You may think your critical data and assets are protected by network intrusion detection systems, firewalls and the latest technology. However, it’s become increasingly clear this is not enough when cyber fraudsters impersonate real people for criminal purposes. In particular, there’s a shift toward the use of stolen identities online due to the availability of massive amounts of personal data from major data compromises or breaches like those of OPM, Target, eBay, Anthem, Home Depot, and the like. As a result, identity thieves can more easily penetrate legacy cybersecurity solutions, rendering many woefully inadequate.
Fraudsters are smart and getting smarter every day. They constantly find and exploit cracks in verification and fraud detection programs and they’re counting on us to fall behind. Think of this simple analogy—a thief can use brute force to attempt to break into your home, but chances are the doors and windows are locked and the security system is armed. This is equivalent to traditional cybersecurity. However, if the thief approaches your home impersonating a friendly neighbor, you’re more likely and willing to unlock the door and let them in. Traditional security measures become inadequate at this point. With the rise in online transactions and other “faceless” channels, more than ever before, stolen identities can be used to process transactions where criminals easily pose as legitimate applicants.
The IRS Get Transcript incident was a clear example of access using stolen identities. Addressing this type of cybersecurity threat comes down to more than identity verification. Digital verification is just one part of the necessary solution. Verifying the digital attributes associated with an individual is as important as verifying the individual exists and is not a potential risk. Cyber fraud can be prevented with integrated identity management tools that provide digital verification and ID authentication, as well as identification of digital behaviors indicative of cyber fraud. Integrated cyber fraud detection verifies information provided by the applicant, identifies risk associated with the device being used along with digital behaviors, and initiates a risk-based assessment.
Further, verifying the digital attributes associated with an identity is equally important as verifying that the identity actually exists and is not a threat or potential risk. No longer can you rely on simply deploying network intrusion to detect someone “breaking into your house”. You also need to initiate strategies that go beyond historical cybersecurity controls and look at protection methods that verify identities, devices and behaviors. With the right tools and analytics, organizations can begin to further advance their overall cybersecurity capabilities and keep the fraudsters at bay.
Leave a Reply
You must be logged in to post a comment.