Online banking has helped both accountholders and financial institutions communicate more efficiently, but it has also had a negative impact on fraud detection and prevention. With more account management tasks and transactions taking place online, the opportunity for fraudsters to impersonate legitimate customers
has grown exponentially.
With so many new technologies available to predict and prevent fraud, why is account takeover still on the rise? Simply put, fraudsters always take the easiest and most profitable path. If a financial institution puts controls in place to close one vulnerability, then the fraudsters will try and get past it. If bypassing the new control proves more difficult or not cost-effective, then they tend to migrate to other schemes. For example, implementation of EMV chips for U.S. credit and debit cards helped diminish point-of-sale fraud. Fraudsters simply moved on to ATO and new account fraud, aided by data breaches. Online banking is a lucrative channel for criminals as tighter controls eliminate or complicate other options.
Once a criminal obtains access to – and control of – an online account, complete account takeover (ATO) is imminent. How can banks distinguish legitimate customers from fraudsters before they gain control of an account? First, it’s important to understand how an online ATO scam works. We’ll also share a real-world example to help illustrate the strategy behind the scam.
Step One: Obtain Stolen Information
This is perhaps the easiest part of the scam, since millions of identities – including SSNs, DOBs, addresses, phone numbers and email addresses – have already been exposed by high-profile data breaches. Particularly troubling is the availability of “fullz” – complete sets of identity information – on the dark web. In our example fraud scenario, the perpetrator obtains the stolen information and credentials required to establish online banking as if he were the real customer.
According to a 2017 article, a typical fullz record sells for just $30, making it highly affordable and cost-effective for fraudsters. If criminals purchase 100 fullz for $3,000, they only need to be successful with just three out of those 100 identities to make a profit. According to Javelin Research, the mean fraud amount per victim is just over $1,000. It’s a numbers game for fraudsters – if a fullz identity lacks certain criteria (high credit score, no credit monitoring, etc.) then it’s easy for them to write off less-than-ideal fullz records
while profiting off only the most vulnerable identities.
Step Two: Change Contact Information
Once the fraudster has a full set of contact, identity and user login credentials (often obtained by other fraudulent means) for the victim’s account, they log in and change the mailing address, phone number and other contact details. This ensures that any fraud alerts, wire transfer authorizations or direct communications from the financial institution go straight to the fraudster. The goal at this stage is for the criminal to get between the legitimate customer and the bank. In our example, the fraudster requests checks from the victims’ home equity line of credit. The bank sends a text message to the fraudster, who verifies the request and confirms the address change.
This is a point at which the financial institution could have caught the fraudster – a comparison of the addresses could have flagged the address change as out-of-pattern behavior. The legitimate customer lives in a large executive home in Scottsdale, AZ but the address change shows the customer moving to a rented mailbox storefront in Northridge, CA. Taken at face value, the change looks legitimate, but after further analysis, more suspicions arise. Not every customer information change can be verified manually, but an automated solution using multiple sources of data could have helped detect account takeover fraud in the making.
Step Three: Cash Out
Now that the fraudster has successfully impersonated the customer, the payoff begins. In our example, the bank mails home equity line checks to the new address (the rented mailbox) after confirming the address change with who they thought was the legitimate customer. The fraudster then cashes in more than $250,000 worth of checks before the bank catches on to the scam, while the perpetrator moves along to the next opportunity.
Detection and Prevention
Preventative measures that take an automated and predictive approach to detection, including monitoring for non-monetary transactions, are one way to curb account takeover fraud. With some large financial institutions investing heavily in processes and solutions to stop both ATO and new account fraud, organized fraud rings will begin targeting organizations that have not shored up their defenses. The criminals will quickly find the most vulnerable mark and – like a wild animal stalking its prey – will persist until their goals are met.
The entire financial services industry – especially smaller banks, community banks and credit unions – must take note of the rise in ATO fraud and begin plugging holes in their fraud defenses. Online banking is rapidly becoming the path of least resistance for fraudsters, and while better controls will not eliminate fraud completely, they will make the cost and effort involved too rich for criminals that are seeking an easy score.
Wow! On January 3 of this year, ID Insight celebrated its 15-year anniversary. Fifteen years ago, identity theft was not quite front-page news, the U.S. had not yet invaded Iraq and President Bush was just completing his second year in office.
I was in my mid-thirties and embarking on a journey that I could never have imagined. Through the first 13 years of my career, I followed the corporate route, progressing from a computer programmer to a data scientist (before we called it that) to running an information-based analytics business. While I enjoyed that period of my career, by 2002 I was ready for a change. I had always wanted to start my own business and the need to scratch that entrepreneurial itch was growing. I didn’t realize how badly I wanted to scratch that itch.
People told me I was crazy; in hindsight, I think they were right.
Over the next few weeks and months, an idea took shape: creating a fraud detection engine that could stop identity theft in its tracks. On January 3, 2003, ID Insight incorporated with a few bucks in the bank and an optimism that we were on to the right thing.
During the next two years, it was the proverbial “two guys in a garage,” building ID Insight by day and consulting by night, all the while trying to convince somebody, anybody to buy the solution we were selling. We had a blueprint for how to build the engine, but the engine was just that – a blueprint.
Those early days were both exciting and maddening – extreme optimism countered with a realization that I still had to pay the bills. I had never felt that vulnerable and exposed – yet never so excited and happy with my work life.
Whether it was divine intervention or just persistence, we finally got a prospective customer to say “yes” in late 2005. They bought our blueprint! While this was terribly exciting, they said it needed to be up and running in six weeks. We had no idea how to do that, nor did we have the money to do it. Thankfully, with help from our technology partners and sacrifices from all of us, we pulled it together and somehow brought our first satisfied customer aboard.
This created a new problem. Now that we had our first large customer, we needed capital to build a data center. Never having raised capital before, I remember asking people “how do you raise money.” The response I got was “just start calling everyone you know.” Over the next few weeks and months, we had raised enough capital to fund the data center expense as well as hire our first employees.
Things progressed, albeit slowly, until 2007 when the FACTA Red Flag mandate was finally published. The new FACTA regulations required financial institutions to screen address changes and new account address discrepancies for the likelihood of identity theft. That was it! This is what we had invented; this was our patent. Our special sauce. With this news that our solution would be mandated by November 1, 2008, the window was now wide open.
We needed to get the word on the street. ID Insight was the company that invented the technology to optimize the screening of address changes and address discrepancies. To do this, we would have to raise capital again. We went back to the well and raised a second round of capital. Per our plan, we quickly built the team to run for the finish line. The only problem was (hindsight 20/20) we only had 12 months to do it. So we began to sprint.
Over those next 12 months, we went from a handful of clients to over 300. While we were happy to add all of these clients, they were mostly smaller institutions that did not generate a lot of volume. I vividly remember November 1, 2008 – two things happened almost simultaneously around that date. First – all financial institutions had carved out their FACTA plans and on that day – our sales “flat-lined” as all financial institutions had made their plans. Second – there was this pesky thing called the “economic collapse.” I remember calling on prospective customers only to be told “Adam – we will be lucky to have the doors open at the bank over the next few months.”
By 2010, this “never say die” attitude and culture resulted in establishing our base. We had become a battle-tested group of fighters that believed they could withstand any storm and anything thrown their way. We had pulled every rabbit out of every hat. We had created new ideas that brought in revenue. And now, financial institutions were coming out of the economic collapse of 2007-2008. They were spending money again and realizing that our solutions were needed to stamp out identity theft.
Over the next seven years, we began to grow and expand our solutions and customer base. Suddenly, we were finding success in other markets such as e-commerce, health care and mortgages. Today, we are serving more than 2,500 customers and recognized as a leader in identity theft detections solutions – especially in the retail banking industry. We serve customers ranging from the top five banks in the country to one-branch credit unions in some of the smallest towns in America.
What I am most proud of is our employees, our shareholders and our board members. While we faced our share of adversity over the years, no one ever lost hope and never stopped believing. We never gave up. We all hung in there and kept on fighting. We are still innovating and still fighting!
I do believe in the adage that “what doesn’t kill you makes you stronger.” That persistence and the culture that has emerged continues to impress me. It makes me realize how fortunate we all are to have been a part of this great experiment.
As Ralph Waldo Emerson once famously said “it’s not about the destination – it’s about the journey.” And what a journey it’s been – here’s to the next 15 years!
The energy of innovation crackled throughout the WeWork co-working space at Capella Tower last night as ID Insight joined 49 other Twin Cities companies being recognized for high growth in AmericanInno’s inaugural 50 on Fire awards.
50 on Fire recognizes companies, organizations and people having a banner year across a variety of categories, including technology, agriculture, civic engagement and more. ID Insight’s year included business growth, new product development, staff expansion and multiple awards and honors, including a Eureka! Award for Innovation from the Minneapolis/St. Paul Business Journal.
The Twin Cities is home to hundreds of hard-working startups and technology companies. Being recognized as one of the most innovative is a testament to ID Insight’s never-ending pursuit of new technology solutions to help banks prevent fraud. We’re proud of the recognition, but even more proud of our customers who challenge us every day to solve their most pressing problems.
Here’s to another year of incendiary innovation!
During the turn of the century, account takeover became front-page news and a particular scheme ultimately led to the development of the Fair and Accurate Transactions Act (FACTA) Red Flags Guidelines in 2008. The scheme, which created the fallout, was simple and relatively slow; fraudsters were committing takeover by changing a legitimate accountholder’s mailing address to an address they controlled and then following up soon afterwards with a new credit or debit card request. This was a slow-moving (but effective) scheme that forced banks to put fraud controls in place to try to ensure that cards were being shipped to the legitimate customers.
Because the scheme took time to unfold and the issuer had to produce the physical card, the procedures put in place to prevent fraud losses had to be actionable before the card was in the hands of the fraudster — typically 3-5 days. Manual procedures and batch processing fit the bill and satisfied the regulators because the “speed” was not an issue.
New Schemes are Faster
With the advent and proliferation of online banking, account takeover schemes have emerged where the victim’s accounts are drained in a quicker, tighter timeframe than ever before. After the fraudster compromises the victim’s online banking credentials, they can move funds in near real-time. Unlike changing the address and requesting a new card, once the fraudster begins an online banking session, they can transfer tens of thousands of dollars immediately from the victim’s account to an account the criminal controls.
The scenario above seems very straightforward: the fraudster gets the online credentials, logs in and moves the money. Thankfully, the process is not quite that simple. As an example, let’s say the fraudster logged in and attempted to transfer $40,000 to an account at a different financial institution. The bank would typically flag this as a “high risk” transaction, and reach out to the customer to make sure they really wanted to move that much money. Of course, the fraudster understands that the bank will try to reach out to their customer. To fulfill their fraudulent money movement, they will first change the phone number on the account and then move the funds. That way, when the transaction request trips a flag, the bank ends up contacting the fraudster (not the victim) to confirm the transfer of funds. In a similar way, the fraudster will change the email addresson file, and then request the funds ensuring that all email notifications go to the fraudster and not the victim.
Scrutinize Non-Monetary Transactions
Much like address changes, the reason fraudsters change phone numbers and email addresses on the customer file is to intercept any and all communications by the bank to their legitimate customer. By taking over the communication channel, they can effectively carry out the account takeover. To combat account takeover fraud, financial institutions need to screen various non-monetary transactions, specifically those that involve changing customer communications credentials such as mailing address, phone number and email address. By scrutinizing these changes as they happen, banks can thwart potential account takeover attempts. As a simple thought exercise, consider the following questions:
- Why is my customer moving 1,500 miles away to a mail-forwarding facility in a high-crime area?
- Why is my customer changing their phone to a prepaid line whose area code is 100 miles away?
- Why is my customer changing their email address to an email address whose server domain is located in Belarus?
These simple questions have an obvious answer: if you knew these were actual cases associated with a large funds withdrawal, you’d want to make sure the customer and the request were legit.
While extraction of the funds can happen over a matter of days, or as soon as real-time, financial institutions need to manage to the lowest common denominator of real-time. Years ago, when the predominant account takeover scheme was an address change followed up with a card request, the bank had days before the funds left the institution. Given the new and varied paths to commit account takeover – and the increased complexity – it is paramount that you now look to screen these non-monetary events in real-time.
When you go back in time to the original FACTA language, banks were instructed to take action on certain high-risk events. Specifically, banks needed to screen address changes for the likelihood of identity theft, which all banks are now doing in some fashion. However, there is also a provision that states that if banks understand there are other observed events indicative of identity theft, then the bank must document and specify how they are addressing these events in their plan. We have spoken with many bankers who recognize that phone changes are a significant leading indicator of account takeover; however, it is rare to find financial institutions that have made this a part of their FACTA plan.
Screening changes to customer contact information is a critical element in a comprehensive enterprise account takeover prevention program – especially these days when it can happen in real-time. Essentially, the speed of fraud prevention and detection must match or exceed the accelerated speed of fraud today.
Adam Elliott, President and Co-founder of ID Insight, explains how account takeover has evolved in the digital age and what credit unions can do to protect themselves. Read the full Credit Union Times article.
Millennials are leading the charge where technology and financial payments come together. Unfortunately, fraudsters also like to jump on new technology while businesses are still working out the kinks and have not yet discovered critical process gaps. This time, the fraudsters are pulling an end-around with mobile wallets, effectively bypassing EMV to commit credit card fraud at the point-of-sale.
The scheme does not involve counterfeiting the chip but instead exploits vulnerabilities in mobile wallet enrollment processes that allow bad guys to put virtual cards right on their mobile phones. The retailers are off the hook from a liability standpoint because the card is not physically present—it is essentially like an in-person version of CNP fraud.
How are the fraudsters doing it? They have made some slight adjustments to classic account takeover schemes. This is how it’s done:
Obtain Stolen Information (This is a time-honored practice that is well honed by the bad guys)
- Acquire credit card and personal information that was originally stolen via a massive data breach or simple social engineering.
- Contact the issuer and change the victim’s email address and phone number.
Set the Stage (This is account takeover and takes a few minutes)
- Enroll in the mobile wallet (e.g., Samsung Pay, Apple Pay, Android Pay, etc.) by entering the credit card information (i.e., Name on the Card, Card Number, Expiration date and CVV).
- The card issuer will usually send a One-Time Password (OTP) to either an email address or a mobile phone number.
- The fraudster enters the OTP in a pop-up window.
- The mobile wallet provider verifies the credit card and the cardholder information with the issuer and the bank sends an ID for that card to the mobile wallet provider. The mobile wallet stores that ID in the app.
- The issuing bank sends an email alert or a text message that the card is added to the mobile wallet.
Cash Out (This is in-person CNP fraud)
- Once tokenized, the fraudster is free to use the card at brick-and-mortar retail stores, purchasing fenceable goods or making small purchases and requesting cash back.
Did you notice the critical step above that makes or breaks the scheme? The fraudster has to change the legitimate cardholder’s email address and/or the phone number before the card can be added to the mobile wallet. If this step is not completed, the enrollment cannot occur and the card cannot be tokenized in the wallet.
Therefore, it is critical for issuers to determine if an existing customer-initiated phone number or email change is legitimate. When the financial institution can determine if the phone number or email address change is suspicious, they can then put procedures in place to avoid fraud losses.
Millennials and fraudsters are not going away anytime soon. Last year, according to Javelin, CNP Fraud increased by 40 percent and Account Takeover Fraud increased 60 percent. Having controls in place to ensure that all contact information (i.e., mailing address, email address, phone number) in the customer profile actually belongs to the legitimate customer is best practice. It would certainly help stop this scheme.
We recently listened to an episode of the Freakonomics Radio podcast titled “In Praise of Maintenance.” This episode explores the tradeoffs between innovation and maintenance, and raises the question of whether this is just a false dilemma. Do we really need to choose between building new things and maintaining the things we already have, or can we have both?
This question reminded us of a common challenge faced by financial institutions (FIs) when contemplating their identity fraud protections throughout the customer account lifecycle. While the parallels between fraud prevention strategy and the question of whether to invest in space exploration versus bridge repair are loose at best, they both circle around the same core question… does the choice to actively maintain what is already established necessarily come at the expense of investing in what is new?
When it comes to identity fraud strategy, unfortunately, FIs don’t have any other choice but to walk and chew gum at the same time. When onboarding a brand new customer, it is critical for an FI to thoroughly proof the new customer’s identity and ensure that the person is who they say they are. Failing to verify the identity of a new customer could result in fraud loss, non-compliance, and reputational damage. And for these reasons, most FIs (to varying degrees) do a decent job vetting the identities of their new account applicants. But then what happens once that account is established? The FI has gone through all the paces to establish true belief of identity at the outset of the relationship, why not maintain the identity – making sure it remains solid and uncompromised throughout the entire account lifecycle?
A growing body of evidence suggests that many FIs are not approaching identity maintenance with the appropriate level of rigor. But as identity takeover fraud continues to gain steam, this issue is becoming more and more important. Fraudsters are exploiting this lack of focus on existing account maintenance events (e.g., phone changes, online account changes, address changes, etc.) to fly under the radar and commit account takeover. So what can you do to actively maintain your customer identities? In the simplest terms, when some aspect of your customer’s identity changes from what has previously been established… take a closer look and make sure the change can be explained.
Here a few examples:
- When you receive a request to update an existing customer’s account with a new phone number and you send account notifications via SMS, check to make sure that phone change is not subterfuge – a fraudster trying to route account alerts away from your true customer.
- When you a receive a request to add an authorized user on an existing account and they ask for a new card shipped to a different address, check it out to make sure it isn’t a ploy by a fraudster to get their hands on a working card.
- When someone adds an email address to an existing account and shortly after tries to tokenize their card in a mobile wallet app, make sure it isn’t a fraudster trying to hide the notification from the true account holder.
While each of these examples seem worthy of a closer review, the truth is that many FIs today are not screening for these kinds of events in an automated, score-based, cross-enterprise way. But there are solutions that can help. Operationally speaking, installing these tools is easier than you might think. The system of record for identity is most commonly the Customer Information File (CIF) on the FI’s account processing platform. As such, the ideal solution for identity maintenance interfaces directly with the CIF, monitoring for potentially high-risk changes to your customer’s identity or contact information.
Integrating a score-based solution that detects risky account changes to the CIF can yield the following benefits:
- It ensures that all identity or account changes are properly screened, regardless of channel. This puts you in a better position to detect cross-channel identity fraud attacks.
- It ensures that all identity or account changes are properly screened, regardless of product. This puts you in a better position to see across product siloes and detect instances of full relationship takeover.
- By automating the screening process, it removes the burden of manual review and staff training.
- By automating the screening process, it ensures compliance with Red Flag on every applicable account change (i.e., address changes).
As banking continues to shift away from branches to digital channels, FIs rely increasingly on phone numbers and email addresses as critical contact points for interacting with their customers. Having the right controls deployed in the right systems can ensure that the contact information in the customer profile authentically belongs to the actual customer, thus thwarting identity takeover attacks and maintaining trusted relationships with your customers. Some things really are worth the maintenance.
Criminals have always figured out new ways to perpetrate account takeover (ATO) fraud, and a popular new method exploits a very common method of authentication: customer phone numbers.
A new report indicates that account takeover on mobile phone became nearly twice as prevalent in only one year. Mobile phone accounts represented 12 percent of all takeovers in 2016, up from 7 percent in 2015. In each case, cybercriminals sought to monetize mobile accounts and leverage them to compromise the mobile-based alerting and authentication solutions that financial institutions, issuers, and other businesses rely on to prevent fraud.
While address change is still a preferred path for fraudsters, phone number changes are increasingly becoming a setup event for ATO. Conversations with several ID Insight clients uncovered that account takeover schemes associated with fraudulent phone numbers were becoming prevalent.
The scam often works like this:
- When large money transfers are requested, banks place an outbound call or text message to the customer to confirm the transaction
- Once fraudsters have access to customer account information, they change the pertinent contact details – including address and phone number – to ensure that any attempts at verification are routed directly to the criminals
- When the bank contacts the “customer” to authorize these changes or transactions, they’re just confirming the details with the fraudster
- Once the transaction is approved, the criminal drains the account and moves on to the next victim before the customer realizes that the bank’s well-meaning security processes only enabled the fraudster.
Since several of our financial institution clients were already providing ID Insight customer phone numbers (as input to our fraud prevention solutions), we were able to investigate the emerging phone scheme. Our analysis revealed interesting patterns that – when taken together – often point directly to fraud:
- The greater the geographic distance between the old and new phone numbers, the greater the fraud risks. A change from San Francisco to Sacramento might not draw scrutiny but a change from Baltimore to Spokane may be more indicative of fraud.
- Greater distances between address and phone number. While customers sometimes keep out-of-town phone numbers when moving to a new area code, a phone number that doesn’t match the city or state of residence deserves added scrutiny.
- Changes in phone type. Customers continue to “cut the cord” with landline phones, so any change from a mobile phone number to a landline suggests higher risk than mobile-to-mobile changes.
- Changes in carrier type. Due to their transient nature, repaid phone numbers and voice-over-IP (VoIP) numbers are far riskier than landlines or post-paid mobile phones when it comes to fraud.
- Urban versus rural. A customer who has spent years using a phone with a rural area code before suddenly changing to an urban area code is worth additional scrutiny.
- NPA NXX (Area Code/Exchange). Many U.S. overseas territories have three-digit area codes and prefixes similar to those in the 50 states, and a basic validation check can reveal whether a phone number has been issued in the U.S.
- Many customers legitimately keep their phone numbers when changing service providers, but new phone numbers that have been recently ported are especially high risk.
- Business phone numbers. If a customer suddenly changes a phone number from a residential or personal number to a business (particularly businesses with a high incidence of fraud, such as check-cashing stores or private mailboxes), then further investigation is necessary.
- Phone number verification. Consumer names can easily be associated with specific phone numbers using independent verification sources. If a customer requests a change to a number that’s already associated to another individual, then the risk of fraud is increased significantly.
These are just some of the individual characteristics and peculiarities of phone number changes that are indicative of suspicious activity. When these individual attributes are combined together in a predictive model, the results are powerful. Paying close attention to phone number changes can alert banks to potential account takeover schemes and help them mitigate risk, while ensuring they can continue to leverage the mobile channel to benefit their businesses.
As with other forms of fraud, only a small percentage of customer-initiated phone changes are fraudulent. But by scrutinizing these changes using data-driven analytics, banks can more easily determine when the phone is baloney.
To learn more about ID Insight’s new phone change solution and the company’s full portfolio of anti-fraud technology for financial institutions, contact us to schedule a demonstration.
Anti-fraud technology leader ID Insight has made significant enhancements to its renowned fraud prevention platform to detect fraudulent account activity by screening phone number changes.
In the company’s research of tens of thousands of customer phone number changes in the financial services space, it detected interesting patterns that distinguish legitimate phone number changes from fraudulent changes. The analysis uncovered the following key indicators that signal an elevated risk of fraud:
- Geographic distance. The greater the distance between the new phone number and the old phone number, the larger the risk. Likewise, there is an elevated risk for cases where the new area code is located a large distance from the customer’s current mailing address.
- Carrier type. Changing from a landline to wireless, or wireless to landline often indicates higher risk than going from a wireless number to another wireless number. Certain types of carriers, such as prepaid phone numbers and voice-over-IP (VOIP) lines, are much riskier than landlines or postpaid mobile phones.
- Urban versus rural. A change in phone number from a rural location to one that is tied to an urban center indicates a higher risk than a rural-to-rural or urban-to-urban change.
- Area Code/Exchange. A basic validation check of the area code and exchange confirms that the phone number has been issued to a U.S. customer.
- Local number portability allows customers to retain their phone numbers when changing service providers. New phone numbers that have been recently ported require a higher level of scrutiny.
- Business phone numbers. A change from a residential phone number to business. For example, a new phone number that is tied to a check-cashing outlet is highly indicative of fraud.
- Phone number verification. When the consumer name can be associated with the phone number through an independent verification source, the risk of fraud is greatly reduced.
ID Insight took the lessons learned from this research to develop a predictive model that combines individual risk indicators that help fraud investigators prioritize their queue and work the phone number changes that are most suspicious. By verifying the legitimacy of phone number changes, financial institutions are able to reduce the risks and constraints that may be holding them back from more fully utilizing the mobile channel.
Phone Change Fraud a Growing Problem
ID Insight, whose industry-leading anti-fraud solutions include address and identity verification tools for banks and credit unions, developed the new phone screen solution in response to the growing problem of fraudsters manipulating phone numbers as part of account takeover schemes. Criminals have recognized that when large money transfers are requested or other out-of-pattern account activity takes place, financial institutions are much more likely to place an outbound call or text to their customer to confirm the legitimacy of the requested account action.
Using an abundance of hacked personal data available on the black market, criminals pose as legitimate account holders and change the customer’s contact information, ensuring fraud alerts and other bank communications are sent unwittingly to the perpetrator and paving the way for complete control over their accounts before the victim knows it is happening.
“The mobile phone is a critical channel for bank customers and financial institutions that rely on mobile banking, on-line account opening and mobile wallet applications for convenience,” said Adam Elliott, founder and president of ID Insight. “Having controls in place to ensure the phone number in the customer profile actually belongs to the legitimate customer is critical for reducing fraud risk, which is why we added phone number screening to our portfolio of anti-fraud solutions.”
To learn more about its new phone change solution and the company’s full portfolio of anti-fraud technology for financial institutions, contact us to schedule a demonstration.
ID Insight’s Sudheer Prem is featured in TechdotMN’s monthly interview of Minnesota chief techies. To get up close and personal with Sudheer, read the full interview: Meet A Minnesota CTO: Sudheer Prem, ID Insight