How to Detect Multi Accounting for Digital Banks;

Why Is Multi Accounting a Problem for Digital Banks?

Digital banks are high-growth companies. They must onboard new users fast, and one strategy for user acquisition includes referral bonuses

To make matters worse, digital banks want to offer a seamless user experience, sometimes known as docless or frictionless KYC. 

Unfortunately, fraudsters are keen to exploit these strategies, which they do by creating multiple accounts (multi-accounting).

This causes a slew of issues, such as:

  • wasted marketing dollars
  • wrong user numbers
  • bad analytics and KPIs
  • KYC and AML compliance issues
  • more fraudulent activity in the long run, including loan defaults.

The last two points are worth elaborating on. In terms of compliance, digital banks that onboard fake users are more likely to be fooled by stolen IDs and synthetic IDs, which may put them at the mercy of regulators in the event of an audit.

As for the default rates, fraudsters who create multiple accounts for bonus abuse aren’t going to stop there. They will then extract as much value as possible from these accounts, including tapping into the overdrafts and asking for loans they have no intention of repaying. 

How Do You Detect Multi Accounting in Digital Banks?

The best way to spot any kind of multi-accounting is to find hidden connections between users. And the best way to spot connections is to have enough data to begin with.

This may start with obvious data you can collect at the point of registration, such as:

  • email address
  • phone number
  • IP address

But there are also thousands of hidden data points ready to be revealed thanks to data enrichment. This is helpful with any user, but particularly with those trying to spoof or hide their real identities, such as fraudsters.

This is the kind of data a good fraud prevention system will be able to point you to:

  • VPN or proxy usage
  • virtual SIMs
  • device hardware and software info
  • linked social media profiles
  • email address maturity
  • etc

Then, you can begin connecting the dots. But of course, rather than manually looking at similarities between users, you can let a fraud prevention system do it automatically. 

The API integration will gather and send all the data. Then you can make automated decisions thanks to custom rules.

Top 3 Custom Rules for Preventing Digital Bank Multi Accounting

Let’s now look at some of the most useful custom rules for spotting fraudsters who create multiple accounts.

hashes

In SEON, a hash is a secure, encrypted way to establish an ID. And that ID helps us identify unique configurations for:

  • A browser: The browser hash is created based on the browser type, version, installed plugins, etc… Sometimes, legitimate users may share identical configurations, but it is fairly rare.
  • Cookies: A cookie hash reads the user’s browser cookie, which relates to the user’s browsing history. 
  • Device: The device hash points to the kind of device used to connect to the site, as well as the OS version and other relevant data points.

The key is to understand that, while it’s not impossible for multiple users to share one of the hashes (for instance if using the exact same device brand and version), it’s nearly impossible for two unique users to share all three. So anyone who does so is highly suspicious.

In fact, similar hashes can be one of the strongest indicators of multi-accounting, which is why this rule is so powerful.

#2: Email Address Is From a Disposable Domain Provider

disposable email

A disposable email address is rarely good news. Your user clearly has no intention of linking it to their real-world identity.

This can usually be confirmed by looking at linked social media networks, where it’s unlikely you’ll find profiles created with that address. 

#3: IP Address Points to VPN or Proxy

VPN Proxy

Not all VPN users are bad.

But in the context of account creation, VPNs are also one of the quickest, most efficient ways to make it look like you are different people – which is why fraudsters use them to spoof IPs, hide their geolocation, and generally attempt to fool your onboarding team. 

More Ways SEON Can Stop Digital Bank Multi Accounting

When it comes to detecting multiple accounts, the more data you have, the better.

This is why SEON lets you enrich data based on your current available information – but you also have full control over the kind of custom fields you can send the APIs. 

https://resources.cdn.seon.io/uploads/2022/04/SEON-data-fields-examples.gif

Better still, you can visualize connections between accounts to immediately identify fraud rings and users who own multiple accounts.  

Customer Connections

The goal? Giving you complete control over who you accept during the onboarding stage, with a strategy that adapts to your risk appetite and helps meet new application goals. 

Share article

See a live demo of our product

Click here

Author avatar
Tamas Kadar
CEO

Tamas is the founder and CEO of SEON and an expert in all the technological aspects of fraud prevention.


Get our latest newsletter

Join over 6000 companies in getting the latest fraud-fighting tips