Stopping Fraud Before It Starts: It’s Time To Close The Loopholes In New Account Creation
TransUnion’s Richard Tsai offers insights on stopping fraud before it starts and why it’s time to close the loopholes in new account creation. This article originally appeared on Solutions Review’s Insight Jam, an enterprise IT community enabling the human conversation on AI.
The COVID-19 pandemic accelerated the adoption of all things digital, and although in-person activities and experiences have come roaring back, the ease and convenience of doing business online have led to a tremendous increase in digital transactions. Unfortunately, growth in digital fraud has not only kept pace with but exceeded those gains. In fact, while digital transactions grew 6 percent between 2022 and 2023, suspected digital fraud was up 14 percent, according to TransUnion’s 2024 State of Omnichannel Fraud Report.
TransUnion’s data indicate that new account creation represents the highest-risk stage in the customer journey in 2023. Globally, 13.5 percent of all digital account creation transactions were suspected to be fraudulent, compared to just 3.2 percent for account logins (which can lead to account takeovers) and 2.4 percent for financial transactions (where money changes hands). This suggests that fraudsters may be shifting their focus from infiltrating existing accounts to creating new accounts that they directly control. Then, depending on the industry, they can use these accounts to gain access to credit (financial services), engage in promotion abuse (gaming and retail) or commit seller fraud (marketplace platforms).
Financial Services Making Great Strides
The financial services industry experienced one of the lowest rates of suspected fraud in new account creation in 2023, at 3.9 percent. While that’s still high, the industry’s better performance is due in part to compliance requirements: financial institutions are subject to stringent regulations such as Know Your Customer (KYC) and other requirements that call for robust identity verification processes. Plus, the possibility of tremendous damage to organizations, their reputations and their customers is very real, so financial institutions invest heavily in sophisticated security measures and fraud-fighting tools, such as biometrics and multifactor authentication, as well as fraud risk assessment models and tools to identify suspicious patterns and behaviors to detect and prevent fraud. These institutions heavily rely on trust and reputation to attract and retain customers, so they know they need to prioritize security to maintain credibility.
Retail’s Big Rate Problem
By contrast, the retail industry saw the largest share of suspected fraud, with nearly 45 percent of global account creation transactions suspected to be fraudulent. This shockingly high rate can be attributed to a variety of factors, including retailers’ reluctance to implement identity verification protocols. The prevailing belief is that instituting robust identity measures during the account creation process jeopardizes smooth customer experiences and can negatively impact sales revenue. Thus, most retailers make it easy to create new accounts — an email address (and maybe a phone number), with lax or no identity verification required.
Other industries with high rates of account creation fraud, such as travel and leisure (36.9 percent) and video gaming (31.5 percent), may not be as willing to invest in sophisticated controls, absent regulatory and compliance requirements, but they could do much better job of assessing the relevant identity fraud risk signals during the account sign-up process. Investments in fraud controls could reduce the practice of users creating multiple accounts to take advantage of welcome offers or exploit bonuses intended for new customers or players.
Also, many retailers who currently rely on guest check-outs that allow customers to bypass account creation would benefit from encouraging patrons to create identity-verified accounts. This enables the retailer to obtain first-party marketing data, promote loyalty programs, and engage in targeted marketing, as reliance on third-party data diminishes while they improve their fraud prevention posture.
Customer Sentiment And The Value Of Security
While organizations are correct in prioritizing positive customer experiences, it’s important to remember that consumers also place a high value on security. In TransUnion’s 2024 report, consumers ranked the security of their personal data as a top criterion (ranked first by 50 percent of respondents) when choosing whether or not to do business with an online company. Nearly two-thirds of those surveyed cited fraud concerns as the top reason they wouldn’t use a site again, and half reported abandoning an online shopping cart due to concerns about fraud and/or security.
In short, consumers want organizations to protect their personal data, and they will give their trust and their business to companies that deploy effective, friction-right fraud detection and prevention measures.
Dispelling The Myth Of Fraud Vs. Friction
For years, the perception was that implementing more stringent fraud-fighting controls would harm consumers’ user experiences. This inspired an ongoing tug-of-war: increase fraud controls or reduce friction for better customer experiences and higher conversion rates. However, fraud mitigation and consumer experience need not be a zero-sum game.
Following the example of financial institutions, organizations across industries can benefit from a better understanding of the identities of their customers by implementing fraud risk assessment tools during the account creation process. Many of these tools operate instantaneously and in the background to link identity, device, and behavior data, enabling enterprises to detect and flag high-risk transactions while creating little or no friction for trustworthy customers. With these tools in place, organizations can confidently flag “risky” users while establishing mutual trust between consumers and businesses.