Upload
others
View
4
Download
0
Embed Size (px)
Citation preview
Managing Fraud Risk in Online Lending A Mercator Advisory Group
8 Clock Tower Place,
phone:
www.mercatoradvisorygroup.com
© 2012
A Mercator Advisory Group
Managing Fraud Risk in Online LendingA Mercator Advisory Group
8 Clock Tower Place,
phone: 1(781) 419-
www.mercatoradvisorygroup.com
Mercator Advisory Group, Inc.
MANAGING
ONLINE
Mercator Advisory Group
Managing Fraud Risk in Online LendingA Mercator Advisory Group Executive Brief
8 Clock Tower Place, Suite 420 | Maynard, MA 01754
-1700 | e-mail:
www.mercatoradvisorygroup.com
Mercator Advisory Group, Inc.
ANAGING
NLINE L
Mercator Advisory Group
Managing Fraud Risk in Online Lending Executive Brief Sponsored by
Suite 420 | Maynard, MA 01754
mail: [email protected]
www.mercatoradvisorygroup.com
ANAGING FRAUD
LENDING
Mercator Advisory Group Executive Brief Sponsored by iovation
Sponsored by iovation
Suite 420 | Maynard, MA 01754
RAUD
ENDING
Executive Brief Sponsored by iovation
RAUD RISK IN
Executive Brief Sponsored by iovation
ISK IN
Executive Brief Sponsored by iovation
November
November 20121
2012
Managing Fraud Risk in Online Lending A Mercator Advisory Group
© 2012
Managing Fraud Risk in Online LendingA Mercator Advisory Group
Mercator Advisory Group, Inc.
Managing Fraud Risk in Online LendingA Mercator Advisory Group Executive Brief
Mercator Advisory Group, Inc.
Managing Fraud Risk in Online Lending Executive Brief Sponsored by Sponsored by iovation
2
Managing Fraud Risk in Online Lending A Mercator Advisory Group
© 2012
Managing Fraud Risk in Online LendingA Mercator Advisory Group
Mercator Advisory Group, Inc.
Table of Contents
Managing Fraud Risk in Online LendingA Mercator Advisory Group Executive Brief
Mercator Advisory Group, Inc.
Table of Contents
Risk Management in a Risky Business
Fraud Schemes Evolving
Device Identification as an Effective Fraud Deterrent
Case Study
Fraud Challenges
Solution Requirements
Results Using Device Reputation
Conclusion
Managing Fraud Risk in Online Lending Executive Brief Sponsored by
Risk Management in a Risky Business
Fraud Schemes Evolving
Device Identification as an Effective Fraud Deterrent
Case Study ................................
Fraud Challenges ................................
Solution Requirements
Results Using Device Reputation
Conclusion ................................
Sponsored by iovation
Risk Management in a Risky Business
Fraud Schemes Evolving ................................
Device Identification as an Effective Fraud Deterrent
................................................................
................................
Solution Requirements ................................
Results Using Device Reputation ................................
................................................................
Risk Management in a Risky Business ................................
................................................................
Device Identification as an Effective Fraud Deterrent
................................
................................................................
................................................................
................................
................................
................................................................
................................
Device Identification as an Effective Fraud Deterrent ................................
................................................................
................................................................
................................
................................................................
................................................................
................................
................................................................
................................................................
................................................................
................................
................................................................
................................................................
................................................................
.............................................................
..................................................
................................
................................
................................................................
..........................................................
................................
................................
............................. 4
.................. 5
...................................... 5
...................................... 7
................................... 7
.......................... 7
........................................... 7
...................................... 7
3
4
5
5
7
7
7
7
7
Managing Fraud Risk in Online Lending A Mercator Advisory Group
© 2012
Managing Fraud Risk in Online LendingA Mercator Advisory Group
Mercator Advisory Group, Inc.
Risk Management in a Risky Business
“It’s just about the riskiest type of loan you can make.” Such were the words of the Vice President of Risk
Strategies at one well
The short
and
short
Figure
Sources: Stephens Inc., Mercator Advisory Group
While credit risk
exposure for short
anonymity involved, i
the industry’s adoption of the internet as a major customer acquisition channel.
and other short
m
Managing Fraud Risk in Online LendingA Mercator Advisory Group Executive Brief
Mercator Advisory Group, Inc.
Risk Management in a Risky Business
“It’s just about the riskiest type of loan you can make.” Such were the words of the Vice President of Risk
Strategies at one well
The short-term lending space, which in the last five years has expanded rapidly online, beyond the model of brick
and-mortar check cashing and payday lending locations, is indeed exposed to a great deal of risk. As the online
short-term lending industry has grown (Figure 1), so has its exposure
Figure 1: Online
Sources: Stephens Inc., Mercator Advisory Group
While credit risk
exposure for short
anonymity involved, i
the industry’s adoption of the internet as a major customer acquisition channel.
and other short-
mortar locations to the internet will continue
Bil
lio
ns
US
D
Managing Fraud Risk in Online Lending Executive Brief Sponsored by
Risk Management in a Risky Business
“It’s just about the riskiest type of loan you can make.” Such were the words of the Vice President of Risk
Strategies at one well-known online len
term lending space, which in the last five years has expanded rapidly online, beyond the model of brick
mortar check cashing and payday lending locations, is indeed exposed to a great deal of risk. As the online
ding industry has grown (Figure 1), so has its exposure
Online Short-Term Lending Volume 2007
Sources: Stephens Inc., Mercator Advisory Group
While credit risk – the risk that a borrower will
exposure for short-term lenders has been a growing concern since the business has moved online.
anonymity involved, identity thieves and first
the industry’s adoption of the internet as a major customer acquisition channel.
-term loan volume originated online
ortar locations to the internet will continue
$5.7
2006
Sponsored by iovation
Risk Management in a Risky Business
“It’s just about the riskiest type of loan you can make.” Such were the words of the Vice President of Risk
known online lending business.
term lending space, which in the last five years has expanded rapidly online, beyond the model of brick
mortar check cashing and payday lending locations, is indeed exposed to a great deal of risk. As the online
ding industry has grown (Figure 1), so has its exposure
Term Lending Volume 2007
Sources: Stephens Inc., Mercator Advisory Group,
risk that a borrower will
term lenders has been a growing concern since the business has moved online.
dentity thieves and first
the industry’s adoption of the internet as a major customer acquisition channel.
term loan volume originated online
ortar locations to the internet will continue
$6.7
2007
Online Short
Risk Management in a Risky Business
“It’s just about the riskiest type of loan you can make.” Such were the words of the Vice President of Risk
ding business.
term lending space, which in the last five years has expanded rapidly online, beyond the model of brick
mortar check cashing and payday lending locations, is indeed exposed to a great deal of risk. As the online
ding industry has grown (Figure 1), so has its exposure
Term Lending Volume 2007–2011 (E)
, 2012
risk that a borrower will default on a loan
term lenders has been a growing concern since the business has moved online.
dentity thieves and first-party fraudsters have been target
the industry’s adoption of the internet as a major customer acquisition channel.
term loan volume originated online in 2010
ortar locations to the internet will continue for the foreseeable
$7.1
2008
Online Short-Term Loan Volume
Risk Management in a Risky Business
“It’s just about the riskiest type of loan you can make.” Such were the words of the Vice President of Risk
term lending space, which in the last five years has expanded rapidly online, beyond the model of brick
mortar check cashing and payday lending locations, is indeed exposed to a great deal of risk. As the online
ding industry has grown (Figure 1), so has its exposure to fraud
2011 (E)
default on a loan – is remarkably high
term lenders has been a growing concern since the business has moved online.
party fraudsters have been target
the industry’s adoption of the internet as a major customer acquisition channel.
in 2010, and the market share shift away from brick
foreseeable future.
$8.2
2009
Term Loan Volume
“It’s just about the riskiest type of loan you can make.” Such were the words of the Vice President of Risk
term lending space, which in the last five years has expanded rapidly online, beyond the model of brick
mortar check cashing and payday lending locations, is indeed exposed to a great deal of risk. As the online
to fraud.
remarkably high in this industry
term lenders has been a growing concern since the business has moved online.
party fraudsters have been targeting online short
the industry’s adoption of the internet as a major customer acquisition channel. Roughly one quarter of payday
, and the market share shift away from brick
future.
$10.8
2010
Term Loan Volume
“It’s just about the riskiest type of loan you can make.” Such were the words of the Vice President of Risk
term lending space, which in the last five years has expanded rapidly online, beyond the model of brick
mortar check cashing and payday lending locations, is indeed exposed to a great deal of risk. As the online
in this industry, fraud risk
term lenders has been a growing concern since the business has moved online. Due to the
ing online short-term lenders since
oughly one quarter of payday
, and the market share shift away from brick
$13.0
2011 (E)
“It’s just about the riskiest type of loan you can make.” Such were the words of the Vice President of Risk
term lending space, which in the last five years has expanded rapidly online, beyond the model of brick-
mortar check cashing and payday lending locations, is indeed exposed to a great deal of risk. As the online
, fraud risk
Due to the
term lenders since
oughly one quarter of payday
, and the market share shift away from brick-and-
$13.0
2011 (E)
4
term lenders since
Managing Fraud Risk in Online Lending A Mercator Advisory Group
© 2012
Managing Fraud Risk in Online LendingA Mercator Advisory Group
Mercator Advisory Group, Inc.
Online lenders’ products are typically secured by the borrower’s future paychecks and the promise that funds will
be available in their checking accounts on a specific date. The l
reports and bank account validation services from so
but there are still those that try to game the system. Once the applicant has been approve
funds have been disbursed, the lender waits until the agreed upon date and debits the borrower’s bank account
via the Automated Clearing House to retrieve funds equal to the original loan amount plus interest.
comply with
demand deposit account
account number and whether the account is open,
funds will be accessible on the agreed upon date.
Fraud Schemes
It is during that period of time between disbursement and collection that a lender’s risk, if it wasn’t managed
adequate
successfully pass the underwriting test will simply take the money and run. By then, the lender has little choice but
to absorb the loss.
can routinely include
applications to a lender’s website
The manner of attacks aimed at lenders of all sorts (in credit card, HELOC,
achieved new levels of
able to leverage internet technology to automate a portion of the application process, so have fraudsters.
vulnerabilities have been identified, c
websites have
create t
hopes that some fraudulent loan application
Mobile devices have further complicated the issue, since many online lenders’ counter
upon the geolocation of an applicant’s Internet Protocol
this may wo
Schemes that involve several malevolent actors
equation.
Device
To augment the declining effectiveness of
have begun to implement functionality that reaches beyond the location of the user’s internet server
ex
Managing Fraud Risk in Online LendingA Mercator Advisory Group Executive Brief
Mercator Advisory Group, Inc.
Online lenders’ products are typically secured by the borrower’s future paychecks and the promise that funds will
be available in their checking accounts on a specific date. The l
reports and bank account validation services from so
but there are still those that try to game the system. Once the applicant has been approve
funds have been disbursed, the lender waits until the agreed upon date and debits the borrower’s bank account
via the Automated Clearing House to retrieve funds equal to the original loan amount plus interest.
comply with privacy laws,
demand deposit account
account number and whether the account is open,
funds will be accessible on the agreed upon date.
Fraud Schemes
It is during that period of time between disbursement and collection that a lender’s risk, if it wasn’t managed
adequately prior to loan origination, can quickly become realized as a fraud loss. Fraudsters whose applications
successfully pass the underwriting test will simply take the money and run. By then, the lender has little choice but
to absorb the loss.
can routinely include
applications to a lender’s website
The manner of attacks aimed at lenders of all sorts (in credit card, HELOC,
achieved new levels of
able to leverage internet technology to automate a portion of the application process, so have fraudsters.
vulnerabilities have been identified, c
websites have been exploited by organized criminals
create the potential for extremely high
hopes that some fraudulent loan application
Mobile devices have further complicated the issue, since many online lenders’ counter
upon the geolocation of an applicant’s Internet Protocol
this may work when tracking PCs, t
Schemes that involve several malevolent actors
equation.
Device Identification
To augment the declining effectiveness of
have begun to implement functionality that reaches beyond the location of the user’s internet server
example, the use of proxy servers to mask a fraudster’s true location
Managing Fraud Risk in Online Lending Executive Brief Sponsored by
Online lenders’ products are typically secured by the borrower’s future paychecks and the promise that funds will
be available in their checking accounts on a specific date. The l
reports and bank account validation services from so
but there are still those that try to game the system. Once the applicant has been approve
funds have been disbursed, the lender waits until the agreed upon date and debits the borrower’s bank account
via the Automated Clearing House to retrieve funds equal to the original loan amount plus interest.
privacy laws, the debit bureaus are prevented from validating
demand deposit account, and/
account number and whether the account is open,
funds will be accessible on the agreed upon date.
Fraud Schemes Evolving
It is during that period of time between disbursement and collection that a lender’s risk, if it wasn’t managed
ly prior to loan origination, can quickly become realized as a fraud loss. Fraudsters whose applications
successfully pass the underwriting test will simply take the money and run. By then, the lender has little choice but
to absorb the loss. To exploit
can routinely include whole teams
applications to a lender’s website
The manner of attacks aimed at lenders of all sorts (in credit card, HELOC,
achieved new levels of ingenuity
able to leverage internet technology to automate a portion of the application process, so have fraudsters.
vulnerabilities have been identified, c
been exploited by organized criminals
he potential for extremely high
hopes that some fraudulent loan application
Mobile devices have further complicated the issue, since many online lenders’ counter
upon the geolocation of an applicant’s Internet Protocol
rk when tracking PCs, t
Schemes that involve several malevolent actors
Identification
To augment the declining effectiveness of
have begun to implement functionality that reaches beyond the location of the user’s internet server
he use of proxy servers to mask a fraudster’s true location
Sponsored by iovation
Online lenders’ products are typically secured by the borrower’s future paychecks and the promise that funds will
be available in their checking accounts on a specific date. The l
reports and bank account validation services from so
but there are still those that try to game the system. Once the applicant has been approve
funds have been disbursed, the lender waits until the agreed upon date and debits the borrower’s bank account
via the Automated Clearing House to retrieve funds equal to the original loan amount plus interest.
the debit bureaus are prevented from validating
and/or whether or not funds are available in it. Since these services
account number and whether the account is open,
funds will be accessible on the agreed upon date.
Evolving
It is during that period of time between disbursement and collection that a lender’s risk, if it wasn’t managed
ly prior to loan origination, can quickly become realized as a fraud loss. Fraudsters whose applications
successfully pass the underwriting test will simply take the money and run. By then, the lender has little choice but
this weakness, fraud against short
whole teams of participants in multiple locations with multiple devices submitting loan
applications to a lender’s website, and then coordinating effo
The manner of attacks aimed at lenders of all sorts (in credit card, HELOC,
ingenuity, too, as customer acquisition has moved to the Web. Just as le
able to leverage internet technology to automate a portion of the application process, so have fraudsters.
vulnerabilities have been identified, computing scripts that enable automated application submission on lenders’
been exploited by organized criminals
he potential for extremely high-velocity attacks that seek to overwhelm underwriters with sheer volume in
hopes that some fraudulent loan application
Mobile devices have further complicated the issue, since many online lenders’ counter
upon the geolocation of an applicant’s Internet Protocol
rk when tracking PCs, tablets and smartphones
Schemes that involve several malevolent actors
Identification as an Effective Fraud Deterrent
To augment the declining effectiveness of common tools in anti
have begun to implement functionality that reaches beyond the location of the user’s internet server
he use of proxy servers to mask a fraudster’s true location
Online lenders’ products are typically secured by the borrower’s future paychecks and the promise that funds will
be available in their checking accounts on a specific date. The l
reports and bank account validation services from so-called “debit bureaus” such as Early Warning Services or FIS,
but there are still those that try to game the system. Once the applicant has been approve
funds have been disbursed, the lender waits until the agreed upon date and debits the borrower’s bank account
via the Automated Clearing House to retrieve funds equal to the original loan amount plus interest.
the debit bureaus are prevented from validating
or whether or not funds are available in it. Since these services
account number and whether the account is open, the lender is essentially taking the word of the borrower that
funds will be accessible on the agreed upon date.
It is during that period of time between disbursement and collection that a lender’s risk, if it wasn’t managed
ly prior to loan origination, can quickly become realized as a fraud loss. Fraudsters whose applications
successfully pass the underwriting test will simply take the money and run. By then, the lender has little choice but
this weakness, fraud against short
of participants in multiple locations with multiple devices submitting loan
and then coordinating effo
The manner of attacks aimed at lenders of all sorts (in credit card, HELOC,
, too, as customer acquisition has moved to the Web. Just as le
able to leverage internet technology to automate a portion of the application process, so have fraudsters.
omputing scripts that enable automated application submission on lenders’
been exploited by organized criminals with reams of s
velocity attacks that seek to overwhelm underwriters with sheer volume in
hopes that some fraudulent loan applications get approved.
Mobile devices have further complicated the issue, since many online lenders’ counter
upon the geolocation of an applicant’s Internet Protocol (IP)
ablets and smartphones
Schemes that involve several malevolent actors can introduce additional complexity as more devices enter the
as an Effective Fraud Deterrent
common tools in anti
have begun to implement functionality that reaches beyond the location of the user’s internet server
he use of proxy servers to mask a fraudster’s true location
Online lenders’ products are typically secured by the borrower’s future paychecks and the promise that funds will
be available in their checking accounts on a specific date. The lender also screens applicants using credit bureau
called “debit bureaus” such as Early Warning Services or FIS,
but there are still those that try to game the system. Once the applicant has been approve
funds have been disbursed, the lender waits until the agreed upon date and debits the borrower’s bank account
via the Automated Clearing House to retrieve funds equal to the original loan amount plus interest.
the debit bureaus are prevented from validating
or whether or not funds are available in it. Since these services
the lender is essentially taking the word of the borrower that
It is during that period of time between disbursement and collection that a lender’s risk, if it wasn’t managed
ly prior to loan origination, can quickly become realized as a fraud loss. Fraudsters whose applications
successfully pass the underwriting test will simply take the money and run. By then, the lender has little choice but
this weakness, fraud against short-term lenders has
of participants in multiple locations with multiple devices submitting loan
and then coordinating efforts once vulnerabilities have been determined
The manner of attacks aimed at lenders of all sorts (in credit card, HELOC,
, too, as customer acquisition has moved to the Web. Just as le
able to leverage internet technology to automate a portion of the application process, so have fraudsters.
omputing scripts that enable automated application submission on lenders’
with reams of stolen or synthetic identities.
velocity attacks that seek to overwhelm underwriters with sheer volume in
s get approved.
Mobile devices have further complicated the issue, since many online lenders’ counter
(IP) address to stop submissions from risky locales.
ablets and smartphones can help fraudsters to effectively hide their locations.
can introduce additional complexity as more devices enter the
as an Effective Fraud Deterrent
common tools in anti-fraud solutions, such as
have begun to implement functionality that reaches beyond the location of the user’s internet server
he use of proxy servers to mask a fraudster’s true location was the inspiration for the deployment of
Online lenders’ products are typically secured by the borrower’s future paychecks and the promise that funds will
ender also screens applicants using credit bureau
called “debit bureaus” such as Early Warning Services or FIS,
but there are still those that try to game the system. Once the applicant has been approve
funds have been disbursed, the lender waits until the agreed upon date and debits the borrower’s bank account
via the Automated Clearing House to retrieve funds equal to the original loan amount plus interest.
the debit bureaus are prevented from validating either the name associated with a
or whether or not funds are available in it. Since these services
the lender is essentially taking the word of the borrower that
It is during that period of time between disbursement and collection that a lender’s risk, if it wasn’t managed
ly prior to loan origination, can quickly become realized as a fraud loss. Fraudsters whose applications
successfully pass the underwriting test will simply take the money and run. By then, the lender has little choice but
term lenders has become
of participants in multiple locations with multiple devices submitting loan
rts once vulnerabilities have been determined
The manner of attacks aimed at lenders of all sorts (in credit card, HELOC, and others, not only short
, too, as customer acquisition has moved to the Web. Just as le
able to leverage internet technology to automate a portion of the application process, so have fraudsters.
omputing scripts that enable automated application submission on lenders’
tolen or synthetic identities.
velocity attacks that seek to overwhelm underwriters with sheer volume in
Mobile devices have further complicated the issue, since many online lenders’ counter
to stop submissions from risky locales.
help fraudsters to effectively hide their locations.
can introduce additional complexity as more devices enter the
as an Effective Fraud Deterrent
fraud solutions, such as
have begun to implement functionality that reaches beyond the location of the user’s internet server
was the inspiration for the deployment of
Online lenders’ products are typically secured by the borrower’s future paychecks and the promise that funds will
ender also screens applicants using credit bureau
called “debit bureaus” such as Early Warning Services or FIS,
but there are still those that try to game the system. Once the applicant has been approved for a loan and the
funds have been disbursed, the lender waits until the agreed upon date and debits the borrower’s bank account
via the Automated Clearing House to retrieve funds equal to the original loan amount plus interest.
the name associated with a
or whether or not funds are available in it. Since these services only confirm the
the lender is essentially taking the word of the borrower that
It is during that period of time between disbursement and collection that a lender’s risk, if it wasn’t managed
ly prior to loan origination, can quickly become realized as a fraud loss. Fraudsters whose applications
successfully pass the underwriting test will simply take the money and run. By then, the lender has little choice but
become organized.
of participants in multiple locations with multiple devices submitting loan
rts once vulnerabilities have been determined
, not only short
, too, as customer acquisition has moved to the Web. Just as lenders have been
able to leverage internet technology to automate a portion of the application process, so have fraudsters.
omputing scripts that enable automated application submission on lenders’
tolen or synthetic identities. Such exploits
velocity attacks that seek to overwhelm underwriters with sheer volume in
Mobile devices have further complicated the issue, since many online lenders’ counter-fraud tactics
to stop submissions from risky locales.
help fraudsters to effectively hide their locations.
can introduce additional complexity as more devices enter the
fraud solutions, such as IP geolocation
have begun to implement functionality that reaches beyond the location of the user’s internet server
was the inspiration for the deployment of
Online lenders’ products are typically secured by the borrower’s future paychecks and the promise that funds will
ender also screens applicants using credit bureau
called “debit bureaus” such as Early Warning Services or FIS,
d for a loan and the
funds have been disbursed, the lender waits until the agreed upon date and debits the borrower’s bank account
In order to
the name associated with a
only confirm the
the lender is essentially taking the word of the borrower that
It is during that period of time between disbursement and collection that a lender’s risk, if it wasn’t managed
ly prior to loan origination, can quickly become realized as a fraud loss. Fraudsters whose applications
successfully pass the underwriting test will simply take the money and run. By then, the lender has little choice but
organized. Fraud rings
of participants in multiple locations with multiple devices submitting loan
rts once vulnerabilities have been determined.
, not only short-term) has
nders have been
able to leverage internet technology to automate a portion of the application process, so have fraudsters. Once
omputing scripts that enable automated application submission on lenders’
Such exploits
velocity attacks that seek to overwhelm underwriters with sheer volume in
fraud tactics have hinged
to stop submissions from risky locales. While
help fraudsters to effectively hide their locations.
can introduce additional complexity as more devices enter the
IP geolocation, lenders
have begun to implement functionality that reaches beyond the location of the user’s internet server. As an
was the inspiration for the deployment of
5
called “debit bureaus” such as Early Warning Services or FIS,
successfully pass the underwriting test will simply take the money and run. By then, the lender has little choice but
velocity attacks that seek to overwhelm underwriters with sheer volume in
While
Managing Fraud Risk in Online Lending A Mercator Advisory Group
© 2012
Managing Fraud Risk in Online LendingA Mercator Advisory Group
Mercator Advisory Group, Inc.
proxy piercing services such as iovation’s Real IP service. New generation device identification solutions take fraud
detection a step further by
device
operating system,
internet server.
Device identity and reputation
identity of the device that is involved in an online interaction, an
interactions themselves,
Then
involvement in fraud
iovation
customers of the vendo
between
In another example of how
a lender may track the velocity of web interactions on its site coming from unique
loan applications from potential borrowers using multiple identities.
to modify business rules to adapt to fraud schemes as they evolve
Other members of the online lending ecosystem
identification technology,
partner with short
identification
account
protect against lost revenue resulting from fraud as well as present more value to lending partners.
Managing Fraud Risk in Online LendingA Mercator Advisory Group Executive Brief
Mercator Advisory Group, Inc.
proxy piercing services such as iovation’s Real IP service. New generation device identification solutions take fraud
detection a step further by
device’s interaction with
operating system,
internet server.
Device identity and reputation
identity of the device that is involved in an online interaction, an
interactions themselves,
Then, if the device
involvement in fraud
ovation, for example,
customers of the vendo
between customers across a wide range of industries
In another example of how
a lender may track the velocity of web interactions on its site coming from unique
loan applications from potential borrowers using multiple identities.
to modify business rules to adapt to fraud schemes as they evolve
Other members of the online lending ecosystem
identification technology,
partner with short
identification as contractual obligations have arisen to allow lenders to share fraud los
account that has
protect against lost revenue resulting from fraud as well as present more value to lending partners.
Managing Fraud Risk in Online Lending Executive Brief Sponsored by
proxy piercing services such as iovation’s Real IP service. New generation device identification solutions take fraud
detection a step further by both understanding the globally unique identity of a device and by
’s interaction with the lenders’ site.
operating system, IP address,
Device identity and reputation
identity of the device that is involved in an online interaction, an
interactions themselves, a matrix of associations can be revealed that would otherwise remain hidden to analysis.
, if the device (or any device that it is related to in the association matrix)
involvement in fraud or abusive behaviors
, for example, maintains a unique shared database that is
customers of the vendor’s device
customers across a wide range of industries
In another example of how device identity and reputation can be valu
a lender may track the velocity of web interactions on its site coming from unique
loan applications from potential borrowers using multiple identities.
to modify business rules to adapt to fraud schemes as they evolve
Other members of the online lending ecosystem
identification technology, such as
partner with short-term lenders
as contractual obligations have arisen to allow lenders to share fraud los
that has gone bad. Ensuring that leads represent solid, low
protect against lost revenue resulting from fraud as well as present more value to lending partners.
Sponsored by iovation
proxy piercing services such as iovation’s Real IP service. New generation device identification solutions take fraud
both understanding the globally unique identity of a device and by
the lenders’ site. This
IP address, default language, web br
Device identity and reputation is useful for fraud prevention in
identity of the device that is involved in an online interaction, an
a matrix of associations can be revealed that would otherwise remain hidden to analysis.
(or any device that it is related to in the association matrix)
or abusive behaviors, the
maintains a unique shared database that is
r’s device reputation
customers across a wide range of industries
device identity and reputation can be valu
a lender may track the velocity of web interactions on its site coming from unique
loan applications from potential borrowers using multiple identities.
to modify business rules to adapt to fraud schemes as they evolve
Other members of the online lending ecosystem
such as marketing partners that fi
term lenders, credit card issuers, and other types of firms
as contractual obligations have arisen to allow lenders to share fraud los
bad. Ensuring that leads represent solid, low
protect against lost revenue resulting from fraud as well as present more value to lending partners.
proxy piercing services such as iovation’s Real IP service. New generation device identification solutions take fraud
both understanding the globally unique identity of a device and by
This process includes analysis of
default language, web browser, and the time differential between the device and the
fraud prevention in
identity of the device that is involved in an online interaction, an
a matrix of associations can be revealed that would otherwise remain hidden to analysis.
(or any device that it is related to in the association matrix)
the lender can make immediate decisions on that information
maintains a unique shared database that is
reputation services. The database
customers across a wide range of industries using a secure online forum and social platform
device identity and reputation can be valu
a lender may track the velocity of web interactions on its site coming from unique
loan applications from potential borrowers using multiple identities.
to modify business rules to adapt to fraud schemes as they evolve
Other members of the online lending ecosystem have also
marketing partners that fi
, credit card issuers, and other types of firms
as contractual obligations have arisen to allow lenders to share fraud los
bad. Ensuring that leads represent solid, low
protect against lost revenue resulting from fraud as well as present more value to lending partners.
proxy piercing services such as iovation’s Real IP service. New generation device identification solutions take fraud
both understanding the globally unique identity of a device and by
includes analysis of
owser, and the time differential between the device and the
fraud prevention in multiple
identity of the device that is involved in an online interaction, and also understanding commonalities between the
a matrix of associations can be revealed that would otherwise remain hidden to analysis.
(or any device that it is related to in the association matrix)
can make immediate decisions on that information
maintains a unique shared database that is at the core of its service and is
The database exposes fraud and abuse that is shared
using a secure online forum and social platform
device identity and reputation can be valuable to the online fraud prevention process
a lender may track the velocity of web interactions on its site coming from unique
loan applications from potential borrowers using multiple identities. iovation’s
to modify business rules to adapt to fraud schemes as they evolve.
also found success in combating fraud by using device
marketing partners that filter leads for lenders. Online marketing firms that
, credit card issuers, and other types of firms
as contractual obligations have arisen to allow lenders to share fraud los
bad. Ensuring that leads represent solid, low-risk prospects, marketing firms can both
protect against lost revenue resulting from fraud as well as present more value to lending partners.
proxy piercing services such as iovation’s Real IP service. New generation device identification solutions take fraud
both understanding the globally unique identity of a device and by
includes analysis of attributes such as the device’s
owser, and the time differential between the device and the
multiple ways. By understanding the unique
understanding commonalities between the
a matrix of associations can be revealed that would otherwise remain hidden to analysis.
(or any device that it is related to in the association matrix) has a previ
can make immediate decisions on that information
at the core of its service and is
exposes fraud and abuse that is shared
using a secure online forum and social platform
able to the online fraud prevention process
a lender may track the velocity of web interactions on its site coming from unique and related
iovation’s tools, as an
found success in combating fraud by using device
lter leads for lenders. Online marketing firms that
, credit card issuers, and other types of firms have become active users of device
as contractual obligations have arisen to allow lenders to share fraud los
risk prospects, marketing firms can both
protect against lost revenue resulting from fraud as well as present more value to lending partners.
proxy piercing services such as iovation’s Real IP service. New generation device identification solutions take fraud
both understanding the globally unique identity of a device and by looking
attributes such as the device’s
owser, and the time differential between the device and the
By understanding the unique
understanding commonalities between the
a matrix of associations can be revealed that would otherwise remain hidden to analysis.
has a previous history of
can make immediate decisions on that information
at the core of its service and is accessible to
exposes fraud and abuse that is shared
using a secure online forum and social platform
able to the online fraud prevention process
and related devices and decline
, as an example,
found success in combating fraud by using device
lter leads for lenders. Online marketing firms that
have become active users of device
as contractual obligations have arisen to allow lenders to share fraud losses with the originator of an
risk prospects, marketing firms can both
protect against lost revenue resulting from fraud as well as present more value to lending partners.
proxy piercing services such as iovation’s Real IP service. New generation device identification solutions take fraud
looking at the entire
attributes such as the device’s
owser, and the time differential between the device and the
By understanding the unique
understanding commonalities between the
a matrix of associations can be revealed that would otherwise remain hidden to analysis.
ous history of
can make immediate decisions on that information.
accessible to
exposes fraud and abuse that is shared
using a secure online forum and social platform.
able to the online fraud prevention process,
devices and decline
example, allow lenders
found success in combating fraud by using device
lter leads for lenders. Online marketing firms that
have become active users of device
e originator of an
risk prospects, marketing firms can both
6
proxy piercing services such as iovation’s Real IP service. New generation device identification solutions take fraud
at the entire
owser, and the time differential between the device and the
understanding commonalities between the
a matrix of associations can be revealed that would otherwise remain hidden to analysis.
,
devices and decline
allow lenders
e originator of an
Managing Fraud Risk in Online Lending A Mercator Advisory Group
© 2012
Managing Fraud Risk in Online LendingA Mercator Advisory Group
Mercator Advisory Group, Inc.
Case Study
A
device reputation technology, s
Fraud Challenges
Fraud rings
Internal fraud tools were unable to stop sophisticated fraud initiated by various devices
and tablets
review queues for fraud analysts
processes
Solution Requirements
The lender needed r
loan products, and
by drilling down into fraud ring activity details
threats
Results Using Device
Wit
was presently active
using
other
Conclusion
Online lenders are in need of robust and cost
that have not already implemented them will likely experience greater losses as fraudsters migrate to the path of
least resistance.
short
credit product.
lenders should strongly consider incorporating
Managing Fraud Risk in Online LendingA Mercator Advisory Group Executive Brief
Mercator Advisory Group, Inc.
Case Study
A leading developer of next generation financial solutions prevents sophisticated loan fraud by utilizing
device reputation technology, s
Fraud Challenges
Fraud rings targeted the lender,
Internal fraud tools were unable to stop sophisticated fraud initiated by various devices
and tablets. The inability to identify, investigate
review queues for fraud analysts
processes.
Solution Requirements
The lender needed r
loan products, and
by drilling down into fraud ring activity details
threats.
Results Using Device
Within twenty minutes of implementing iovation’s ReputationManager 360
was presently active
using comprehensive
other more pressing
Conclusion
Online lenders are in need of robust and cost
that have not already implemented them will likely experience greater losses as fraudsters migrate to the path of
least resistance.
short-term lending businesses, and in any instance when the Web is used as a customer acquisition channel for a
credit product.
lenders should strongly consider incorporating
Managing Fraud Risk in Online Lending Executive Brief Sponsored by
Case Study
leading developer of next generation financial solutions prevents sophisticated loan fraud by utilizing
device reputation technology, s
Fraud Challenges
targeted the lender,
Internal fraud tools were unable to stop sophisticated fraud initiated by various devices
The inability to identify, investigate
review queues for fraud analysts
Solution Requirements
The lender needed real-time fraud detection that
loan products, and that reduce
by drilling down into fraud ring activity details
Results Using Device Reputation
minutes of implementing iovation’s ReputationManager 360
was presently active on its web
comprehensive device reputation tools
more pressing priorities
Conclusion
Online lenders are in need of robust and cost
that have not already implemented them will likely experience greater losses as fraudsters migrate to the path of
least resistance. Mercator Advisory Group recommends a layered approach to fraud risk management in online
nding businesses, and in any instance when the Web is used as a customer acquisition channel for a
credit product. Given the recent successes that device identification
lenders should strongly consider incorporating
Sponsored by iovation
leading developer of next generation financial solutions prevents sophisticated loan fraud by utilizing
device reputation technology, saving the firm $5M a
targeted the lender, daily creating hundreds of new
Internal fraud tools were unable to stop sophisticated fraud initiated by various devices
The inability to identify, investigate
review queues for fraud analysts on a daily basis, which negatively impacted the lender’s risk management
Solution Requirements
time fraud detection that
reduced manual review queues
by drilling down into fraud ring activity details
Reputation
minutes of implementing iovation’s ReputationManager 360
its website. The firm is n
reputation tools
priorities.
Online lenders are in need of robust and cost
that have not already implemented them will likely experience greater losses as fraudsters migrate to the path of
Mercator Advisory Group recommends a layered approach to fraud risk management in online
nding businesses, and in any instance when the Web is used as a customer acquisition channel for a
Given the recent successes that device identification
lenders should strongly consider incorporating
leading developer of next generation financial solutions prevents sophisticated loan fraud by utilizing
ing the firm $5M annually
creating hundreds of new
Internal fraud tools were unable to stop sophisticated fraud initiated by various devices
The inability to identify, investigate, and stop fraud activities in real
on a daily basis, which negatively impacted the lender’s risk management
time fraud detection that could handle
manual review queues. Analysts
by drilling down into fraud ring activity details, and to set up and adjust business rules on the fly to react to new
minutes of implementing iovation’s ReputationManager 360
The firm is now saving $5 million in annual losses with early fraud detection
reputation tools. Real-time monitoring allows
Online lenders are in need of robust and cost-effective risk mitigation and fraud prevention
that have not already implemented them will likely experience greater losses as fraudsters migrate to the path of
Mercator Advisory Group recommends a layered approach to fraud risk management in online
nding businesses, and in any instance when the Web is used as a customer acquisition channel for a
Given the recent successes that device identification
lenders should strongly consider incorporating this functionality into existing fraud prevention processes
leading developer of next generation financial solutions prevents sophisticated loan fraud by utilizing
nnually.
creating hundreds of new accounts with stolen
Internal fraud tools were unable to stop sophisticated fraud initiated by various devices
and stop fraud activities in real
on a daily basis, which negatively impacted the lender’s risk management
could handle information
Analysts needed to
et up and adjust business rules on the fly to react to new
minutes of implementing iovation’s ReputationManager 360
ow saving $5 million in annual losses with early fraud detection
time monitoring allows
effective risk mitigation and fraud prevention
that have not already implemented them will likely experience greater losses as fraudsters migrate to the path of
Mercator Advisory Group recommends a layered approach to fraud risk management in online
nding businesses, and in any instance when the Web is used as a customer acquisition channel for a
Given the recent successes that device identification and reputation
this functionality into existing fraud prevention processes
leading developer of next generation financial solutions prevents sophisticated loan fraud by utilizing
accounts with stolen or synthetic
Internal fraud tools were unable to stop sophisticated fraud initiated by various devices
and stop fraud activities in real-time re
on a daily basis, which negatively impacted the lender’s risk management
information from multiple bra
needed to be able to p
et up and adjust business rules on the fly to react to new
minutes of implementing iovation’s ReputationManager 360, the lender
ow saving $5 million in annual losses with early fraud detection
time monitoring allows the firm’s fraud analysts to focus on
effective risk mitigation and fraud prevention
that have not already implemented them will likely experience greater losses as fraudsters migrate to the path of
Mercator Advisory Group recommends a layered approach to fraud risk management in online
nding businesses, and in any instance when the Web is used as a customer acquisition channel for a
and reputation solutions have attained,
this functionality into existing fraud prevention processes
leading developer of next generation financial solutions prevents sophisticated loan fraud by utilizing
or synthetic identities
Internal fraud tools were unable to stop sophisticated fraud initiated by various devices, including smart phones
time resulted in extremely large
on a daily basis, which negatively impacted the lender’s risk management
multiple brands, websites and
be able to perform forensic analysis
et up and adjust business rules on the fly to react to new
the lender stopped a fraud ring
ow saving $5 million in annual losses with early fraud detection
fraud analysts to focus on
effective risk mitigation and fraud prevention solutions, and those
that have not already implemented them will likely experience greater losses as fraudsters migrate to the path of
Mercator Advisory Group recommends a layered approach to fraud risk management in online
nding businesses, and in any instance when the Web is used as a customer acquisition channel for a
solutions have attained,
this functionality into existing fraud prevention processes
leading developer of next generation financial solutions prevents sophisticated loan fraud by utilizing iovation’s
identities.
including smart phones
sulted in extremely large
on a daily basis, which negatively impacted the lender’s risk management
nds, websites and
erform forensic analysis
et up and adjust business rules on the fly to react to new
stopped a fraud ring that
ow saving $5 million in annual losses with early fraud detection
fraud analysts to focus on
solutions, and those
that have not already implemented them will likely experience greater losses as fraudsters migrate to the path of
Mercator Advisory Group recommends a layered approach to fraud risk management in online
nding businesses, and in any instance when the Web is used as a customer acquisition channel for a
solutions have attained,
this functionality into existing fraud prevention processes.
7
Managing Fraud Risk in Online Lending A Mercator Advisory Group
© 2012
Managing Fraud Risk in Online LendingA Mercator Advisory Group
Mercator Advisory Group, Inc.
Copyright Notice
External publication terms for Mercator Advisory Group information and data:
information that is to be used in advertising, press releases, or p
approval from the appropriate Mercator Advisory Group research director. A draft of the proposed document
should accompany any such request. Mercator Advisory Group reserves the right to deny approval of external
usage for any reason.
Copyright 201
Managing Fraud Risk in Online LendingA Mercator Advisory Group Executive Brief
Mercator Advisory Group, Inc.
Copyright Notice
External publication terms for Mercator Advisory Group information and data:
information that is to be used in advertising, press releases, or p
approval from the appropriate Mercator Advisory Group research director. A draft of the proposed document
should accompany any such request. Mercator Advisory Group reserves the right to deny approval of external
usage for any reason.
Copyright 2012, Mercator Advisory Group, Inc. Reproduction without written permission is completely forbidden.
Managing Fraud Risk in Online Lending Executive Brief Sponsored by
Copyright Notice
External publication terms for Mercator Advisory Group information and data:
information that is to be used in advertising, press releases, or p
approval from the appropriate Mercator Advisory Group research director. A draft of the proposed document
should accompany any such request. Mercator Advisory Group reserves the right to deny approval of external
usage for any reason.
, Mercator Advisory Group, Inc. Reproduction without written permission is completely forbidden.
Sponsored by iovation
External publication terms for Mercator Advisory Group information and data:
information that is to be used in advertising, press releases, or p
approval from the appropriate Mercator Advisory Group research director. A draft of the proposed document
should accompany any such request. Mercator Advisory Group reserves the right to deny approval of external
, Mercator Advisory Group, Inc. Reproduction without written permission is completely forbidden.
External publication terms for Mercator Advisory Group information and data:
information that is to be used in advertising, press releases, or p
approval from the appropriate Mercator Advisory Group research director. A draft of the proposed document
should accompany any such request. Mercator Advisory Group reserves the right to deny approval of external
, Mercator Advisory Group, Inc. Reproduction without written permission is completely forbidden.
External publication terms for Mercator Advisory Group information and data:
information that is to be used in advertising, press releases, or promotional materials requires prior written
approval from the appropriate Mercator Advisory Group research director. A draft of the proposed document
should accompany any such request. Mercator Advisory Group reserves the right to deny approval of external
, Mercator Advisory Group, Inc. Reproduction without written permission is completely forbidden.
External publication terms for Mercator Advisory Group information and data: Any Mercator Advisory Group
romotional materials requires prior written
approval from the appropriate Mercator Advisory Group research director. A draft of the proposed document
should accompany any such request. Mercator Advisory Group reserves the right to deny approval of external
, Mercator Advisory Group, Inc. Reproduction without written permission is completely forbidden.
Any Mercator Advisory Group
romotional materials requires prior written
approval from the appropriate Mercator Advisory Group research director. A draft of the proposed document
should accompany any such request. Mercator Advisory Group reserves the right to deny approval of external
, Mercator Advisory Group, Inc. Reproduction without written permission is completely forbidden.
Any Mercator Advisory Group
romotional materials requires prior written
approval from the appropriate Mercator Advisory Group research director. A draft of the proposed document
should accompany any such request. Mercator Advisory Group reserves the right to deny approval of external
, Mercator Advisory Group, Inc. Reproduction without written permission is completely forbidden.
8