Fans of the hit 2002 film Catch Me If You Can will remember the extraordinary lengths that Frank Abagnale, played masterfully by Leonardo DiCaprio, went to forge checks while on the run from the FBI. Much to the delight of audiences, the film elevates the act of forging checks and defrauding banks to a high art form involving charm, craftsmanship, and an extensive – almost superhuman – knowledge of the US financial system.
In the real world, however, defrauding banks via ‘bad’ or ‘hot’ checks is less of an art form and more of a numbers game. Here’s how “shotgunning” checks works in the real world:
It all began in 1987 when Congress passed the Expedited Funds Availability Act, spurring the Federal Reserve to draft Regulation CC. The goal of Regulation CC is to ensure that banks process checks promptly so people can access their money in a reasonable amount of time. Regulation CC is the reason why most consumers today can cash a check in an ATM or on their phone and withdraw either all of the money or at least $200 (depending on various circumstances) almost instantly.
While Regulation CC helps legitimate consumers by requiring financial institutions to disclose to account holders when deposited funds will be available to withdraw, it also creates a dangerous loophole for fraudsters.
In order to stay anonymous and lay the groundwork for shotgunning checks, many criminals will create hundreds of phony bank accounts. They can do this using the stolen identity information from a real person or creating a whole new fictional identity by combining the stolen identity information from multiple people. Either way, this step is easy due to the vast amount of personal data available for sale on the dark web.
After the fraudster creates checking accounts under assumed identities, they purchase checks via the dark web or pilfer them via mail theft.
The rest is simple—the fraudster addresses their newly purchased or stolen checks to the many fake identities they created, drives to the ATM of their choice, and deposits the checks. For each check they deposit, the criminal then withdraws about $200 (the amount of money that banks typically make immediately available under Regulation CC) right away. In the matter of a few minutes, a criminal can overwhelm a bank by depositing dozens and dozens of checks to fake accounts in short succession and come out thousands of dollars richer. It’s not until days later, when the checks bounce, that the bank learns they were defrauded. By then, the cash is gone, and it’s too late.
Today, some banks are adopting a ‘sledgehammer’ approach to tackling this fraud vector by targeting all new account holders; while customers who have accounts that have been on the books longer can cash their checks quickly, new customers are forced to wait longer. Unfortunately, extending hold times to process new customers' checks for up to a week is not exactly a great first impression. Fortunately, there are more sophisticated ways to prevent remote deposit fraud than this one-size-fits-all approach.
In order to stop criminals from stealing thousands of dollars in just a few minutes while providing legitimate customers with the speedy processing of checks that they have grown accustomed to, banks must make identity theft much more difficult.
Only a few decades ago, verifying someone's identity was as simple as asking for their social security number. Today, however, it’s safe to assume that your social security number has already been exposed and is currently being bought and sold on the dark web. Because of this new reality, banks should adopt a more secure and accurate way to verify identity: the mobile phone.
After asking a customer to enter their phone number during the onboarding process, banks can leverage phone-centric identity to prevent identity spoofing in three simple steps.
By verifying a user’s identity using the PRO method, banks can stop multiple types of fraud, including Brute Force Remote Deposit Fraud, at its source while ensuring a speedy and convenient process for legitimate customers.
To learn how your company can leverage phone-centric identity to boost revenue and prevent fraud, contact us through the form below.
Join over 1,000 businesses that rely on Prove across multiple industries, including banking, FinTech, healthcare, insurance, and e-commerce. Contact us today.
Tap the button below to read our latest white-paper on the subject as industry leaders.
Contact us to learn how leading companies are using Prove Pre-Fill to modernize the account creation process by shaving off clicks and keystrokes that kill conversion.
Get in touch to find out how we can help you identify your customers at every stage of their journey and offer them seamless and secure experiences.
Let our expert team guide you through our identity verification and authentication solutions. Select a date and time that works for you.
Find out how we can help you deliver seamless and secure customer experiences that comply with PSD2/SCA. Select a date and time that works for you.
Download Aite-Novarica Group’s full report about Prove Pre-Fill, including a product overview, customer results, and how the product works.
Download the guide now to learn how you can improve security, cut down on fraud, and create the best possible customer experience.