If so many real identities have been compromised how can I stop fraudsters?
How can you ensure that someone is who they say they are BEFORE they complete fraudulent transactions or steal from your loyal customers?
At Token of Trust we’re helping our customers do this every day. Here are 5 things you can do to stop fraudsters in their tracks:
- Remember: no single data point is reliable. First and foremost – it’s important not to trust any single source of identity data. A fraudulent credit card or SSN is easy to come by and alone cannot be taken as evidence that someone is who they say they are. Look for multiple sources of identity and use all the data at your disposal to paint a picture of whether a visitor to your site or app is legit. Also remember that not all data is created equally. Some forms of identity can be better than others – since they are harder to spoof.
- Prefer dynamic identities. We think of identities in two forms – static and dynamic. Static identities tend to be fixed numbers and credentials – and when lost – are lost forever. Since the numbers don’t change over time, once someone has yours, they have it forever or for a very long time. Unfortunately this includes some of our most esteemed forms of identity – like our driver’s licenses, social security numbers, and passports. With more data breaches more and more of these identities are compromised. A dynamic identity on the other hand is something that can easily be changed or invalidated and new credentials issued on the spot. Typically checks for validity are done in real time and while they’re still subject to fraud fraudsters know that if they come into possession of these identities they need to act quickly to take advantage of them before identities are invalidated and credentials are changed.
- Check for consistency. e.g. location – social activities vs where they claim to be, IP address… device reported GPS coordinates, etc.
- Combine digital and real world identities for greater reliability. While it’s not easy it is certainly possible to get access to a person’s digital identity getting the full complement of online social identities AND real world identities is much more difficult.
- Use Anti-Fraud Tools and Networks. Just as there are bad guys out there building tools there are good ones too that have created a wide range of checkers that are capable of scrutinizing incoming emails, phone numbers, accounts and so forth for known or suspected fraudulent accounts. Depending upon your needs there are a wide range of technologies that might help you and most come with a free plan to help you get started: antideo.com, cleantalk.org, gator.io, sqreen.io, youmail.com, spamwipe.com, emailverifierapp.com and others depending upon your budget as well as the types and level of verification you require. At Token of Trust we use Facebook’s Threat Exchange Network plus a variety of other proprietary and 3rd party components to help us detect fraudulent users, bots and scammers using their phone numbers, email addresses, locations, account numbers and more.
As you implement some of these things don’t forget about the user experience. While visitors want to be safe and will respect you for your efforts they have little tolerance for overly obtrusive or clumsy attempts to secure data. Remember friction in your customer experience or on-boarding process needs to be carefully considered as you institute identity verification.
It is nearly impossible to keep out all fraudsters and hackers and technologies and techniques are always changing. For companies with extra development cycles implementing a couple of these steps today will make it a bit harder for fraudsters to infiltrate your community.
Of course we’ve built Token of Trust with these things in mind… So if you’d rather having your team building a world-class product that keeps loyal customers coming back then consider partnering with us. We’ll keep out the bad guys and while you build a great product. Sign up for a free trial today.