Online digital lenders have proliferated in the last few years, particularly following the financial crisis of 2009. As traditional lenders have scaled back as a reaction to the crisis, fintech companies have stepped into the void to continue providing consumer credit and the pace has accelerated with the recovery. Traditional lenders have also rebalanced their focus and have increased their digital efforts across all products trying to catch up with their nimbler rivals. As a result, the potential target for fraudsters to attack has become significantly larger and more lucrative and they haven’t held back their efforts to inflict maximum financial damage in the form of online lending fraud.
Several other important trends have contributed to the increase in fraud against digital lenders. With the increased scrutiny and stepped up efforts in other areas of finance like credit card fraud with EMV-based systems, the fraudsters did not go away but simply shifted their focus from their bread and butter schemes like credit card skimming to the more lucrative field of online lending.
In the process, they have turned the major advantages of digital lending – speed and convenience – against the lenders. With today’s expectations of instant gratification, consumers are increasingly going online for their lending needs for their fast approval times, usually while providing very limited information as part of the application process. And a significant portion of these consumers have limited credit histories, further complicating the application evaluation process. This presents major opportunities for fraudsters to obtain loans with no intention of paying them back.
Fraudsters are becoming more sophisticated in the process, building up their scale, and, as a result, the financial losses attributed to large, coordinated attacks. The same tools that have been available to the good guys are now used by fraudsters to scale – VPNs, cloud infrastructure, virtual machines. And the arsenal of fraud tools has increased as well – SMS and IP spoofing, online marketplaces on the dark web with PII data from data breaches, dedicated fraud software and even hardware, etc. As damaging as individual attacks are, the large size and unpredictability of losses resulting from large-scale coordinated attacks is what worries fraud departments most.
Though industry estimates of fraud losses vary depending on what industry source one trusts, there is no denying the fact that the numbers are large and increasing. In a recent report published by the Aite Group, 74% of FIs surveyed state that digital channel fraud losses increased over the past two years with identity crimes resulting in account takeover and application fraud being the top two leading causes of those fraud losses(*). And lenders face higher costs compared to other industries – for every dollar of fraud, lending companies incur $2.82 in costs including fees, interest, etc. according to LexisNexis (**).
There is also reason to believe that these numbers are underestimated – in many cases, fraud will be classified as credit losses and written-off due to the complexities of differentiating first-party fraud like bust-outs and loan stacking, and true inability of the borrower to pay off the loans.
The major types of fraud faced by digital lenders are application fraud, loan stacking and account takeovers.
Application fraud typically involves fraudsters applying using synthetic or fake identities with no intention of payback. With vast amounts of personal data available on social media and from hundreds of data breaches that occur every year, they can manufacture synthetic identities easily and use them to apply for loans. Gartner estimates that 25% of charge-offs are the result of synthetic fraud today and will increase to 40% by 2021(***). This is typically done at scale and does not get detected by legacy fraud systems, both rules-based and supervised machine learning ones, since they evaluate applications one at a time and miss patterns that are common across multiple fraudulent applications. While a typical individual application looks reasonable on its own, patterns such as shared IP address and device info across several applications is usually an indication of coordinated fraud.
This also underscores the importance of using digital data as part of the application evaluation process and is particularly beneficial when combined in a consortium that aggregates this type of data across multiple industries, institutions and geographies to enhance fraud detection. By aggregating different types of signals across clients, companies like DataVisor, with its Global Intelligence Network, can provide significant lift in detecting coordinated activity associated with application fraud.
Loan stacking, another type of fraud faced by lenders, occurs when the same borrower applies for multiple loans in a short period of time with no intent of paying it back, taking advantage of the speed of the approval process at digital lenders and delays in updating credit files. Considering that new accounts and credit inquiries can take up to 30 days to show up in a credit profile, it becomes clear why this is a lucrative loophole that fraudsters have taken advantage of at scale.
Account takeovers is another increasingly common type of fraud afflicting digital lenders that also takes advantage of the wide availability of stolen credentials, personal data and phishing attempts to infiltrate existing established accounts and use them to obtain and divert cash. Detecting account takeovers requires not just the ability to deal with big data, but also being able to aggregate data from multiple sources, incorporate behavior, transactions and user activity, etc in a holistic fashion to detect fraudulent patterns across all of the activity in real time.
The types of fraud faced by digital lenders require a fraud detection approach that is proactive and is capable of detecting patterns across multiple applications and account activities, without labels given that historical loss information may not be readily available. It should also keep up with changing attack vectors as fraudsters continue to shift their methods and techniques. At the same time this approach needs to minimize customer friction in order to avoid deterring legitimate good users while providing a valuable service.
DataVisor’s fraud detection platform, which combines unsupervised machine learning with client and consortium data, protects its lending customers against coordinated application fraud, loan stacking and account takeovers in real time, at scale, with very high precision and accuracy and low false positive rates. Head over here if you are interested in learning more about how DataVisor can help.