5 Authentication Strategies that Catch Fraudsters Red Handed

5 Authentication Strategies that Catch Fraudsters Red Handed

5 Authentication Strategies that Catch Fraudsters Red Handed

Part 2 in a 2-Part Series

Part 1 in this blog series discusses some of the most challenging tactics fraudsters use to access member data. Read on for proven strategies that will help you circumvent their efforts.

From Facebook to Venmo, LinkedIn and Nextdoor, social media sites continue to enjoy immense popularity with consumers. For fraudsters, though, they are more than just a fun way to connect.  These platforms are flush with consumer data, information that criminals can use to access cards and accounts – and steal identities altogether.

According to Karen Postma, SVP, product-fraud and contact center, CO-OP Financial Services, fraudsters today can easily obtain consumer information ranging from social security numbers and mothers’ maiden names to how many fireplaces are inside a potential victim’s home – answers to questions routinely asked by financial institutions during authentication.

To successfully protect member cards and accounts in the age of social media, credit unions must adopt a layered approach to authentication, Postma says, employing three or four different methods in the process.

Here are her top five strategies for success:

  1. Identify the Devices Involved in Any Point of Contact

“If a credit union can recognize that the caller has dialed out from a phone with a Voice Over IP or from a prepaid device, that might be a red flag,” said Postma. “A call from a landline or cell phone that is registered is more likely to be the member. Plus, if we can access manufacturing data on the cell phone, we can then authenticate the caller with the obscure question, ‘Who is your cell phone provider, and how long have you been with this company?’”

  1. Employ One-Time Passwords – Strategically

Issuing one-time passwords is another effective authentication practice, as long as passwords are issued to the email address or cell number on file for the member. “Fraudsters will try to call in and give you their own cell numbers and email addresses in order to get a password,” she said.

  1. Leverage Data with Machine Learning

Postma points out that consortium data models are very effective. “They have saved millions upon billions of dollars over the years,” she said. “Machine learning takes the concept a bit further by recognizing that the way two people transact is never the same.”

Because machine learning systems learn what fraud is on the spot, they also adapt and address it in the moment. “Fraud trends come and go quickly,” she added. “Within a two-hour window today a new trend could surface, and machine learning systems could potentially catch that trend before a crime is carried out.”

To help credit unions leverage all the benefits of machine learning, CO-OP has embarked on a major technology initiative this year and will launch an advanced machine learning fraud detection solution within the next few months.

  1. Prepare for Biometrics

Biometrics are fast emerging as one of the industry’s most effective authentication tools, according to Postma. “When you think about the mobile environment, and the fact that these devices all have cameras, the question becomes ‘Can we authenticate through facial recognition and fingerprint scans?’ The technology is a little young, but it will evolve, and we will get there.”

  1. Consider the Member Experience

A layered approach to authentication is a must going forward, affirms Postma, but she advises credit unions to implement it with an eye toward member service.

“Lengthy authentication processes can impact the satisfaction of your members, so if there is a way to validate them that isn’t as cumbersome, try that first,” she said. “But if, for example, you deploy device ID behind the scenes and there is risk associated with the device, move to the next level.”

Putting It All to the Test

While a layered strategy has all the elements to prevent fraud in theory, how does it perform in practice?

Idaho Central Credit Union recently expanded its authentication practices, for example, by adding out-of-wallet questions to verify member identities prior to activating mobile wallet tokens. The approach is working well for the credit union.

“For less risky transactions, they implement one or two methods of authentication, and for riskier situations, they add the out-of-wallet questions to ensure members receive that extra layer of security,” said Postma. “With this strategy in place, they have been able to catch fraudsters much more consistently.”

Recently, CO-OP began working with Idaho Central on a new generation of advanced authentication tools for mobile wallet activation, an initiative designed to benefit other client credit unions as well.

“Because fraud is so common and preventing it is such a high priority for Idaho Central, having CO-OP as a partner in securing member data is extremely important to us,” said Mason Oswald, product manager for Idaho Central Credit Union. “We understand the complexity of fraud and that it is at the forefront of CO-OP’s strategy. This is why we trust CO-OP in such a critical role; their strategy aligns with our vision.”

Postma added, “Fraud is constantly evolving, and you always need to be thinking about the next challenge. CO-OP has layers of protection in place – from advanced neural network technology and analytics to the industry’s most experienced team of fraud analysts. With initiatives underway for machine learning and biometric fraud prevention solutions, we continue to advance our capabilities to ensure that client credit unions are well equipped to address future threats effectively.”