June 06, 2023
Exploring the Cycle Between Identity Theft and Credit Card Fraud
5 min read
Identity theft and credit card fraud are two interconnected phenomena that have become prevalent in our digital age. Criminals exploit vulnerabilities in payment systems and personal information to engage in fraudulent activities. In this blog post, we will explore the causes of credit card fraud and how it is fueled by identity theft, shedding light on the tactics employed by fraudsters, the impact on individuals and businesses and key prevention methods.
Identity Theft: What You Need to Know
Data breaches are the leading causes of identity theft. In fact, according to the Identity Theft Resource Center, there were 1806 data breaches last year, affecting 422 million victims. Much of this data ends up for sale on the dark web at very low rates. For example, the Privacy Affairs Dark Web Price Index shows that full credit card details and associated data cost between $10 and $100. The more comprehensive the data set, the higher the price. Forged documents like driver’s licenses, passports, insurance cards, utility bills and other identification documents can then be ordered to match stolen data, making it easier to bypass identity verification and KYC (know your customer) checks. With this identity theft, the attacker has what is needed to activate a whole host of fraudulent activities.
Understanding Credit Card Fraud
Credit card fraud refers to unauthorized or fraudulent use of someone else’s credit card or card details for financial gain. Fraudsters employ various techniques to obtain sensitive card information and carry out fraudulent transactions.
Credit card fraud comes in many forms.
Card not present (CNP) Fraud: CNP is one of the hardest to detect because the attacker uses stolen credit card information as stated before to make purchases online or by phone. Because there is no physical card to examine, merchants cannot verify the buyer’s identity. It should be noted that stolen credit card details on the dark web general include the card number, expiration date, CVV, address, email and phone number of the cardholder, so the attacker will have everything they need to make a transaction.
Account Takeover Fraud: With identity theft information, fraudsters can take control of an individual’s existing credit card accounts. They can change contact details, passwords, and PINs, request replacement cards to be sent to a new address, etc. making it difficult for the legitimate cardholder to detect and prevent fraudulent activity.
Unauthorized Credit Card Applications: By using stolen identity information, criminals can fraudulently apply for credit cards in someone else’s name. They can make purchases, accumulate debt, and often disappear without a trace, leaving the victim to deal with the financial repercussions and damaged credit history.
Synthetic Identity Fraud: Sometimes the fraudster will create a new identity by combining real and fabricated personal information. These synthetic identities are then used to apply for credit cards, often targeting those with limited credit histories. The fraudster builds a credit history for the synthetic identity and maxes out the credit limit, leaving the financial institution to suffer the losses.
Skimming: Given the ease of CNP fraud, skimming is not as popular but this form of credit card fraud is also still happening. With skimming, a device is placed in payment terminals, ATMs, or gas pumps to secretly capture the cardholder’s information when they make a transaction. The stolen data is then used to create counterfeit cards or conduct fraudulent online transactions.
Preventing Credit Card Fraud with the Circle of Identity
Credit card fraud has significant consequences for individuals and businesses alike. Victims face financial losses, damaged credit scores, and the daunting task of restoring their identity. In December of 2022, the Nilson Report released a forecast indicating that U.S. losses from credit card fraud will total $165.1 billion, the equivalent of a Middle Income country GDP.
Beyond remaining vigilant and educating consumers about common fraud techniques such as phishing scams, skimming devices and suspicious websites, and regularly monitoring credit reports, credit card statements, etc.,there are concrete steps that card issuers can take to protect themselves and consumers from credit card fraud. At Anonybit, we call it the Circle of Identity.
A closed Circle of Identity works like this: Selfies and other data collected at the time of the credit card application process are linked to the issued credit card number. A credit card purchase or request for a replacement card or adding a new card to the account requires biometric authentication (i.e., selfie) against the original selfie that is captured. To enhance the user experience and minimize friction, the request for biometric authentication can be driven by transactional risk factors, such as merchant type, transaction value, location, IP address, etc. Given the ease of capturing a selfie and the ubiquity of smartphones and embedded cameras, it is expected that biometric payments will become a major growth area for retailers and issuers alike, not only for reducing credit fraud but also in terms of lowered costs and reduced administration to deal with replacement credit cards, etc.
For more information on how to implement biometric authentication to prevent credit card fraud, meet with a member of our solutions team.