Identity fraud is up, but banks are up to the security challenge
In 2012, the total losses resulting from account takeover and new account fraud each rose by approximately 50% over the previous year. These two fraud types impact consumers most severely, and are historically more difficult for FIs to prevent and detect than any other major fraud type.
Today, Javelin Strategy & Research releases the firm’s 2013 Banking Identity Safety Scorecard. For eight years, Javelin has evaluated the top 25 FIs by deposit size based on their consumer‐facing security features in the three fraud stages of Javelin’s Protection, Detection, and Resolution Model.
Javelin’s security research found that 5 of the top 25 FIs prohibit the use of the Social Security number (SSN) to authenticate a user’s identity, up from none in 2011. While this represents a major improvement, 20% adoption is still distressingly low, especially with account takeover fraud at a seven‐year high. Yet, a promising consumer empowerment trend is finally gaining momentum among FIs – 40% of FIs are leveraging customers’ unique knowledge of their own financial behavior to prevent fraud by blocking types of transactions the customer knows he or she would never initiate. User-defined limits and prohibitions (UDLAPs) are a powerful security supplement to behavioral and transaction monitoring.
Fraud prevention is a winning security strategy to both attract and retain account holders, as consumers strongly value security when choosing a new institution and the perception of security is a critical factor in attrition. Bank of America earned Best in Class for Bank Identity Safety, as well as Best in Prevention and Detection.
Bank of America’s winning performance is due in great part to high scores in fraud prevention and detection, coupled with a strong fourth-place showing in resolution. JPMorgan Chase takes the Best in Resolution Award, which focuses on the FI’s ability to effectively use customer service to restore consumers’ funds, peace of mind, and confidence in the FI.
“The best security model is one where FIs and their customers partner together in securing financial accounts,” said Al Pascual, Industry Analyst – Security, Risk & Fraud at Javelin Strategy & Research. “By focusing on educating and engaging the consumer in security authentication decisions and procedures, the FI can most effectively prevent attacks and threats from plaguing their valuable customer base.”
Javelin’s scoring system for FIs’ identity safety capabilities is devised around the premise that preventive measures offer the greatest return to both the consumer and the FI. Prioritizing security features designed to prevent fraud can save FIs and consumers money well beyond the compromised funds themselves.
While early detection, efficient and comprehensive resolution may mitigate the impact of frauds which have already occurred, successful prevention deflects fraud attempts, reducing the costs associated with detection and resolution.
Javelin Strategy & Research’s 2013 Banking Identity Safety Scorecard evaluates financial institutions on their ability to prevent, detect and resolve emerging threats and attacks on their customers. It is based on the analysis of the top 25 financial institutions, by deposit size, based on their consumer‐facing security features and two online surveys of more than 11,000 consumers.
The report contains 66 pages and 42 graphs. The report evaluates: Bank of America, Bank of the West, BB&T, BBVA Compass, BMO Harris Bank, Capital One, Citibank, Citizens Bank, Comerica, Fifth Third, HSBC, Huntington, JPMorgan Chase, Key Bank, M&T Bank, Navy FCU, PNC Bank, Regions Bank, Sovereign, SunTrust, TD Bank, U.S. Bank, Union Bank, Wells Fargo, and Zions Bank.