Anti-fraud databases: the security challenges of conventional storage

Learn how ClaimShare makes truly secure data sharing possible

Summary

• Centralized databases are vulnerable to cyberattacks
• This has been demonstrated by an ever-growing list of high-profile cyber incidents and breaches
• In contrast, decentralized systems are innately robust, reducing cyber risks
• ClaimShare combines decentralization with confidential computing to deliver superior security in anti-fraud data-sharing — perfect for the insurance industry

A number of projects around the world have brought insurers together to combat insurance fraud. Typically, they establish a form of centralized anti-fraud database to facilitate improved inter-insurer data sharing within their ecosystem. This makes it possible to prevent potential crimes, such as duplicate claims fraud.

Unfortunately, while reducing their exposure to one potential crime, they render themselves more vulnerable to another: cyberattacks.

Cyberattacks are a fact of modern business. Each year, the percentage of companies reporting to have suffered at least one data security breach seems to rise. It has become clear that insurers are a prime target for potential cybercriminals, particularly as they store significant amounts of personal data.

• In 2021, the Asia Pacific component of global insurance giant AXA suffered a severe data breach resulting from a cyberattack. The incident led to 3TB of data loss, including identity documents, claims, reimbursements, and account and medical details.
• That same year, New Orleans-based Pan-American Life Insurance Group was hit by a cyberattack that crippled its communications. Details of the amount of data lost were not disclosed.
• And also in 2021, US-based health insurer Excellus Health Plan agreed to pay $5.1 million to settle with authorities over a 2013–2015 data breach that affected over 9.3 million people. This last case is an example of how cases can haunt insurers long after the initial incident is resolved.

There are countless cases.

Although centralized data is vulnerable data, databases continue to fulfill a vital function for organizations. And this can lead to problems, particularly for businesses operating in highly regulated markets.

Companies that handle the sensitive personal identifiable information of customers — such as insurers — need to ensure data is safeguarded, as compliance failings can be costly. Under the European Union’s GDPR, for instance, a data breach of sensitive information can lead to a fine of up to 4% of a company’s annual revenues (premiums). For this reason, it makes sense to invest in mitigation tools.

Fortunately, a solution exists, one that tackles both the issue of duplicate claims fraud and insurer data security.

ClaimShare is secure by design

Created by IntellectEU, experts in distributed finance and emerging technologies, ClaimShare makes it possible to compare claims data between insurers without exposing or storing personal identifiable information (PII) in a centralized location.

• ClaimShare is secured with R3 Corda Distributed Ledger Technology. The solution is decentralized, encrypted, and confidentially-focused, making it far safer than a centralized database from a data security perspective.
• ClaimShare uses confidential computing, preventing exposure of PII-data during the matching process.
• ClaimShare needs only a fraction (5–10%) of the PII-data to match claims (using fuzzy-matching), making it vastly more scalable than alternatives.
• ClaimShare does not store the personal data of the claimant or the insurer. This avoids any issues with compliance.

These features make ClaimShare the only practical solution to data sharing in the insurance industry. For more information, please find a short introduction to the technology here.

Reach out to us directly at claimshare@intellecteu.com or book a demo at www.claimshare.intellecteu.com.