What’s so cool about fraud prevention? A lot, apparently. While being cool is not one of our business priorities, it certainly is a badge of honor we wear proudly. And now, we’re thrilled that the folks at MinneInno agree that our work, our people and our office (not to mention a random pirate who posed with us at a St. Paul Saints game) are super cool.
What makes us the coolest? There’s the requisite “cool-office” amenities, like a brand-new rooftop deck, complete with seating and a grill for raucous office luncheons or happy hours. But coolness isn’t about the visible trappings for ID Insight: it’s a reflection of the way we approach every challenge with creativity, collaboration and (of course) cool.
The coolness starts with our recruiting process, which is designed to cast a wide net for talent and champion workplace persity, and runs throughout our entire company culture. With such a tightly-knit team, it’s essential for everyone to care deeply about the company’s work, customers and each-other. That’s why we foster mutual respect and collaboration every day by constantly seeking team feedback and engagement.
Recognition also makes us cool, especially when we’ve got our very own “MacGyver Award,” a coveted framed photo of Minnesota’s own Richard Dean Anderson a.k.a TV’s MacGyver, a trained scientist who worked as a secret agent to solve life and death situations. The award is given to a different employee every quarter who exhibits ingenuity and resourcefulness to solve a critical business problem. We may take our work seriously, but our team never takes itself too seriously.
Coolness comes in many forms, and while ID Insight has the standard accoutrements of cool on the surface, it also permeates every piece of our business. We’re cool because of what we do, not just because we’ve got bike parking in the office.
We’re looking forward to celebrating with other nominees on Sept. 13 and angling for a spot as a category winner. In the meantime, please cast your ballot for ID Insight in the MinneInno Coolest Companies reader’s choice poll. And don’t forget to stay cool!
Our President and CEO Adam Elliott was quoted in a recent MyBankTracker.com article about the EMV (“chip card”) rollout and its impact on fraud prevention.
While marginally more secure than magnetic-strip cards, the article warns that “the new cards…offer no special protection against online fraud.” Even though point-of-sale protections are increased, fraudsters can still use EMV card numbers and security information to make online transactions, the same way they do with any other credit card.
In the article, Adam says:
“Unfortunately, fraudsters are also well aware of the EMV roll-out, and are modifying their strategies to take advantage of the situation for financial gain,” Elliott said. “Mass reissues of tens of millions of cards are attractive targets for criminals and their sophisticated change-of-address and card-not-present schemes.”
Read more about ID Insight’s perspective on account takeover fraud.
Image credit: MyBankTracker.com
“This is your bank. Did you request a $25,000 wire transfer from your Home Equity Line of Credit?”
Digital banking has changed the way customers interact with their financial institution. With more than 54 percent of customers using telebanking for some
or all of their banking interactions, phone number changes are increasingly becoming a setup event for account takeover fraud (ATO).
Here’s a prototypical scheme:
- A criminal accesses a customer’s account using stolen credentials, social engineering, password generation software or a combination of all three.
- The fraudster changes the primary contact phone number to a phone they control.
- The bank contacts the phone number to verify the change; the fraudster (not the actual customer) responds with OK.
- The crook now controls the entire account and may make small, legitimate-looking transactions to establish a pattern of activity.
- Finally, the fraudster cashes out by requesting a large balance transfer. When the bank calls to confirm the large withdrawal, it’s the crook on the
other end of the phone.
According to Javelin Strategy, 2016 saw a 31 percent increase in ATO fraud and a 61 percent increase in ATO-related fraud losses. But the real toll on banks is the time it takes to detect and resolve incidences of ATO fraud, particularly when a phone number change is used to disconnect the legitimate customer from their financial institution.
How can banks take a proactive approach to detecting and preventing ATO fraud perpetrated by using phone changes? First, look at all phone changes more stridently, including when a customer is adding a new phone number. Ensure the number is legitimate by assessing the carrier, device type and geography associated with the new number. Is your customer from Chicago switching to a “burner” cell phone number in Miami? Taken on its own, this discrepancy could be seen as harmless, but when compared to past patterns of customer behavior, it could seem more sinister. Looking at phone numbers in conjunction with other information changes enhances a bank’s ability to uncover more complicated schemes.
There are clear compliance requirements in place for banks governing address changes, yet the rules are less clear as to how banks should screen phone number changes. Now that a majority of customers (and criminals) use online banking, fraud has evolved to the point where a cash-out doesn’t require a physical address change. As a result, banks should apply the same rigor to phone-change screening as they do to address changes.
It’s important to remember that fraudsters are in the business of disruption: disrupting communication between the bank and its customers and disrupting the fraud detection and prevention processes that are well-known and already in place. Successful fraud schemes require this systemic disruption to succeed, so it’s rarely a single “red flag” that alerts banks to ATO fraud. By including phone changes in the mix of possible precursors to fraud, banks can help ensure that when they call or text a customer, it’s not a criminal on the other end of the line.