further reducing fraud losses and improving operational efficiency. FraudPoint Score Real-World Workflow Many lenders and service providers utilize fraud risk scores to rapidly identify applications that need additional fraud assessment, such as multiple manual investigations, authentication processes and follow-up letters. FraudPoint Score provides predefined tools to help lenders and service providers optimize their overall new account fraud prevention strategy. The figure on the next page demonstrates an example workflow employed by fraud departments utilizing FraudPoint Score to help mitigate fraud losses. 9

10 Stolen Identity Synthetic Identity Accepted Applications Received Processed Through FraudPoint Worst 5% Flagged for Review Vulnerable Victim Friendly Fraud Investigator Conducts Research Denied Suspicious Activity FraudPoint Score Risk Indices used to Route Alerts to Proper Investigator Application is Accepted or Denied Based on Findings In this example workflow, an institution processes all applications through FraudPoint Score and flags applications that fall below an established score cutoff. The score cutoff and corresponding alert rate is usually determined by the lender s fraud losses avoidance goals, fraud prevention tools and the number of fraud investigators available to process the alert volume generated. After alerts are generated, institutions then utilize the FraudPoint Score risk indices to route alerts to teams that specialize in researching certain fraud schemes or to provide insights to these teams as they assess fraud on the application. The use of the FraudPoint Score warning codes is also effective in helping route high identity fraud risk applications to the appropriate investigation unit. After an investigation unit receives an alert, they typically use a number of solutions and processes designed to mitigate fraud risks. For example, some institutions utilize LexisNexis Risk Management Solutions and the LexisNexis Identity Report to further investigate the application. Some institutions contact the applying identity and use an out-of-wallet authentication tool like LexisNexis InstantID Q&A or LexisNexis Instant Authenticate to verify the applicant is the true owner of the identity. FraudPoint Solutions Delivery Methods FraudPoint Score and FraudPoint Attributes are offered as independent services or they can be bundled together. FraudPoint Score is offered via several delivery methods: XML machine-to-machine integration Batch services LexisNexis Risk Management Solutions (User Interface) LexisNexis Anti-Money Laundering Solutions (User Interface) FraudPoint Attributes are offered via the following delivery methods: XML machine-to-machine integration Batch services 10

11 Leveraging one of the Nation s Largest Fraud Prevention Identity Repositories Leveraging one of the nation s largest and most authoritative fraud prevention identity repositories and highpowered analytics, FraudPoint goes far beyond verifying if an identity exists - it is a more holistic examination of an application s fraud risk profile. FraudPoint identifies high-risk interconnections of seemingly unrelated events that other platforms are unable to make, providing lenders with intelligent power to better prevent identity fraud. Balancing the growing threats of identity fraud with the on-demand service expectations of legitimate customers creates significant challenges for today s lenders. FraudPoint solutions help pinpoint fraud faster so lenders can avoid identity fraud threats while staying focused on the legitimate applications that drive business growth. An effective fraud prevention strategy focused on mitigating fraud losses and building greater profits begins with LexisNexis FraudPoint solutions. For More Information Call or visit lexisnexis.com/risk/financial-services About LexisNexis Risk Solutions LexisNexis Risk Solutions ( is a leader in providing essential information that helps customers across all industries and government predict, asses and manage risk. Combining cutting-edge technology, unique data and advanced scoring analytics, we provide products and services that address evolving client needs in the risk sector while upholding the highest standards of security and privacy. LexisNexis Risk Solutions is part of Reed Elsevier, a leading publisher and information provider that serves customers in more than 100 countries with more than 30,000 employees worldwide. FraudPoint Solutions are not provided by a consumer reporting agency as that term is defined in the Fair Credit Reporting Act (15 U.S.C. 1681, et seq.) ( FCRA ) and do not constitute consumer reports as that term is defined in the FCRA. Accordingly, FraudPoint Solutions may not be used in whole or in part as a factor in determining eligibility for credit, insurance, employment or another purpose in connection with which a consumer report may be used under the FCRA. Due to the nature of the origin of public record information, the public records and commercially available data sources used in reports may contain errors. NXR