Online fraud attacks come in many forms and among the most common is new account fraud. IBM Security is now taking direct aim at the new account fraud problem by adding a feature to its IBM Trusteer security platform that helps identify newly created fraudulent accounts.
“The new account fraud detection capabilities are new features in our IBM Trusteer Pinpoint suite,” Limor Kessem, executive security adviser at IBM Security, told eWEEK. “We connect the new account fraud offering to our existing fraud protection offerings to provide a streamlined view of digital identities, from establishing the trust to maintaining it after the account has been created.”
New account fraud is already quite prevalent and has been expanding to new verticals, as more services are offered to customers online, according to Kessem. As banks move to more secure payment cards and new payment channels, cyber-criminals have been transitioning to online channels to attempt to use the same data for opening bank accounts and applying for credit, loans, insurance and other types of accounts, she added.
Finding new account fraud is a task in which machine learning technologies play a key role. Kessem explained that IBM Trusteer uses machine learning capabilities that were developed at IBM, building on IBM’s big data technology.
“This allows us to perform complex analytics on big data sets related to this new offering,” she said.
The New Account Fraud service is integrated into the web pages where IBM Trusteer customers host their new account opening applications. Kessem said customers can also use a back-end API to support real-time assessment. In addition, the New Account Fraud offering collects information on the endpoints using JavaScript snippets for web applications and an SDK (software development kit) for mobile apps.
“The technology looks at many characteristics for account opening,” Kessem said.
For example, she said IBM Trusteer examines whether the same device or device elements were used in fraudulent cases in the past. Fraudsters do not use a brand-new device for every new identity they try to steal; rather, they reuse devices and may attempt spoofing or camouflaging the identifiers, according to Kessem.
“While the identity may be stolen, the fraudster needs to provide contact information like phone numbers, email addresses and even residential addresses that often lead back to the same identifiers,” she said. “We track these details and correlate them, which can flag repeated use for fraud by the same actor.”
Fraudulent accounts aren’t always immediately used, making the challenge of detection even harder. The DataVisor Online Fraud report released in March 2017 found that 44 percent of fraudulent accounts are inactive for at least seven days before being used as part of a fraud attack.
While some fraud can be detected at the time a new account is opened, Kessem said IBM Trusteer can also detect new account fraud after the account is opened. The fact that a new account opener has established initial trust does not mean they can maintain it, and IBM Trusteer’s New Account Fraud offering looks at risk factors that take place after the opening as well.
“New account fraud typically takes place within 90 days of a new account being opened,” Kessem said. “We look for fraud patterns that are unique to new account creation, such as dormancy period post creation and then suspicious activity or spikes in activity.”
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.