Mobile and single sign-on access pose the biggest risk to ID verification and fraud prevention, it’s claimed by a credit risk checking agency. Callcredit Information Group suggests that while most, 73pc of fraud professionals think mobile devices will be the key facilitator of identification in the future, over half (60pc) feel that they will present the biggest single point of compromise for fraud in the future.
A minority, 43pc of UK organisations are using mobile phone checks as a form of identity verification while one in five (18pc) are planning to implement it over the next three years. Half of respondents believe that name and address data will become obsolete as a verification measure.
According to Callcredit, the research indicates that companies are moving towards digital attributes such as email address and devices. When asked which piece of customer data provides the most fraud risk insights, email addresses came second with 44pc.
John Cannon, Commercial Director, Callcredit Information Group, said: “Over the past decade mobile phones have taken an increasingly important role in our society. One small part of this is how they have changed the fraud landscape. But there is an underlying tension when it comes to mobile for the fraud prevention industry – they are a key avenue in identity verification but they also represent significant risk. Fraud professionals must focus on using them to their advantage. By deploying tech-enabled identification solutions, mobile devices can actually help play a role in strengthening fraud prevention strategies, through enabling the quick and accurate verification of individuals.”
Callcredit has launched Trust Suite, of two new products, MobileID and EmailID, as checks that an individual is associated with the telephone number and/or email address they provide. Callcredit is also hosting a Fraud Summit, The Cost of Digital Fraud, on Thursday, September 14 in London W1S. The invited speakers are the author Jeffrey Archer; David Birch, a founder of Consult Hyperion; and Callcredit’s Chief Commercial Officer Chris Green.
Cannon added: “With the rapid adoption of mobile phones by consumers to access an ever-increasing range of products and services, Callcredit continues to be at the forefront of digital identity innovation. We can now link the greatest range of digital identity attributes to physical identity, the latest being email addresses and mobile phone numbers. This opens up a wide range of new authentication use cases for our customers who can benefit from establishing trust between previously unlinked digital data items, such as a mobile phone and credit card or bank account number and email address. As mobile devices become the key to unlocking services, fraudsters will increasingly target them, so being able to increase security checks without impacting genuine customers is vital.”
About the survey
Some 106 fraud prevention managers and directors working in companies with over 100 employees completed an online survey in August 2017, arranged by London-based research agency Loudhouse.
Comment
Ryan Wilk, director at NuData Security, said: “As we continue to move to a digital first world, it is vital that companies work to evolve consumer authentication in an effort to make it more secure, while assuring convenience for consumers. As we see in this Callcredit report, single data points used for authentication continue to be the greatest point of failure in the secure authentication chain. Many companies have placed the trust of authentication in a username / password or by binding the user’s credentials to a device. While these are effective means to stop the novice fraudster, these controls continue to fall short at the times they are truly needed.
“To ensure we can continue to have a trusted and secure authentication path in this digital first world, merchants and banks need to move away from simply trusting single data points or a device that can be spoofed or compromised and place the trust in their valued customer. This trusted environment can only be achieved through a holistic risk based authentication infrastructure that looks across multiple vectors of the user’s behavioural interaction such as Device, Connection, Behavioural Analytics, and Passive Biometrics powering a dynamic and intelligence step up authentication system. Doing this will allow merchants and banks to avoid the risk of authentication fraud while ensuring that their valued customers continue to receive a great experience.”
