We may not know precisely how many criminals operate on the dark web, but there’s one thing we do know: the barrier to entry for countless identity criminals is extremely low.
You don’t have to be highly skilled to engage in digital identity theft and manipulation. A would-be data exploiter doesn’t even need access to specialized web sites or web browsing tools. Recent investigations show fraudsters now access and use stolen identity data on mainstream platforms like Reddit and Telegram.
In fact, you don’t need much at all in the way of resources. Just $40 can buy a login to a verified online banking account on the black market. Compound that with the volume and velocity of valuable personal data that’s out there, and you begin to understand the draw to the “profession.”
Digital identities are under attack from more angles than ever before. This presents both a threat and an opportunity to bank leaders.
On the one hand, stolen identities pave a direct and costly path to bank fraud. A good example is the “compilation of many breaches,” where credentials from multiple breaches over time is leaked. This truly exposes how unhealthy our data hygiene has become with continuous re-use of credentials.
On the other, customers not only need help, they want it. This is opening the door widely for financial institutions to add more value and deepen relationships.
Yes, customers care about identity security
How do we know customers are seeking allies in the battle against identity thieves? Especially after many years of what could be described as consumer apathy around using security controls to protect themselves and their families? Post-pandemic research is providing new evidence of a growing desire for protection and support.
According to a study by Breach Clarity, consumers aged 18 to 35 are just as interested in obtaining personalized identity protection from their financial institution as they are in receiving free credit monitoring. This is especially true when they have experienced the hardship of identity theft and similar crimes in the past.
Beyond that, Cornerstone Advisors uncovered that fraud alerts were considered at least “important” or “critical” for nearly eight in 10 mobile banking users. The mobile banking feature ranked second-highest was the ability to turn payment cards on or off, a popular fraud-fighting action step. The same survey found that 76 percent of banking customers are concerned someone will steal their identity. All of this prompted Cornerstone’s managing director Ron Shevlin to advise banks to take a look at designing fraud assurance into their mobile platforms – in other words, to place a higher priority on the experience delivery of its security features, particularly in the mobile channel.
Easier said than done, though, right?
Among the challenges facing the average financial institution is the incredible pace of change to the fraud and identity security risk environment.
Just as lawful, digitally transforming organizations have made the strategic shift to agile processes and cultures, so have the bad guys. They know all about redeploying talent, launching new business models and shifting operations quickly to capitalize on fresh opportunities. Look no further than the rapid deployment of unemployment fraud schemes during COVID-19.
Against this backdrop, “designing-in” fraud assurance has to be done with an eye to continuous improvement and rapidly deployable innovation. Digital-native companies are great at this; banks less so. But, they are getting better thanks to partnerships that help deliver experiences through cloud-based platform models with the flexibility to add and remove features as the threat environment dictates.
Banks, however, have a much larger job than selecting the technology infrastructure to address growing customer demand for ID security. They must also think through delivery and experience. Things like UX and hyper-personalization will be critically important considerations to ensure the ultimate success of security-centric products and services.
But with acknowledgement of the problem, recognition of the opportunity and good mix of technology and human capabilities, banks can add more value for customers and deepen relationships along the way.