Identity fraud is absolutely out of control in the UK and there is, so far as I can see, no prospect of any form of infrastructure coming into place to deal with the problem. Whether we look at scammers going through Facebook to perpetrate dating fraud or going through LinkedIn to perpetrate invoice fraud or going through the Land Registry to perpetrate property fraud or going through Companies House to perpetrate corporate fraud, we can draw only one conclusion: identity is broken. Until we fix identity, we can’t attack fraud. And since it’s going to take a while to fix identity, even if we start now, that means that fraud is going to carry on getting worse. Don’t believe me? Then listen to a bank:
[Barclays] is predicting that online festive fraud will be at its highest ever levels in December 2017 and could cost shoppers more than £1.3bn.
From Barclays warns of unprecedented online fraud this Christmas
Well, here’s wishing you a Happy New Year! The truth is that we are under attack. It isn’t script kiddies and casual card counterfeiters any more, it’s organised crime. The Callcredit Annual Fraud & Risk Report surveyed over a hundred fraud professionals and found that more than three-quarters of them rated organised cybercrime as the biggest fraud threat to their organisations in the coming year. Given that current projections are that the damage from cybercrime will double from $3 trillion last year to $6 trillion in 2021, their fears are well-founded. I don’t need to labour the point: in the long term someone will fix the identity problem but in the short term we will continue to lose vast amounts to identity fraud.
Yet when those same fraud professionals were asked what their priorities were for the coming year, nearly nine in ten put regulatory compliance at the top of their list. At a time when organisations need to invest in defending themselves by using new types of dynamic data in combination with “traditional” identity verification and strong authentication techniques, the spend is going on compliance (which clearly isn’t working - if it was identity fraud wouldn’t be out of control). Surely the ROI on bringing in new and actionable data is such that it deserves a separate line in the budget? After all, the investment should be measured against the fraud in a couple of years’ time not the fraud of a couple of years ago.
Why do I focus on data in this way? The answer is that if there is any light at the end of the tunnel right now, it’s coming from the world of Artificial Intelligence (AI). If we look at what kinds of AI are being deployed in the banking sector and what they are being used for, we see that machine learning tops the list of technologies and fraud detection and prevention tops the list of applications. Companies will be able to use new forms of varied and dynamic data for fraud prevention precisely because it will be AI consuming that data and making effective use of the wider range of inputs. As more accomplished bankers than me have noted, the battleground for banks is data, and this is one of the key reasons why. Without data, you can’t do decent risk management and if you can’t do decent risk management… then why have the bank in the loop?
Comments
Post a Comment