Snynet Solution Logo
MON - SUN: 10 AM - 6 PM
+60 11 5624 8319

Blog

How to detect and prevent identity fraud

Image Description

Technology is changing the way people do business but, in doing so, it increases the risks around security. Identity fraud is especially on the rise. In fact, it’s estimated this type of fraud has doubled in just the last year. And, while the banking sector may be the juiciest target for attempted identity fraud, security is not purely a banking concern.

In 2015, damage caused by internet fraud amounted to $3 trillion worldwide. Latest predictions say it will be $6 trillion in 2021. This makes cyber fraud one of the biggest threats in our economy and the fastest growing crime. It is becoming far more profitable than the global trade of illegal drugs.

Enterprises all over the world need to focus on this cost-intensive problem. With over 1.9 billion websites and counting, there is a huge possibility for fraud to be committed – a serious problem that must be slowed down.

About the author

Charlie Roberts is Head of Business Development UK, Ireland & EU at IDnow

Most common identity fraud methods

Of all fraud methods, social engineering is the biggest issue for companies. It became the most common fraud method in 2019, accounting for 73% of all attempted attacks, according to our own research. It lures unsuspecting users into providing or using their confidential data and is increasingly popular with fraudsters, being efficient and difficult to recognise.

Fraudsters trick innocent people into registering for a service using their own valid ID. The account they open is then overtaken by the fraudster and used to generate value by withdrawing money or making online transfers.

They mainly look for their victims on online portals where people search for jobs, buying – and selling things, or connecting with other people. In most of the cases, the fraudsters use fake job ads, app testing offers, cheap loan offers, or fake IT support to lure their victims. People are contacted on channels like eBay Classifieds, job search engines and Facebook.

Fraudsters are also creating sophisticated architecture to boost the credibility of these cover stories which includes fake corporate email addresses, fake ads, and fake websites.

In addition, we are seeing more applicants being coached, either by messenger or video call, on what to say during the identity process. Specifically, they are instructed to say that they were not prompted to open the account by a third party but are doing so by choice.

How to fight social engineering

If organisations are to consistently stay ahead of the latest fraud methods and protect their customers, they need to have the right technology in place to be able to track fraudulent activity, react quickly and be flexible in reengineering the security system.

Crucially, it requires a mix of technical and ‘personal’ mechanisms. Some methods include:

Device binding – to make sure that only the person who can use an app – and the account behind it – is the person who is entitled to do so, the device binding feature is highly effective. From the moment a customer signs up for a service, the specific app binds with their used device (a mobile phone for example) and, as soon as another device is used, the customer needs to verify themselves again.

Psychological questions – to detect social engineering, even if it is well disguised, trained staff are an additional safety net that should be applied – and in addition to the standard checks at the start of the verification process. They ask a customer an advanced set of questions once an elevated risk of a social engineering attack is detected. These questions are constantly updated as new attack patterns emerge.

Takedown service – with every attack, organisations can learn. This means constantly checking new methods and tricks to identify websites which fraudsters are using to lure in innocent people. And, by working with an identity verification provider that has good connections to the most used web hosts and a very engaged research team, they are able to take hundreds of these websites offline.

Fake ID fraud

However, social engineering isn’t the only common type of identity fraud. Organisations should be aware of fake ID fraud. Our research indicates fake IDs are available on the dark web for as little as €50 and some of them are so realistic they can often fool human passport agents. The most commonly faked documents are national ID cards, followed by passports in second place. Other documents include residence permits and driving licenses.

The quality of these fake IDs is increasing too. Where in the past fraudsters used simple colour copies of ID cards, now they are switching to more advanced, and more costly falsifications that even include holographs.

Biometric security is extremely effective at fighting this kind of fraud. It can check and detect holograms and other features like optical variable inks just by moving the ID in front of the camera. Machine learning algorithms can also be used for dynamic visual detection.

Similarity fraud is another method used by fraudsters, although it’s not as common thanks to the development of easier and more efficient ways (like social engineering). This method sees a fraudster use a genuine, stolen, government-issued ID that belongs to a person with similar facial features.

To fight similarity fraud, biometric checks and liveness checks used together are very effective – and they are much more precise and accurate than a human could ever be without the help of state-of-the-art security technology.

The biometric checks scan all the characteristics in the customer’s face and compares it to the picture on their ID card or passport. If the technology confirms all of the important features in both pictures, it hands over to the liveness check. This is a liveness detection program to verify the customer’s presence. It builds a 3D model of their face by taking different angled photos while the customer moves according to instructions.

The biometric check itself could be tricked with a photo but, in combination with the liveness check, it proves there is a real person in front of the camera.

Fighting back

The threat of identity fraud is not going away and, as fraudsters become more and more sophisticated, so too must technology. With the right investment in advanced technology measures, organisations will be in a much stronger position to stop fraudsters in their tracks and protect their customers from the risk of identity fraud.

Date

20 Aug 2020

Sources

Share

Other Blog

  • 5 things you should know when choosing a SASE solution

    Secure Access Service Edge (SASE) is gaining ground as digital transformation is increasingly seen as an answer to the global challenges unfolding before our eyes. Yet, organizations are wary of its often complex and prolonged implementation and want to play it safe with their choice of SASE solution. Their needs may vary – some may want to focus on protecting crucial data, others go for combining networking and security features in the cloud, or streamlining their security wherever there is work to be done.

    Whatever your reason for choosing SASE, there are some universal considerations for getting the best out of your future SASE solution – read on to find out the most important ones.

    1. Perimeter 81 is the best business VPN 

    Save 250+ yearly hours on manual configuration. Deploy your entire organization within a single day. Learn why Perimeter 81 is TechRadar's choice for the best Business VPN. Ditch legacy hardware and make the move to the cloud. See how simple it is for yourself.

    1) Should you go for single-pass or best of breed? 

    Today many vendors offer so-called single-pass SASE solutions that combine broader networking and security features as part of a single platform. Considering the equal importance of the two, these solutions are marketed as “complete” since the same vendor will offer you both security and SD-WAN, for example.

    This option may sound like a dream come true, but few providers offer this type of solution even in 2021. This means that you may be limiting your selection options from the outset.

    Going for multiple vendors to deliver the best of breed functionality is a more flexible option for network security, WAN, and LAN. This means that you can choose a different provider for each component of the security system such as a firewall or VPN. The same goes for all the features you want to see in your SASE.   Yet, bear in mind that this type of integration can be more complex because you need to support sufficient interoperability.

    What you should certainly do is to go for the providers that are proven to offer quality support for their partners’ ecosystems. This will make the introduction of SASE or its integration with an existing infrastructure easier, and make the management of networking and security smoother and with fewer headaches down the road.

    2) Do you go for native cloud deployment or the edge? 

    Virtualization of network features with SASE can be done with the help of the public cloud. The other option is an approach with more focus on hardware, with the deployment at the edge of the cloud. Both approaches come with their sets of pros and cons.

    Virtual Private Cloud can be used with Network Function Virtualization to secure workloads that are part of these private clouds. The same goes for setups with multiple virtual private clouds of your cloud provider. What makes things a bit more complicated is that multiple environments require duplication of individual setups for each cloud service provider. This comes with additional costs and the need for more complex technical expertise.

    At the edge, you can have a single setup to cover all users and locations. Going with this option simplifies managing multiple functions in different environments which comes with greater efficiency and less trouble in terms of support.

    3) How close do you want to be to your assets? 

    Being closer to the source i.e. to the place where the data and applications are needed is important when it comes to planning their future management. The idea is that these valuable assets need to be made accessible to the users as fast as possible. This is where SASE comes into play as a way to distribute network architecture.

    To achieve this, SASE implementation relies on the public cloud, private data centers, and colocation. SASE stack operates with the help of nodes that are found in the proximity of the public cloud. The result is easy access to cloud-based resources which is not impaired by high latency.

    This is why SASE works best if your organization does not want to build its own secure access and networking infrastructure brick by brick. Instead of this, SASE will provide you with a single solution that functions as an umbrella for all devices, users, and policies. If you are after minimizing networking costs and streamlining deployment with the proximity of resources as a bonus, SASE is the path to go.

    4) Check your provider for the quality of integration and the global coverage 

    By definition, SASE should provide you with a platform that brings together security and networking functionality in a cloud-native environment. This should not be taken for granted, as some providers may market their solution as SASE despite failing to fully converge the services on offer. For instance, you can check if SD-WAN is fully integrated with security functions such as NGFWaaS or SWG.

    Also, SASE is a cloud-native solution, meaning that this quality should equally encompass all points that constitute your network’s edge.  This includes cloud, mobile, and on-premise environments.  

    Your SASE solution should also offer a balanced performance wherever it is needed. This is ensured by the points of presence that your provider operates to ensure the optimal experience of using SASE. Check these in advance to avoid unwelcome outcomes when trying to use an application you need at a critical moment.

    5) What about Zero Trust Network Access? 

    The traditional approach to protecting cloud and mobile environments with endpoint solutions does not cut it today when compared with SASE.  SASE uses Zero Trust Network Access (ZTNA) with a set of specific benefits.

    For starters, you will find it easier to introduce policies that can deny access to particular IP addresses. This allows for more granular access control all the way to individual identities.

    SASE with ZTNA allows for easier scaling of network security no matter how fast your network grows. This is made possible since it can support multiple tenants as part of a cloud-native platform.

    Also, better security with ZTNA is ensured by having SASE offer more than an ancient castle-and-moat approach which is often unsuitable for modern network topologies and edges.

    Conclusion 

    Choosing the best SASE solution is no easy task, but sticking with key considerations such as those we presented above should make it a bit easier. While minding all of them is useful, you should also consider that your individual use case will also have an impact on your final choice of SASE, as this is a complex technology and not a skeleton key for every situation you can think of. 

    Read More

  • The best Boxing Day and January sales 2020: early deals live now

    Everything you need to know about the Boxing Day and January sales this year, with all the best deals right here.

    Read More

  • Samsung Galaxy Tab S7 Lite, or Tab S7 FE, looks close to release

    Yet another name for the Galaxy Tab S7 Lite has leaked out, with a new rumor suggesting it'll be a 'Fan Edition' device.

    Read More

  • Apple wants to make sure you never forget your iCloud passwords again

    Apple reveals iCloud Passwords extension that will sync credentials between Safari and Chrome.

    Read More

Find Out More About Us

Want to hire best people for your project? Look no further you came to the right place!

Contact Us