By: Rob Campbell is Head of Product and Industry Marketing at Callsign
If you’re anything like me, you fill out a lot of application forms. Want to place an ad to sell some of your old stuff online? You’ll need to fill in an application form. Want to add your partner to your credit card? You’ll need to fill in an application form. Want to sign up for a newsletter from your favorite brand? You’ve guessed it, you’ll need to fill in an application form.
Often, these application forms represent a weak point in a system that fraudsters can exploit. If for example, a bad actor knows your name, address, and date of birth, what’s stopping them from impersonating you on a website and applying for a credit card in your name? All too often the answer is, ‘not a lot’.
Unsurprisingly this type of fraud has become increasingly common. The dramatic shift away from physical, in-person, applications towards digital anonymized interactions has given bad actors the opportunity to industrialize deception through sophisticated bots and algorithms.
In fact, a recent report by the Aite Group identified that application fraud worldwide is projected to cost $4.1bn a year by 2023. Although financial institutions are the most vulnerable, insurance companies, travel organizations, and e-commerce businesses are also at risk.
Clearly, businesses need to put controls, technologies, and processes in place to stop the threat of application fraud. However, these controls are often so cumbersome and inaccurate that they either put prospective applicants off or prevent legitimate customers from getting access to the goods or services they need.
Surely there’s a better way?
What Is Application Fraud?
In short, application fraud is when a bad actor opens an account under false pretenses. They can do this in three main ways;
Firstly, a bad actor might misrepresent their own information to get access to a product that they wouldn’t otherwise be eligible for. Known as first-party fraud, a fraudster may, for example, claim that their earnings are much higher than they really are in an attempt to get access to a huge loan that they are not able to pay back.
The second method, known as identity theft, is where a fraudster gets access to another person’s information, and applies for a product in their name. This type of fraud is disturbingly easy to commit. Frequent corporate data breaches and the general availability of private data on social media gives fraudsters ample opportunity to find victims. The problem is so large that in 2020 almost 50% of businesses in the UAE had been in some way impacted by identity theft.
The third and final method, known as synthetic identity fraud, is used by particularly sophisticated bad actors who seek to combine real and fake information to create a fictional ‘person’, and then complete an application in that fictional person’s name. Fortunately, because of the widespread use of ID cards in the UAE, committing this type of fraud is all but impossible. In other geographies, the USA in particular, synthetic ID fraud is a huge, and costly problem.
Open Banking To The Rescue
As you can see, application fraud comes in many different guises. Tackling it is complex and, until recently, there has been no ‘one size fits all solution. In an effort to counter it, most organizations have stitched a couple of technologies and processes together in a haphazard fashion without any real consideration for the end-user.
Credit and affordability checks are the first port of call for organizations looking to counter application fraud. Banks for example will ask prospective customers to produce proof of their identity and income or undergo a credit check before they are given access to an account.
These methods are deeply flawed. Identity documents and proof of income can be easily fabricated or stolen, whilst a credit check only proves that the person named in the application form can afford the product, not that the applicant is who they claim to be. What’s more, these methods also place a burden on the customer to complete an off-putting task, like print out a letter or present a copy of their ID documentation.
Fortunately, open banking offers both businesses and users a speedy and secure application journey.
Open banking is a common and secure protocol that allows users to securely share information from their bank account with another business. This information can be used to prove both a user’s identity and their eligibility for the product in question. In short, it allows users to apply for a product with a single click. No more identity documentation checks, and no more proof of income checks.
Not only is this significantly more convenient than the current system, but it’s also much safer. Would-be fraudsters would find their well-honed document forgery skills completely redundant. Businesses would be sure that applications made via the open banking protocols are legitimate, and users would find that moving their digital identities from the public realm of the open internet to the private realm of the secure open banking channel makes everyone much safer.
Originally a European Union initiative, open banking has gained significant traction in the middle east. Bahrain implemented the protocol in 2020, Saudi Arabia seeks to launch the capability in 2022, and regulators in UAE are now paying serious attention to it.
Whatever happens, it’s clear that by adopting improved technologies and common protocols, application fraud will become a thing of the past.