Are High-Security Checks Worth It?

Published on May 3, 2023 by Jimmy Fong
Getting a loan used to be an exercise in patience, red-tape navigation, and resilience in the face of rejection. Of course, that’s if you actually had the credit and collateral to qualify at all.
Now, as banking experiences move increasingly towards purely digital environments, banks have seen the potential profits of offering small loans to a wider range of customers, even if they can’t assess their credit in a traditional way. Opening up the doors to more borrowers effectively democratizes spending power, but also exposes lenders to a greater risk of fraud and noncompliance.
As they cast these significantly larger nets over the market, banks and lenders have profited immensely from the catch they pull up. However, as these nets troll deeper depths, how many delicious and profitable shrimp are they bringing aboard? And how many high-risk sharks?
More importantly, how do you tell the difference between a shark and a shrimp? SEON explores the depths and tells you how to mend your net.
Loan-providing institutions hoping to capture the juiciest part of the emerging microloan market have to balance including as many customers as possible with excluding bad actors, and giving a wide berth to risky ones.
Before diving deeper, note that the lending industry could be seen as having two buckets of risky customers. One bucket is for loan applications that run too high a risk of ending in default. The other is for those customers who represent a legal high-risk and therefore should trigger a different internal response. While discussing customer segmentation, risk assessment, detection, and prevention in this article, we’ll be pouring both buckets into a larger single one.
Since brick-and-mortar banks have started falling by the wayside in favor of online and in-app banking experiences, financial institutions have realized the immense market potential of microloans and loans to the underbanked. People who were traditionally seen as unsafe borrowers – those who didn’t own a home to prop up their loan, for example – are now being presented with options to increase their personal spending power.
The problem is, these customers are often being offered these kinds of services for the first time, and may lack the credit history of a more traditional borrower.
To bridge the gap in their credentials, as well as maximize new customer sign-ups, some lenders may adopt a data-driven onboarding process that relies on digital information. That information may or may not provide as much underwriting security as an in-person risk assessment. Either way, this practice represents a wider portal for all customers, including risky ones. Bad actors who present risk by way of, for example, being sanctioned, can more easily slip through this portal under an assumed identity that is harder to detect in a digital credit checking environment.
Accepting customers who certainly constitute a high risk – that is, those who represent a potential compliance issue as opposed to those simply likely to default – also represents increased maintenance costs. Customers identified as risky, such as those appearing on a politically exposed person (PEP) list, should trigger Enhanced Due Diligence (EDD) protocols, which require more involved ID verification, verification of the intention for loans disbursed, and ongoing monitoring for suspicious behavior.
In short, high-risk borrowers offer two distinct problems for lending services:
These challenges are known throughout the industry, as well as to the lawmakers who design the safety mandates around them.
Anti-money laundering (AML) regulations apply within the lending vertical, meaning lenders must carry out the associated due diligence. This includes:
Controls like these help preclude money launderers and fraudsters from exploiting the anonymity of online loan applications. Lenders and microlenders that balance their friction and security with too much leniency towards identity verification risk falling out of grace with regulators as well as public sentiment. Failure to implement such a framework can result in massive fines and incalculable reputational damage.
Generate more accurate credit scoring to measure risk by leveraging alternative data, and real-time data from digital and social profiles.
Get a Demo
Regardless of whether a customer represents an underwriting risk or a regulatory one, lenders have to break out their finest-toothed comb and their most polished magnifying glass. In an online context, it’s in their best interest to do those things at real-time speed or close to it.
Tools like SEON are basically digital combs and magnifying glasses. So, when scrutinizing a new borrowing account or loan application, what signs of risk should you be looking for?
Fraudsters know that they are trying to beat the risk assessment that happens when onboarding with a digital lender. They know these lenders, even ones who have adjusted their risk thresholds to cast a net with a much wider scope and finer weave, will be scrutinizing their identity for signifiers of malintent. Therefore, they must find a way to hide their malintent behind a trustworthy face.
First, consider the kind of fraudsters that companies disbursing loans digitally will likely have to contend with:
For all of these major issues, identity verification will be the most important frontline for both the fraudsters and the fraud fighters.
To address the particularities of online lending and microlending, including buy now pay later (BNPL) providers, identity verification should be stringent when it comes to detecting anomalies. Lenders should deploy fraud investigation software to assess each new account and loan, digitally asking questions like:
To answer these potentially complicated questions, companies should be tailoring their fraud detection tools around these pain points. Risk-based prevention software like SEON does this in multiple ways:
Notably, loan providers are generally required to carry out customer due diligence (CDD) and Know Your Customer (KYC) checks, which include the identity verification (IDV) process. These processes will require the submission of government-issued documents, which can be forged, but will be an important step in building identity confidence when underwriting a new customer.
When it comes to building the strongest levy against the flood of loan fraudsters, software that can perform these things is at least the sand, maybe even the bags themselves. However, there will always be a need for human counterparts to find and plug leaks, sometimes making the final call on who is risky, and whether or not that risk is worth it.
At a technical level, techniques for fraud detection such as device fingerprinting can detect and assess extremely minute data points to catch nefarious actors. They are granular enough that they’re either unnoticed or too cumbersome for fraudsters to work around, and therefore are great footholds for fraud detection. Here are three rules that online lenders can deploy.
Loan fraudsters are aware their success depends on convincing lenders that they are who and where they say they are. A common tactic for a digital loan fraudster is to acquire or create an identity, then create a believable digital footprint that will roughly match that identity. As these false or stolen identities may be from anywhere in the world, many fraudsters may want to develop this footprint by spoofing an IP location near their falsified address, or else employing a nearby datacenter.
Device hashes are unique enough that if multiple users appear to be using the same device, alarm bells should sound, particularly with the increasing popularity of mobile banking and borrowing. Browser hashes perform a similar fraud detection function for desktop users. Such instances should, at least, be manually reviewed, or have the attached risk score pumped up significantly.
This screengrab from inside SEON’s custom rule editor shows a rule that has been tailored to this specific case. Here, the rule is scanning for instances of multiple accounts being used on the same device within a day – a good sign of a fraudster making several fraudulent loan applications coordinated from one computer. In the rule editor, the risk score this rule assigns can be adjusted, or this transaction could be escalated to manual review, and additional parameters like specific geolocations could be added to make the rule more specific and reduce the potential for false positives.
In pursuit of a synthetic ID that looks convincing to digital lending risk assessment, fraudsters will often attempt to flesh out their fake profiles with human-like qualities. Naturally, this includes things like mobile phone numbers and, of course, social media accounts.
However, building a realistic social media footprint is a time-consuming undertaking, especially for fraudsters hoping to scale their crime and maximize illicit profits. It is unlikely that such a setup will have the resources to add more than one social media profile, if any.
In this screengrab, a custom rule has been set up to detect such anomalies. This example is looking for small social media footprints of a specific variety, likely in response to a particular pain point. LinkedIn is a common social media account that also (obviously) presents a more professional facade than, say, Instagram, so is a good candidate for fraudsters who want to bypass social media presence checks. In 2023, however, it’s unlikely that an email account only has a LinkedIn account associated with it, and if the phone numbers used to register are online-only and free, fraud teams will want to take a second look.
Though this rule calls out LinkedIn and free phone services specifically, and currently is not set to assign a particular score, every field in the shot can be customized to scrutinize a particular social media site, over what period of time, and what action to take when it is triggered.
Notably, in the lending industry, this kind of social media footprint can also inform the loan applicant’s overall default risk assessment.
Regardless of vertical, custom rules like these are specifically used to detect the possibility of an account takeover. High-risk customers, in particular, are both more likely to be targeted by ATO and, if the attack is successful, to expose the lender to huge compliance issues.
Though there may be any number of reasons why an already-onboarded customer might suddenly have a new IP and device hash – going on vacation with a new phone, for example – this situation should at least raise eyebrows for fraud teams with a well-defined risk appetite. For industries plagued by fraud, it’s likely to be a cause for concern. In the context of high-risk customers specifically, this is even more important, as high-risk customers should have their actions continuously monitored for just such a possibility. This monitoring is required by AML regulations, so failure to detect an ATO-backed unauthorized login could mean fines or worse for the lender.
When it comes to identifying high-risk customers and precluding fraudulent actions associated with them, SEON offers every piece of tackle needed to land the big bad fish.
SEON’s fraud management APIs and device fingerprinting provide a huge array of data points to scrutinize for risk. The typical risk indicators associated with high risk in the lending industry, as discussed above, are part of SEON’s wheelhouse. The resulting determinations by the machine learning-fueled risk assessment can segment high-risk customers or preclude them from continuing their application.
Partner with SEON to reduce fraud rates in your business with real-time data enrichment, whitebox machine learning, and advanced APIs.
Book a Demo
SEON’s AML screening functionality is a crucial component for lenders who want to minimize risk. What constitutes a high risk is, to a certain extent, up to the individual loan provider, but that definition should certainly align with the definition mandated by applicable legislation. Reaching AML compliance is not a process that can be fully automated, but SEON provides risk teams with the data necessary to carry out due diligence, including list screening, investigating beneficial ownership, and even informing adverse media checks by providing associated social media accounts.
SEON’s goal is to democratize fraud fighting, to create a collectively more fraud-free world. The democratization of spending power through low-friction loans and BNPL is a powerful and obviously worthwhile pursuit. Inevitably, however, the tide of fraudsters that swells up beneath it will be an issue. SEON is prepared to control the waves before they crash – that is, as early in the customer journey as possible – so loan providers can stay afloat.
Showing all with `` tag
Click here
Jimmy Fong is the Chief Commercial Officer of SEON. His expertise in payments saw him supervise the acquisitions of companies by Ingenico, Visa and American Express. Jimmy’s enthusiasm for transparent sales and Product-Led-Growth companies drives SEON’s global expansion strategy, and he interviews both fraud managers and darknet fraudsters in our podcast to stay on top of the latest risk trends. Yes, it’s also him wearing the bear suit on our YouTube channel.
The top stories of the month delivered straight to your inbox