Identity fraud is when someone that isn’t you uses your personal information for financial gain. Once a fraudster has stolen a person’s credentials, they can use them to access a range of services. For example, they might open a bank account, obtain credit cards or loans, take over accounts, apply for identity documents such as a passport or driving license, or take out a mobile phone contract.
Identity fraud impacts not only individuals, but also businesses. And the rate of fraud is growing. Our research shows that identity fraud has increased 44% between 2019 and 2021. While there are many things consumers can do to protect themselves online, businesses also have a responsibility to protect their customers and their bottom line by implementing fraud detection solutions.
What is the difference between identity theft and identity fraud?
The main difference between identity theft and identity fraud is that identity theft is the act of stealing personal information. In contrast, identity fraud is when a criminal uses this information for their own gain. They are two sides of the same coin. Both are a crime.
Fraudsters will attempt to steal personal, private or financial information, including a person’s name, Social Security number, date of birth, address, passwords, credit card numbers and bank account details. They might not be able to do much with one of these alone, for example just a person’s name. But the more information they can get hold of, the easier it then becomes to commit identity fraud.
Once a fraudster gets hold of stolen information, they’ll use it for their own gain. For example, they might create a fake ID, false credit card applications, false loan applications, fraudulent withdrawals and fraudulent transactions. Identity fraud affects not only the individual but also the business involved.
5 common ways fraudsters commit identity theft
Fraudsters could steal a person’s identity documents or bank cards, which would give them access to personal information. Sometimes they might also get hold of utility bills (or similar) from documents or mail that people throw away. For this reason, individuals should shred any documents with personal information on before discarding them.
Data breaches can compromise anything from a person’s address to their date of birth, passport number or driving license number, or even images of an ID. The number of data breaches in the first half of 2021 were 17% higher than throughout the whole of 2020. Plus, much of the information obtained through data breaches ends up for sale on the dark web. Atlas VPN found bundles of data including Social Security numbers, full names, driver’s license numbers, passport numbers, and email addresses available for as little as $4.
Fraudsters might call individuals pretending to be a genuine business and mislead them into giving away personal and financial information, or making a transaction. Sometimes, they could already have some personal information and will use this as a way to convince people they are genuine.
Malware and ransomware attacks are just two of the network-compromise attacks fraudsters can use to hack, or leverage, information from both individuals and businesses online.
Fraudsters will send an email that appears to be from a trusted company or person, getting victims to click a link or download an attachment. This link is often a virus that will allow them to access a person’s online information.
What is an example of identity fraud?
One example of identity fraud is synthetic identity fraud, which is considered one of the fastest-growing types of financial crime in the United States. The US Federal Reserve estimates that US banks lost $20 billion to synthetic identity fraud in 2020.
Synthetic identity fraud is when someone combines both real and fake information to create a new ‘Frankenstein’ identity. Part of the information used to create the synthetic identity will most likely be stolen.
Fraudsters use synthetic identities to open accounts or other actions that help them build up credit and seem real. Then once they’ve built up a credit record and are considered a qualified borrower, they max out and disappear.
To learn more about synthetic identity fraud, read our blog Protecting your business against synthetic identity theft.
The impact of identity fraud
First and foremost, fraud hits businesses’ bottom lines. One survey highlights that organizations could be losing up to 7% of their annual turnover as a result of fraud. And yet only a small percentage of these losses are ever recovered. These losses encompass paying back victims, as well as the internal costs of supporting and rectifying issues.
But it’s not just monetary loss. Fraud can also cause reputational damage to businesses. And for individuals, it impacts their credit score, but they might also lose personal funds.
How to detect identity fraud
Given the many tactics fraudsters employ to commit both identity theft and identity fraud, as well as the amount of personal information available online, it’s imperative that both individuals, and businesses, take steps to protect themselves.
At account creation
Businesses should put measures in place from day one to help identify signs of fraud. This not only protects consumers but also protects a business from financial crimes such as money laundering and terrorist financing.
By introducing a mixture of background checks, signals and identity verification, businesses can dial up and down their fraud prevention approach based on risk tolerance and a customer’s profile.
For lower-risk customers, this enables businesses to detect fraud without introducing friction. For example, they can analyze IP, geolocation and device integrity. For higher-risk customers, businesses can introduce document and biometric verification to build greater assurance in that customer’s identity.
Later in the customer lifecycle
Building on this document and biometric solution, businesses can then leverage authentication during instances where a customer’s identity might be called into question beyond account creation. Biometric authentication offers an automated, high-assurance way to check if it's still that same customer who created the account on day one trying to access the account or make a payment today.
Find out more about Onfido’s fraud prevention solution and how it could help you protect your business from fraud.