FRAUD PREVENTION

Fight Identity Fraud using AI

Identity Fraud is a key threat and challenge for Indian Retail/E-commerce merchants and Financial Institutions

Fraud arising from stolen Personally Identifiable Information (PII) is a severe threat to consumers and businesses which continues to rapidly rise and cause significant financial losses.

What is PII?

Personally Identifiable Information (PII) is any data that could potentially be used to identify a particular person via triangulation across data sources

Examples include the Name, Address, Phone Number, Email Address, Government ID details (PAN, Aadhaar, Passport, Driving License, etc), Bank Account details (Account Number, Credit/Debit Card Number), Passwords, PIN Numbers, etc.

How is PII stolen?

• Data breaches across all industries have resulted in consumers’ PII being compromised
• Phishing emails, mail hijacking, malware, etc
• Fake apps or websites are used for online shopping scams to take advantage of the reputation of a popular company
• Cybercriminals may also indulge in skimming, i.e., stealing information from a debit or credit card as it is being swiped

How is stolen PII misused?

Once stolen, this PII information is directly used for fraud or bought and sold on the Dark Web for financial gain. Some of the common frauds committed by the imposters are as below.

• Opening new accounts for credit cards, loans, phones, other goods, and services
• Taking over existing accounts and siphoning away funds & resources
• Using the reputation of the existing account for more fraud
• Making transactions using stolen card details

Identity Fraud Process

Identity fraud has had a significant impact on the Indian finance industry. Here are some latest examples of identity-related fraud from published news and reports in India.

Dhani Loan App Incident

The Dhani loan app incident is the latest example of Identity Fraud, where hundreds of people in early 2021 discovered unaccounted outstanding amount on their credit history records. Fraudsters had reportedly used the permanent account number (PAN) details of people to avail instant loans from the Dhani app

According to independent cyber security researcher Rajshekhar Rajaharia, this could be the act of cyber criminals who had access to the PAN details which were compromised and traded on the dark web by some hackers.

NortonLifeLock Report 2021

A cybersecurity report released in 2021 by NortonLifeLock found that 60 percent respondents have been a victim of cybercrime within the last 12 months.

True Cost of Fraud in India

According to a LexisNexis study in 2021, the cost of fraud for surveyed industries in India is 3.84X the lost transaction value on average. It is higher (4.76 X) among financial services institutions, as FIs face fraud impacts on two fronts:

1. Indirectly through chargebacks submitted by retailers hit with fraud
2. Fraud attacks targeted directly at them

You can see the cost distribution in the below chart shared by the respondents.

Source: LexisNexis

In terms of average monthly attacks, the financial services industry is the most vulnerable, successful attacks are almost double that of retail/e-commerce, and each successful attack in financial services is ten times costlier.

** Based on self-reported numbers and likely recall; may vary based on seasonality, Source: LexisNexis

Identity fraud represents a significant portion of Indian Financial Institutions’ fraud losses. This likely relates to the cybercrime scams targeting access to bank accounts, especially since Financial Institutions also attribute a similar distribution of fraud losses to account takeover as they do to 3rd party and synthetic identity fraud individually — and significantly more so compared to retail and E-commerce merchants.

% Distribution by Type of Fraud, Source: LexisNexis

Account-related fraud represents a sizeable portion of identity-related fraud losses. This is highest (65%) in financial services, followed by retail (60%) and e-Commerce (54%).

Identity-Related Fraud: % Distribution by Activity, Source: LexisNexis

Identity Fraud Prevention— Traditional Approach

Fraud is becoming more sophisticated and complex. Traditional verification checkpoints, using physical attributes (physical address, date of birth, PAN, Aadhaar number, etc.), are less effective at detecting and preventing these new types of organized fraud. This is particularly challenging for transactions conducted or applications submitted online.

Identity Fraud | Traditional Rule-Based Approach

Identity Fraud Prevention — CueNex Approach

We believe in a data-centric approach to solving fraud. To this end, we scour billions of data points from multiple sources including the Dark Web that associate a person’s identity and behavior. We combine this customer 360 profile with our understanding of fraudster’s tactics targeted to each specific industry/use case to curate highly predictive features.

Our Machine Learning team leverages its years of experience to curate high-fidelity Predictive models. We leverage use-case-specific models to solve industry problems, these models range from Causal Linear Models to Boosted Tree to Deep Neural Networks.

We continually make tweaks to our deployments to weed out various types of fraud and malicious intent from the businesses at the underwriting stage itself.

Our solutions solve identity-related frauds such as Identity theft, Account takeover, etc. across customer lifecycle and across industries such as Banking, Insurance, Lending, and Car Rentals.

In the next set of blogs, we will pen down our modeling best practices and solving fraud at hyper-scale at CueNex.

If you are looking for robust fraud detection solutions, feel free to reach out to us at ajay@cuenex.in or rajneesh@cuenex.in