3 Common Identity Fraud That Plague FinTech Startups & How to Avoid Them
There are as many types of fraud as there are fraud prevention tools. I’m here to categorize 3 common types of originations fraud and a few tips to prevent them. A great fraud prevention program will increase your profit margin and strengthen your capital market’s relationships and protect you from headline and compliance risk.
First Party Fraud
, a.k.a True Name Fraud, a.k.a. Identity Fraud comes in a variety of different flavors. There is “No Intent to Pay”, “Synthetic Identity” and “Identity Fraud by Friends and Family” to name a few. It’s also defined as using one’s true identity, bits and parts of their identity and worse identity of their next of kin to falsely apply for credit with the intent to defraud for financial gains.
With the popularity of online lending, it’s been made even easier for fraudster to take advantage of newer fintech players and online lenders. From my experience, a third of your first payment default comes from this type of fraud. As you know by now, there are no silver bullets for fraud detection. However there are many ways to passively verify one’s intent and identity.
Credit, debit, identity bureaus and many data providers are out there to help with a variety of identity verification tools. However, most interestingly, there are firms out there that can help with verifying and triangulating identities with pseudo-PIIs (Personally Identifiable Information) such a phone numbers, email addresses, device id & geolocation, online social identity and credentials.
As fraudster’s tactics evolve, having a knowledge based authentication tool is no longer sufficient. The recent IRS hack that exposed over 100,000 tax transcripts has shown us the venerability of a single point solution.
Second Party Fraud
, a.k.a. Publisher Fraud, a.k.a. LeadGen Fraud. Many of us relying on lead generators and third party publishers as our main source of marketing effort. It behoves us to understand the lead generator’s business model. Their goal is to maximize profit or number of potential sales per each lead generated.
Inadvertently, this practice also helps fraudsters in one sitting to effortlessly reach out to many fintech players. This might sound like a marketing problem, but the impact to losses is huge. There are at least two important reasons to be reasonably cautions about this situation.
First of all, some borrowers will get overzealous when multiple offers are presented to them. They will take on more financial burden than they can afford. CFPB is look at this issue closely and unfortunately, they are putting the burden on fintech firms and lenders to fix this issue. Secondly the more disciplined customers may have already taken another firm’s offer and your marketing plus underwriting dollar is wasted.
There are many lead identity firms out there however bigger lead generators refuse to stamp born on dates on their leads for obvious reasons mentioned earlier. Most of the data bureaus also starting to provide inquiry clustering or counts and first/last seen dates as a proxy to detect whether a potential customer has been shopping around or whether their identity has been sold and still echoing around the universe. A well defined conversion model with a fraud angle would save you around 15 to 20% of marketing cost let alone reduce your losses and headline risk.
Third Party Fraud
garners most media attention. This type of fraud happens suddenly and financial impact usually severe. Because of this, there are firms take on some very creative approaches to solve this problem.
For example, some original fraud prevention firms take the approach of measuring stability of a person’s identity over time. An unstable identity is either a synthetic identity or a victim of identity fraud.
Other firms triangulate locations of multiple devices to analyze a person’s true intent and behavior. There are also companies analyzing social data for words uttered during certain hours of day. I’ve used a few firms that provides the longevity of an applicant’s email address, the fresher the email address, the higher the propensity for fraud.
We all know that there are a few very successful startups that compares one’s selfie with the government issue photo ID. However, always follow the money, if you know that multiple identities are using the same bank account to storing their winnings, you know you’ve been had.
As always, hire a strong fraud and risk management team should always be an upfront investment and shouldn’t be an after thought.