A study from digital identity experts iProov shows that consumers in both the US and UK believe the threat of cybercrime is rising even as their ability to spot fraudulent items has decreased. More damagingly for the payments industry, British and American consumers also feel current measures to combat online fraud are not effective.
These findings are confirmed in a separate study from Lexis Nexus Risk Solutions, which shows cybercrime and fraud attacks by “bots” (automated fraud attacks) at account opening rising across EMEA and North America in the first half of 2020.
iProov’s study says 88 percent of consumers in the US and UK think that cybercrime threats are growing, and 72 percent think securing identity online is now more important than ever, with 46 percent concerned that cyber-crime could affect someone they know.
Despite these concerns, very few are familiar with the fast-rising phenomenon of deepfakes, in which videos, images (such as government ID) or audio recordings that have been distorted to incorrectly represent an individual.
Deepfakes are created using artificial neural networks, which means that they can be easily produced to look authentic and convincing.
Although deepfakes have been used for social sharing and entertainment, they have also been employed in hoaxes, revenge , and increasingly, fraud and impersonation relating to digital identity.
Recent allegations of deepfaking during the run-up to the 2020 US election led Facebook to commit to a ban on all use of deepfakes, even for entertainment purposes, in January 2020.
Although 81 percent of consumers recognise that biometrics are the next wave of protection in payments and financial services, 52 percent understand that fake ID could be used to set up accounts in their name, and 46 percent are concerned that fake ID will be used to steal their money or that of someone they know.
iProov argue that more sophisticated biometric methods such as secure facial scanning and recognition are required if anti-fraud measures are to continue to be successful.
LexisNexis confirms automated fraud on the rise
Although human-initiated fraud attacks are declining across developed economies, a study from LexisNexis has confirmed the consumer concerns in iProov’s study about automated online attacks. According to LexisNexis, desktop transactions conducted from EMEA had a higher attack rate than the global average and automated bot attack volume grew by 45 percent between 2019 and 2020.
The UK originates the highest volume of human-initiated cyberattacks in EMEA, with Germany and France second and third in the region. The UK is also the second largest contributor to global bot attacks behind the US, with one UK banking fraud network attack accounting for more than $17 million in fraud exposure across 10 financial institutions.
As passwords and One-Time Passcodes (OTP) become increasingly at risk of compromise, our industry is turning to biometrics as the next great hope for online authentication. As the two studies reviewed above reveal, however, consumer “herd” instincts are once more proving correct, with automated attacks on accounts, especially at account creation, up by almost half in the last year.
More sophisticated biometric solutions may be the answer – but these will matter little if they are not the subject of strong encryption. Additionally, strong biometrics need to be offered to the market at a sensible price point if they are to be adopted – as well as being readily interoperable with existing banking and payments systems.
A final issue with the widespread adoption of biometrics is the time authentication takes with these systems. Last year, we heard that step-up authentication using 3DS v2 could take as long as six seconds; the authentication of dynamic imaging and other biometrics needs to be much quicker than that if consumers are to adopt it willingly.