Fraudulent Credit Applications Starts with the Device

When Jim Smith opens a credit card account, he doesn’t have to pay the bill. That’s because Jim Smith is committing new account fraud by using Fred Jones’s name and Social Security number.

All Jim Smith needs is some basic information about Fred Jones, much of which is available in the phonebook, in his trash, in discarded files in the bank’s dumpster, or on social media sites. Maybe Fred also happens to work with Jim, and Jim has direct access to Fred’s files.

Once Jim has Fred’s information, all he has to do is go online with the PC in his cozy office, or head down to the local coffee shop and fire up his iPad, or even fill out a credit card application from his mobile phone.

Scenarios like this one happen all day long across the globe.  Credit issuers are constantly looking for new tools to identify fraudulent applications faster.

Since online credit applicants can fool you with any number of tricks to get approved for credit leaving you holding the bag for losses, instead of verifying identity information on fraudulent applicants, consider verifying the reputation of the device (or computer) being used to submit the application in the first place. When a fraudster connects to your business, the computer being used can be evaluated in a fraction of a second for its risky intentions.

If you know the device being used is a known fraudster, you don’t have to spend the time, resources, and money running other fraud checks such as verifying identity information.  You know the source is suspect and you can block the transaction upfront. Device fingerprinting coupled with the device’s reputation and risk profile helps identify the bad guys in the acquisition channel, so you don’t have to rely on other fraud detection tools that drive up the cost to decision an application.

Robert Siciliano, personal security and identity theft expert contributor to iovation, discusses credit card fraud on NBC Boston. Disclosures