Identity Theft Will Get Worse

If the rate and effectiveness of identity-based fraud attacks in 2020 and 2021 are an indicator, the year ahead will likely be a record-breaker, and not in a good way. Here’s why:

The use of digital payments and accounts has reached near-ubiquitous adoption, with more than four in five US consumers having processed “some sort of digital payment in 2021.”

2021 is also on track to be a record-breaking year in terms of data breaches, exposing the personally identifiable information (PII) of millions of Americans.

The confluence of these trends, coupled with the opportunity for international fraud networks and criminals to make money (without much risk to themselves), is set to make 2022 an inflection point for how we think about identity protection.

How will organizations and consumers respond?

Among US consumers, wariness around data use and protection is palpable. According to a 2021 survey, 86% of respondents say data privacy is a growing concern, and 40% don’t trust companies with their data. For any executive concerned about safeguarding their company’s reputation, these numbers should be a wake-up call.

While a breach is usually is not the fault of the company collecting the data, consumers don’t really care who is responsible. Instead, they just care about the negative impacts they are consequently forced to endure, and they endure a lot.

Regardless, the downstream effect of exposed PII is, of course, identity theft, which impacts both organizations and consumers alike.

In 2021, US businesses were estimated to lose over $721bn due to identity-based fraud attacks.

Meanwhile, identity fraud’s impact on consumers is a whopping $1100 average loss per incident.

"Unfortunately, many organizations continue to fall behind fraud's advancements despite current efforts"

Collectively, this is unsustainable. It should not be tolerated.

Organizations should do everything in their power to prevent fraudulent activity from occurring on their platforms. (Companies who don’t live up to this responsibility face reputational damage, customer attrition, rising costs of new customer acquisition, legal liability, enforcement, penalties and fines.)

Unfortunately, many organizations continue to fall behind fraud’s advancements despite current efforts.

Case in point: in the past two years, nearly half of US consumers (48%) were impacted by identity theft. Over the same period, more than one-third of US consumers became victims to account takeover (38%) and a similar percentage to application fraud (37%).

Legacy identity verification solutions that don’t account for the breadth and depth of data needed to stop more sophisticated synthetic identities or those that focus on a single point of compromise are to blame. So, too, is inaction on the part of organizations that don’t proactively and continually revisit their identity verification strategy – a must, given the current fraud landscape.

To address fraud in 2022, organizations will need to enhance their approach to identity verification. That includes securing the enrollment process and taking a multi-layered approach to verifying and authenticating identity throughout the customer lifecycle. From enrollment to payment, managing change events to ongoing KYC and compliance.

Organizations will have to arm themselves with more and better data to compensate for the vast quantities of exposed PII already being deployed by fraud groups.

Equally as important is the delivery of that data so that organizations can make faster but more informed decisions.

Partnering with a provider with access to accurate and structured data, with the ability to leverage that data effectively, in real-time, to minimize risk while improving user experience, will be key to a safer and more successful 2022.

What’s Hot on Infosecurity Magazine?