Fraud Management & Cybercrime , Fraud Risk Management , Geo Focus: Asia

Tackling Synthetic ID Fraud in the Era of Digital Banking

Vishal Kapoor, DBS Bank, on Importance of Data Sharing Within Banks
Tackling Synthetic ID Fraud in the Era of Digital Banking
Vishal Kapoor, sector lead FI research at DBS Bank

Financial institutions must leverage artificial intelligence and other new-age authentication tools to establish a robust KYC process in the era of remote account opening, said Vishal Kapoor, sector lead FI research at DBS Bank.

See Also: Is Your Email Security Keeping Up with Attackers? Protecting your Microsoft 365 Investment

"For financial institutions, not only banks, KYC processes need to be watertight for effective verification at the source," Kapoor said at the Anti-Fraud Leaders Summit in Kuala Lumpur. "It would mean the use of tools like behavioral biometrics and biometrics to recognize patterns to spot red flags at the login or during the onboarding process."

Kapoor advised that banks should establish a baseline for customer behavior to discover a pattern that can be used for verification. "This data needs to be collected and shared with other banks, while keeping in mind the regulatory requirements," he said.

Emphasizing the benefits that AI can offer, Kapoor said that several banks are using AI to spot minute errors in identity verification documents during the KYC process. "However, unfortunately, we are merely reacting to what fraudsters are doing," he said.

Fake Documents for Synthetic ID Creation

Once fraudsters obtain a customer's personal data, they can misuse it to engage in fraudulent activities, including synthetic identity fraud and account takeover. The prevalence of synthetic identity fraud is increasing due to the combination of counterfeit and genuine ID information, thereby making this type of identity theft especially difficult to detect.

Southeast Asian banks are one of the most targeted sectors in the world, he added.

India is the most targeted country, followed by Romania, where fraudsters target national ID cards to create fake or synthetic identities. "In India, fraudsters create fake Aadhaar cards to create synthetic identities," Kapoor said. In fact, 13.2% of synthetic ID fraud in India comes through Aadhaar cards since the IDs are being used by most institutions as valid identity verification, according to an Onfido report. A Statista report said India has issued 1.3 billion Aadhaar cards to date.

Fraudsters also create counterfeit driving licenses, especially in the United Kingdom and France, to open bank accounts. "Hence, it is important to invest in document verification tools to ensure the documents are real. This will not stop synthetic ID fraud, but will go a long way in reducing the fraud percentage," Kapoor said.

While the number of vendors offering to verify documents has increased since the COVID-19 pandemic began, there is no industry standard for verification. As a result, many banks have not yet invested in these tools.

Kapoor urged banks to invest in biometrics. "Data shows that so far fraudsters have not been able to commit biometric fraud at a large scale," he said. "The fraudsters so far have not been too successful in faking fingerprint verification, and the fraud percentage is even lower for retina scans. I see this as the future for verification."

Data Sharing

Contrary to popular belief, fraudsters are not very creative and often reuse the same profiles within their circle. "Fraudsters usually have a fraud ring, and they reuse profiles. Unfortunately, FIs are not able to leverage this because of various regulations," Kapoor said.

He emphasized the importance of data sharing and how governments need to step up to mandate this. "Most banks are bound by regulatory requirements. In Singapore, the government is very proactive. Other countries too need some sort of regulation from the government that mandates data sharing within banks. And this does not always have to be personally identifiable information. There are many ways to handle this."

Earlier this month, the Parliament of Singapore passed a bill to allow information sharing on potentially risky clients, a move aimed at curbing illicit activities by their customers. This will pave the way for the Monetary Authority of Singapore to set up and maintain a secure digital information-sharing system. Other Asian countries, including India - which continues to impose secrecy and confidentiality obligations on banks - need to step up, Kapoor said.


About the Author

Suparna Goswami

Suparna Goswami

Associate Editor, ISMG

Goswami has more than 10 years of experience in the field of journalism. She has covered a variety of beats including global macro economy, fintech, startups and other business trends. Before joining ISMG, she contributed for Forbes Asia, where she wrote about the Indian startup ecosystem. She has also worked with UK-based International Finance Magazine and leading Indian newspapers, such as DNA and Times of India.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.