"All human wisdom is contained in the words wait and hope…” - Edmond Dantes, The Count of Monte Cristo

‍

Alexandre Dumas, the great French novelist who penned, among others, one of the greatest works of literature The Count of Monte Cristo had a lot of experience with fraud. Edmond Dantes, the protagonist of this wonderful book is one of history’s great fraudsters, yet also one we cheer for throughout his journey of deception. Aramis, Athos, Portos, and others are tricky deceivers as well in their pursuit of love, adventure, and justice. When you take into account their duplicitous behavior, their efforts are not all that indistinguishable from what we see in today’s scammers.

‍

The line quoted above is an incredibly prescient way to view the long game of fraud. It’s also a way to think about how we think about fraud. We are forever hopeful that our efforts will bring about an end to this scourge. That hope is, in many ways, the mother of invention for our work, and we continue to develop newer and better ways to beat fraudsters at their own game. But the waiting game is what we all face. What can we develop that will outwit bad actors? What new fraud approach is just around the bend that we will need to contend with?

‍

Predictions about fraud are usually about being on the defensive. Predictors consider how we can react. But this year, we are taking a more active approach. Rather than simply waiting and hoping, let’s also add into the mix a sense of taking charge. There are certain trends we know are already on the rise. Subsequently, we know how to attack those things right now with tools, processes, and behaviors already at our disposal. So let’s acknowledge the necessity of waiting and hoping while applying a more informed blueprint for how we can address what inevitably stands before us.

‍

So for starters, let’s be clear – there’s a lot of fraud anticipated in 2024. Some of it will be performed in creative and complex ways. Others will manifest in simple, old, tried-and-true forms that make us scratch our heads and wonder why we cannot solve it once and for all. There is no doubt that the landscape of fraud in 2024 promises to be more complex and challenging than ever.

‍

We also know that the right foundations of a fraud-fighting approach will provide the best defense. Identity verification processes will be the most important aspect of our efforts. With that in mind, this blog focuses on things like the renewed onslaught on Know Your Customer (KYC) processes, the rising importance of mobile Driver's Licenses (mDL) in remote ID proofing, the identity crisis haunting financial institutions, and the mounting pressure on cryptocurrency and Decentralized Finance (DeFi) entities to address their identity woes.

Trend #1: KYC Under Siege: A Resurgence of Attacks on Onboarding Flows

In 2024, we anticipate a resurgence of attacks targeting KYC processes across diverse sectors like financial institutions, marketplaces, social media platforms, e-commerce companies, and other businesses. Cybercriminals are increasingly exploiting identity theft and synthetic means to create fake accounts, leading to a wide array of fraud types, including ACH fraud, P2P fraud, check fraud, dispute abuse fraud, marketplace abuse, and card fraud.

‍

The corresponding operational costs, losses, and compliance impacts are poised to intensify as businesses grapple with the fundamental question of how many of their accounts truly represent legitimate identities. Organizations are urged to update their identity controls and recruit leaders specializing in identity management to fortify their defenses against these evolving threats.

‍

However, the scope of these efforts must go far beyond onboarding processes. To combat increasingly sophisticated scam tactics, fraud teams have to implement measures that are persistently applied throughout the entire customer lifecycle. One component of this strategy is the adoption of passwordless authentication. By moving beyond traditional password-based systems, businesses can significantly reduce vulnerability to password-related breaches and bolster overall identity verification throughout their relationship with each customer.

‍

Fraudsters are not simply attacking using the same tactics in mind. The rapid shift to digital platforms that has been in motion over the previous few years will continue in 2024, and there will be a particular rise in the significance of the phone number as a primary identifier across both public and private services. Additionally, legislative data sources recognize the phone number as a key identity attribute. Traditional identity verification methods relied on conventional identifiers, but contemporary approaches emphasize the use of the phone-centric identity as a unique identifier. This preference is attributed to the ubiquity of phone numbers and the wealth of information they offer by potentially linking to diverse data sources. Through effective orchestration, this expanded potential contributes to enhancing the accuracy of 2+2 verification methods.

‍

It’s important to note that aligning the phone number with personally identifiable information (PII) data, such as name, address, date of birth, and email address, establishes ownership of the phone number. This, perhaps among all other approaches, is critical to preventing identity takeover within the KYC compliance process. The phone number's intrinsic link to various data points not only solidifies its role as a primary identification key but also reinforces its utility in fortifying identity verification methods for the digital age.

Trend #2: Mobile Driver Licenses Will Become Popular Remote ID Proofing Solutions

We should expect to see a rapid increase in use cases in the private sector for mobile Driver's Licenses (mDLs) for remote ID proofing. Lobbying efforts directed at the government for broader adoption of mDLs in the private sector are already happening, and while the government's current focus is primarily on compliance with the Real ID Act, discussions will broaden to include the benefits of mDLs in remote identity verification across industries.

‍

Key figures, such as Jeremy Grant, Managing Director at Venable, will likely play a leading role in advocating for the widespread use of mDLs. The Better Identity Coalition's testimony to the House Homeland Security Subcommittee underscores the importance of identity management innovation in navigating the challenges posed by evolving fraud trends.

‍

The implementation of mDLs for remote ID authentication demands an exploration of the technical advancements embedded within these digital licenses. From secure encryption algorithms to advanced biometric integration, fraud engineers are going to need to understand the underlying technologies that fortify mDLs against manipulation and counterfeiting attempts.

‍

It will become clear to those tasked with implementing this new type of authentication that to effectively combat fraud, mDLs require a real-time identity verification solution at the foundation of all efforts. Fraud engineers will need to design and implement systems that facilitate seamless and instantaneous verification, utilizing protocols that ensure the validity of mDL data during each authentication attempt. To do this effectively, fraud teams will have to grapple with the challenge of interoperability and standardization within the ecosystem of mDLs. Ensuring compatibility with various systems and platforms necessitates a deep understanding of industry standards, protocols, and frameworks, enabling a smooth integration process across diverse applications.

‍

Given the dynamic nature of fraud, fraud engineers should focus on developing continuous monitoring mechanisms for mDLs. Implementing anomaly detection algorithms that can swiftly identify irregularities in user behavior or authentication attempts is crucial to staying ahead of emerging fraud patterns and will be a critical element of their 2024 fraud playbook.

Trend #3: Financial Institutions Will Continue to Grapple with SARs and Identity Attribution

Not all fraud challenges in 2024 will be new ones. Financial organizations have been waiting and hoping for better ways to align Suspicious Activity Reports (SARs) reports with correct and accurate identities. This issue is anticipated to persist in the coming year, as it poses multifaceted problems for fraud teams and the financial sector at large.

‍

In 2021, financial institutions collectively filed a staggering 3.8 million SARs as part of their commitment to combat financial crimes. However, a disconcerting revelation emerged from these statistics – a significant portion, precisely 1.6 million SARs, were associated with fraudulent activities. This alarming fact, as identified by the Financial Crimes Enforcement Network (FinCEN) in the Identity Project, underscores the pervasive nature of identity and synthetic-related fraud within the financial landscape. 

‍

At the heart of this trend lies a critical issue – the inability of financial institutions to consistently link SARs with correct and verified identities. This complexity presents a formidable challenge when attempting to attribute financial crimes accurately to specific individuals or entities.

‍

The complex nature of identity fraud is built on a wide array of tactics which include synthetic identity creation, identity theft, and other sophisticated maneuvers, complicating the task of identifying the true perpetrators behind suspicious financial activities. The result is a convoluted web of fraudulent transactions, making it arduous for fraud teams to establish a clear line of attribution to criminal actors.

‍

As the scale and complexity of financial fraud continue to evolve, the struggle to complete SARs accurately emerges as a critical pain point for fraud teams. The lack of clarity in identity attribution not only impedes effective crime prevention but also hampers the ability to recoup losses and mitigate the broader impact on the financial ecosystem.

‍

In light of these challenges, 2024 marks a crucial juncture for financial institutions to fortify their fraud detection and identity prevention mechanisms. Addressing the identity attribution conundrum requires a concerted effort towards adopting advanced technologies, leveraging data analytics, and fostering collaboration within the financial industry.

‍

Strategies encompassing enhanced data verification and phone-centric authentication will play a pivotal role in unraveling the complexities of identity-related fraud. As financial institutions confront the escalating challenge of accurately completing SARs with correct identities, their proactive efforts will be rewarded through better alignment and capture of fraudulent identities.

Trend #4: There Will Be Increased Pressure on Crypto and DeFi Companies to Address Identity Issues

It would seem incomplete to list trends without addressing the identity issues in the cryptocurrency and decentralized finance (DeFi) markets. There will be special urgency in 2024 because crime and terror financing emanating from these new financial ecosystems has reached a tipping point. This article delves into the dynamics of this identity trend, emphasizing the imperative for self-regulation and anticipating the inevitability of regulatory scrutiny aimed at perfecting Know Your Customer (KYC) practices.

‍

Both crypto and DeFi have inadvertently become fertile ground for illicit activities, including crime and terror financing. The decentralized and anonymous nature of these financial systems has enabled bad actors to exploit identity loopholes, posing a growing threat to the integrity of the entire sector. Recent stories, like the discovery of almost $1 billion in alleged terrorist and human and narcotics trafficking financing funneling through crypto giant Binance demand a decisive response in 2024.

‍

It’s no secret to the crypto and DeFi communities, who find themselves at a critical juncture where self-regulation becomes not just a moral imperative but a strategic necessity. The industry must take proactive measures to address identity challenges, reinforce security protocols, and demonstrate a commitment to eradicating illicit financial activities within their realms. This involves collaborative efforts among key stakeholders, including exchanges, projects, and industry associations, to establish and enforce robust self-regulatory frameworks.

‍

As regulatory pressure mounts, crypto and DeFi platforms face a delicate balancing act. Achieving KYC perfection is imperative, yet it must be approached judiciously to maintain the core tenets of decentralization, user privacy, and financial inclusion that define these ecosystems. Striking this delicate balance requires a nuanced approach that leverages cutting-edge identity verification technologies while preserving the fundamental ethos of crypto and DeFi.

‍

To navigate this, crypto and DeFi platforms must turn to technological solutions that go beyond the tipping point. Implementing advanced identity verification mechanisms, including passwordless authentication and phone-centric verification to fortify these platforms against identity-related threats.
‍

Final Word

Hoping and waiting has some level of inevitability in it, but it’s not a strategy. Knowing what we face in the coming year gives us the opportunity to face it head-on and with the right tools to put our organizations in the best possible positions to avoid major fraud issues. We encourage you to check out our How to Attract More Fraud in 2024 article for more.

‍

Also, check out last year’s predictions here.