Posted by Fernando Lopez, FICO
Fraud has always undermined profitability and customer experience (CX). According to CFCA, 51% of service providers report fraud alerts continue to trend upwards for their companies. Similarly, 64% report fraud losses have held firm or increased. And yet, 25% of consumers worldwide, 21% in the US, and 18% in the UK, according to the latest research from FICO, have abandoned application processes for mobile services because the identity checks took too much time to complete or were too difficult.
In a world that has rapidly digitalized, communications fraud has become an even bigger conduit for scams, identity theft and financial crimes. One effective way for service providers to protect customers against them is through automated, real-time, two-way communication and notification.
51% of service providers say fraud alerts have increased in their companies.
64% of service providers say fraud losses in their company have increased or stayed the same.
Emerging frauds victimize customers
Many of the fastest emerging frauds CSPs report are also at the root of nefarious scams committed against their customers. For example, CFCA lists among the top emerging frauds:
- Caller ID spoofing
- SIM swapping
- PBX hacking – when fraudsters get access to a firm’s phone system and generates a profit by making repeated international calls – all at the company’s expense.
- and SMS spoofing
All these schemes can tie back to identity thefts and account takeover scams. Crooks steal identity information to later impersonate a customer, gain control of their mobile service, reset passwords on banking and shopping accounts, and commit crimes. The impact of this kind of fraud can be catastrophic to a customer, potentially resulting in the loss of their money, mobile device, online and social accounts, and digital identity all at once.
Communications service providers should be aware of the escalating threat this collection of frauds poses to their businesses and customers. Keeping customers safe will involve a combination of techniques, but at the root of them all will be real-time fraud communications that empower customers to protect their identities, accounts, and livelihoods.
Protecting customers with real-time communications
A market irony is that while service providers enable all the communications options customers now have available, they sometimes fail to adopt and utilize them to serve in personalized ways.
Today’s customers use combinations of voice, text, real-time messaging, email, and mobile apps as well as interactive voice response (IVR), self-serve portals, chatbots, and human agents. Communicating clearly with customers means meeting them where and when they prefer – especially in an environment where robocalling and smishing have made many wary of unsolicited communications.
There are many scenarios where real-time communications over customers’ preferred channels can be used to keep customers safe and looked after in the face of various scams.
Application fraud: For a mobile operator, add-a-line incentives can be among the most aggressive offered because customers are the best source of low-cost subscriber adds. In the US, businesses may pay just $20 or less per month for a robust unlimited data plan on each added line. This makes an ideal scenario for a huckster, posing as a corporate employee, to abuse a weak in-store process and convince a staffer, eager to make a commission, to provide a new phone with an active SIM and charge it to the company.
Variations of petty frauds like this can be common given many customers do not view them as being wrong. According to the latest consumer research from FICO, 38% of consumers worldwide, 38% in the US, and 37% in the UK, say that it is either OK in certain circumstances or normal behavior to exaggerate income on an application for a cell phone contract. This suggests that committing petty subscription frauds may be beyond the moral appetite of most people (56% worldwide, 56% US, 62% UK say people should “never do this”) but remains a reasonable option for more than a third of consumers.
Some of these frauds can be solved with automated, real-time communications. For example, using find-me-follow-me techniques to contact an authorized approver, a real-time, two-way communications channel can enable a premium, anti-fraud customer experience that protects business customers from petty but costly and common subscription fraud scams.
Number port defense: Number porting processes are tricky. Regulators insist on fluidity in mobile markets, which means too much friction in the porting process can be branded anti-competitive. Many service providers treat number porting as an administrative burden, which means the process may be equipped with identity and fraud checks, but it may not be as stringent or efficient as it could be.
Scammers attack this process and either persuade or bribe agents to process fraudulent ports. Once a number is ported to a phone they possess, the scammers can receive one-time passcodes, reset passwords, and take over mobile and bank accounts.
A simple way to protect a mobile operator’s customers from this scheme is to require live customer authentication of number ports using real-time, two-way communication over channels more secure than SMS. By alerting a customer that a port has been requested, the customer has an immediate opportunity to deny the port and protect themselves from fraud, or to accept the port if it was intentional.
Mass data compromise remediation: No company likes to wake up to the news that its customer data stores have been breached by hackers, but the consequences only worsen when no action is taken. With the ability to mass communicate to customers in real-time over any channel, operators can begin to automate their responses and remediation processes for large-scale attacks. This capability should combine with automation for follow-ups, opt-ins, and compensation to impacted customers, to create repeatable remediation processes.
These processes go beyond sending mass emails or texts. Rather, this scenario infers integrated follow-up processes where customers can take action to drive and pursue solutions. Looking to our first example, a service provider could mass communicate an automated opt-in for all customers that want to require additional authentication checks before permitting number ports from their accounts, given their numbers may have been exposed in a data breach.
Where it’s headed
Based on CFCA’s data, the variety and frequency of scams that CSPs and their customers face is increasing. From robocalling and smishing to spoofing and account takeover, customers are bombarded with opportunities to be defrauded and victimized. Having a real-time, two-way communication path that allows them to receive alerts and act; report problems and get help; and authenticate sensitive transactions that pose identity and financial risks can empower consumer and business customers to better defend themselves against fraud in an increasingly risky digital environment.
Visit Fico.com for more information on how to use real-time communications to defend your customer against emerging scams.