Mobile and online banking providers have been upping their fraud protection measures over the last decade, making it more difficult for bad actors to rely on some of the schemes that previously worked in such channels. The prevalence of CNP fraud, once the bread and butter of the enterprising cybercriminal, has steadily crept downward each year alongside other forms that game customers’ credit card numbers.
Cybercriminals are still masters of a thriving trade, though. Banks are dealing with rapid rises in fraud schemes such as ATOs, synthetic identity fraud and account opening fraud. Creating new credit or mobile device accounts is a popular application, which uses legitimate customers’ stolen information to defraud both them and their financial institutions (FIs).
Banks must be sure they are properly protecting customers against new account fraud and identity theft, but without adding frictions to legitimate customers’ mobile and online banking experiences. That is where technologies like artificial intelligence (AI) and machine learning (ML) come in, said Dominic Venturo, executive vice president and chief innovation officer for U.S. Bank. These technologies can run through large reams of data, adding more fraud protection layers to online banking and speeding up the review process for FIs that are on the hunt for fraudulent transactions.
“Improving our efficiency is great for us, but from a customer perspective, what that means is ‘less hassle, faster answers,’” Venturo said in a recent interview with PYMNTS. “If all you’re trying to do [as a customer] is log in … then we’re using different tools to make sure you are you when you’re doing that – without trying to get a blood sample along the way to prove it before you can see your balance.”
ML and AI can provide layered protection for new and existing customers, he added, a necessity in a banking world that sees synthetic identity theft and account opening fraud as preferred criminal tactics.
The Impact of ML on Account Opening Fraud
Banks need to think of their fraud strategies as items that are constantly changing, Venturo explained. Applying ML and other automated tools cannot be “one and done,” as innovation must be constant if banks wish to keep fraudsters out. Technology can help banks determine the differences between bad actors and real customers looking to open accounts while keeping legitimate customers happy, he said.
“In terms of new customer onboarding, that’s another area where you’re opening a new account,” Venturo said. “So, you have KYC, you [have] AML … and sometimes that process can get non-automated.”
Consider a customer who might share the same name as a high-risk individual, for example – something that would send that account to an analyst for a fraud review.
“That review process could take a little while,” he noted. “So, we’ve been using certain signal sources and ML tools to speed up that process, and to provide those analysts with the information in a more automated way that helps us improve our efficiency.”
Automating such processes has other advantages, namely that doing so can determine a potential customer’s legitimacy by working off behavioral patterns or other indicators. Legitimate banking customers thus do not need to provide additional information to verify their identities, keeping the onboarding experience easy and seamless.
“You don’t want to make it hard for legitimate customers to do business with you, but you also want to be able to manage the financials of the bank and protect the customer’s money,” Venturo said. “That’s another area where we’ve seen some good applications of ML tools, where they’re able to spot patterns across lots of disparate data that would be difficult – if not impossible – for a human to see.”
ML, Biometrics and the Future of Customer Authentication
ML and AI tools are growing more sophisticated each year, creating new opportunities for the FIs that wish to use them to guard against fraud. Banks can pair these technologies with others for more complex fraud protection, using biometrics as a customer-facing authentication method while AI and ML work quietly on the back end. They must also continue to ensure that authentication tools meet their customers’ satisfaction, Venturo said.
“Originally, [the industry] thought that voice was going to be the first biometric that would win, because every phone had a microphone and no phones had fingerprint readers,” he explained. "But as soon as phones had fingerprint readers, then nobody wanted to talk out loud. So, we don’t know what the next [popular biometric] will be and we don’t build any of them. What we do instead is we [ask], ‘How reliable are they, how pervasive are they, how predictive are they … and should we trust [them]?’”
Banks will need to continue upgrading their fraud protection strategies as cybercriminals inevitably find ways around defenses. ML and AI are likely to take on more important roles in protecting customers and banks from account opening and synthetic fraud. As the industry has seen, however, bad actors can quickly change their points of attack. Banks and customers will thus need to keep watch for fraud schemes in all possible directions.