It’s the surest way to combat application fraud, which may reach $1 billion this year.
Although today’s account-opening paradigm is guided by sound regulations and solid best practices, vulnerabilities remain. Indeed, for as long as they’ve existed, digital applications have been a veritable playground for identity criminals.
Barring a dramatic improvement in how the financial services industry collectively verifies identity, application fraud losses on demand deposit accounts (DDAs) are expected to reach nearly $1 billion in 2023, according to Early Warning.
Thanks to a set of new rules and innovations, however, that may be about to change.
With scams and fraud occurring at record rates, the profitability of any customer — especially a digital one — hinges on the legitimacy of that customer’s identity. Verifying that legitimacy doesn’t always gel with delivering a smooth, digital-first experience. In fact, most times the two strategies are at odds.
Even with advanced technologies, plug-ins for application programming interfaces, and promises from fintech partners, financial institutions continue to roll out “digital window dressing.” While the allure of online account opening may bring digital-first consumers to the brand, its failure to follow through on its promises inevitably disappoints. Because the institution is struggling behind the scenes to
reconcile analog identities with digital experiences, it simply can’t deliver what today’s consumer demands.
Supply And Demand
Fortunately, one of the bedrocks of analog identity—the driver’s license—is maturing into the digital age. With it comes an opportunity for financial institutions, as well as retailers, processors and others within the digital-transactions ecosystem to have a meaningful leg up on application fraudsters while also meeting consumer demands for modern transactions.
Application-fraud losses come down to supply and demand, where financial institutions represent supply and fraud cases represent demand—and demand is rising exponentially.
Data breaches and scam proliferation aside, just look at the overwhelming number of new drop accounts in existence today. Fraudsters use these accounts to receive funds taken from their victims through authorized push payments and peer-to-peer schemes, not to mention good old-fashioned check fraud. Those scams and many others are behind the net-new number of drop accounts, which went through the roof in 2022.
As for the supply side, banks and credit unions are still deploying their strongest identity controls on credit accounts, not demand-deposit accounts. That’s not terribly surprising when you consider the practical matter of return on investment. Dollars spent preventing application fraud must be weighed against the revenue generated from the portfolio that investment is protecting. Credit portfolios, by their very nature, produce more revenue than their debit counterparts.
Therein lies the real benefit of migrating consumers to digital driver’s licenses. The shift would dramatically raise the bar for true-name and synthetic ID fraudsters who rely on weak online application controls to establish drop accounts. Yet, it would not require a large investment from financial institutions. In fact, it may reduce some expenses.
Impersonating a legitimate (or even half-legitimate) person would be much harder if a digital driver’s license were required. That’s because the licenses are verifiable and secure. The party relying on that information—a bank, a retailer, or a fintech—can verify the identity with the source of record, in this case, a state department of motor vehicles. And digital driver’s licenses are designed to combat efforts to alter, copy, or otherwise tamper with them.
Beyond effectively reducing fraud, the ubiquitous issuance and acceptance of digital driver’s licenses would also greatly reduce the need for a multitude of identity-proofing technologies. This, in turn, would open room in the fraud-fighting budget for some DDA protection.
As an added outcome, financial institutions would reduce friction for legitimate consumers during account opening, improving the first-impression digital experience and setting up the new relationship for long-term profitability.
Careful Execution
Adoption of digital driver’s licenses is gathering steam. About 30 states are already offering or testing digital driver’s licenses to their citizens, according to StateTech Magazine.
The Digital Identity Act (or some version thereof) will ensure uniform standards for the issuance and validation of the digital driver’s license. Most issuing bodies already follow International Organization for Standardization (ISO) specifications, which has given financial-services vendors a head start in the race to develop validation systems.
Apple and Google are also now in the fray, so millions of Americans will have an easy, secure way to further migrate their once-analog credentials to their smart phones for use in the physical and digital realms.
Some financial institutions, retailers, and processors will be slow to adopt the technology, waiting until digital driver’s licenses reach their potential. Early adopters, on the other hand, will simultaneously repel fraudsters and attract new customers. Those slower competitors, impressed and scrambling to catch up, will have the added pressure of battling the opportunistic fraudsters who target their ill-equipped systems.
Like every innovation, the effectiveness of digital driver’s licenses in mitigating application fraud will come down to careful, security-aware execution.
There is little doubt criminals will attempt to circumvent the verification process. We can easily anticipate the “digital fake,” which will quickly become the bane of institutions relying on visual verification only. Farther up the sophistication chain, hackers are likely to work toward compromising the authentication technology used to digitally verify licenses.
While digital driver’s licenses may not put a total end to application fraud, it is one of the rare innovations that could end application fraud as we know it today.
—Al Pascual is senior vice president, Enterprise Risk Solutions, at TransUnion.