Protecting Against New-Account Fraud: An Early Detection Approach

When financial institutions focus their fraud prevention efforts on customers already onboarded, they miss a critical early stage of the process. With evolving fraud techniques, detection needs to start as soon as an account application is initiated.

In a recent report titled
New-Account Fraud: Old Problem, New Challenges,
Jennifer Pitt, Senior Analyst in Fraud Management at Javelin Strategy & Research, explores the growth of new-account fraud and strategies for financial institutions to combat it.

“Fraud detection is a collaborative effort involving banks, consumers, identity protection service providers, and other organizations like email service providers,” Pitt emphasized. “It’s essential that we all work together.”

Setting Up the Foundation

Scammers often begin by creating non-financial accounts, such as email or social media profiles, where they avoid stringent identity verification measures. They only require a name or email address without verifying other details.

Creating these unverified accounts aids in establishing legitimacy. Financial institutions typically rely on static identity verification, checking if an individual belongs to a specific email address. The more validation performed before account setup, the easier it is to pass initial checks.

Static identity verification involves requesting copies of documents like driver’s licenses. However, due to advancements in AI and synthetic identities, these are easy to forge. Human eyes struggle to distinguish between real and fake IDs created by AI tools.

Besides documents, financial institutions use other static identity information such as names and dates of birth or previous addresses. These details can be obtained through background check websites for a small fee.

“Financial institutions must validate static identities but should also verify them dynamically,” Pitt advised. “For instance, asking someone to hold up their driver’s license while speaking into the camera.”

Monitoring Behavior

Behavioral analytics play a crucial role in distinguishing between human and bot interactions during application filling out. For example, typing patterns can indicate whether an action is performed by a person or machine. Long, suspiciously rapid completions of lengthy forms are red flags.

“Many AI tools and bots can use PII such as names and Social Security numbers to fill multiple applications,” Pitt noted. “If the same information is reused across several accounts, it can be flagged before onboarding.”

Bots are deployed to submit many applications simultaneously, aiming to gain access to multiple financial institutions. Once an account is established, a legitimate credit profile can be created, falsely legitimizing the accountholder.

Individual Challenges

Despite the impact on individual consumers being less visible, new-account fraud can still cause issues. Scammers use personal information to set up accounts, which may eventually link back to legitimate owners.

“If someone sets up a new account in your name, it could impede you from obtaining a mortgage or government benefits,” Pitt warned. “Consumers should be vigilant about monitoring their own information and signing up for identity protection services.”

The lack of noticeable transactions makes it difficult for consumers to detect such fraud. Depending on the account type, they might not even become aware until issues arise with credit history.

“I urge consumers to sign up with credit bureaus to receive alerts about any changes in their information,” Pitt suggested. “Identity protection services also monitor Internet and dark web activity for any signs of compromised data.”

AI Concerns

Some financial institutions refrain from using AI tools due to privacy concerns or customer friction.

“Financial institutions are currently only using limited AI tools in a restricted manner,” Pitt stated. “They should adopt more comprehensive solutions for identity verification, which vendors can integrate into their existing tech stacks without major changes.”

While the cost is significant, financial institutions must realize that failing to implement these technologies could lead to higher expenses from fines, customer loss, and legal challenges.