Identity Spoofing is No Joke in the Insurance Industry

Posted April 10, 2017

Identity Spoofing is No Joke in the Insurance Industry

When it comes to identity fraud, the term “spoofing” doesn’t quite capture the menace, now does it?

More akin to a prank or a hoax, the dictionary definition of “spoof” is “a trick played on someone as a joke.” But, for insurers, contending with the damage done by identity spoofing and fraud is anything but a joke.

Proof of Life

The biggest obstacle to spotting fraudulent identities is the very definition of “identity.”

Thanks to countless data breaches, nearly 6 billion personal files have been stolen in the past few years, and, on average, nearly 1.9 million more are compromised each day.

As a result, outdated “static” forms of personal identity information (PII) have been rendered inadequate on their own.

Stolen user IDs, passwords, names, addresses, Social Security numbers, credit card numbers, medical records and even answers to challenge questions and PIN codes are widely available on the dark web.

With these compromised identities in hand, fraudsters can receive medical care on someone else’s dime, or file false auto claims. In the case of ghost brokers, they can even sign other people up for policies without their knowledge to score commissions.

To stem the tide, a growing number of insurers are turning to a new generation of “digital identity” solutions that combine static identity data with dynamic, shared intelligence to determine which identities (or even just portions of identities) are being exploited by fraudsters.

Proof or Spoof? Five Ways to Find a Fake

Here are just a few ways insurers spot spoofed identities with the help of new digital identity intelligence and advanced analytics capabilities:

  1. Completeness: Incomplete information on policy applications can be a sign that only a partial identity has been appropriated. New or scant social media profiles can also be a sign an identity is being spoofed.
  1. Mismatches: Digital identity intelligence can check for inconsistencies, such as age, address, email, phone number, devices and other elements associated with an identity.
  1. Location: The best systems determine if devices used for an application or claim are hidden behind proxies or VPN servers to spoof location and true identity.
  1. Reputation: Access to shared, global threat intelligence determines if an identity has been associated with fraud, or if there have been changes in online behavior or other associations that may signal identity fraud.
  1. Velocity: Changes in velocity of insurance usage or claims can indicate an identity is being exploited.

One Is a Lonely Number

As a growing number of insurers are learning, even in the here and now, the point of digital identity solutions is to acknowledge that, in isolation, any single identity element is falsifiable.

By correlating a single element with a dynamic mosaic of hundreds of others that comprise an “identity,” insurers may soon gain something new in the fight against identity fraud—the upper hand.

No spoof.




ThreatMetrix Team

ThreatMetrix Team

close btn