January 10, 2019
The insurance industry is in the midst of transforming digitally. Insurers worldwide are adopting digital tools to reduce costs, realize operational efficiencies, compete with emerging business models, and deliver streamlined customer experiences.
Digital customers now rely on digital channels to apply for insurance policies, file claims, cash out annuities, add beneficiaries, or take out loans. However, unlike other industries, each step of the customer journey also requires other touchpoints including calling into a contact center or IVR system, live chat, text or email.
Given the complex user journey, insurers not only need to build a digital presence but also find a way to integrate these channels into existing ones. Insurers continue to face operational silos and legacy systems, which fail to provide a cross-channel understanding of their customers, many of which are still learning how to go digital.
The problem is further exacerbated by increased attention from cybercriminals, who have taken notice of the multifaceted insurance landscape which involves several distribution channels, limited customer interactions, and low customer awareness. In a post-breach world, cybercriminals now have access to a plethora of stolen identity credentials, enabling them to masquerade as legitimate users behind the cloak of the internet.
Fraudsters are targeting insurers not only to gain access to customer data but also to gain access to real funds through the annuity and life insurance business. Once fraudsters obtain login credentials through breaches, phishing scams, or other sophisticated attacks, they can takeover legitimate user accounts – converting deferred to immediate annuities, cashing out annuities, or transferring disbursements elsewhere. What makes annuity and retirement accounts so vulnerable is that often times consumers fail to regularly review these types of accounts, as withdrawals are not typically needed until well into the future.
The ability to share information across digital, contact center, and IVR channels is critical for facilitating a streamlined customer experience and reducing fraud, to ensure that not only a customer logging in to make changes is the legitimate trusted user, but also to look across channels to determine for example, whether a user calling the contact center requesting to reset his or her password is truly the legitimate user of the retirement account that they are attempting to access online. Identity assurance across channels ensures that fraudsters are accurately detected and blocked, while legitimate customers enjoy a frictionless experience.
ThreatMetrix Solution for Annuity and Life Insurers
With ThreatMetrix, insurers can determine if a user is who they claim to be regardless of whether they access a digital channel (website, email, live chat, etc.), call center, or IVR system. ThreatMetrix provides insurers with a consolidated view of the user by combining global shared intelligence with internal and external static and dynamic data sources across all channels to more accurately detect fraudulent activity in real time before it impacts the bottom line. ThreatMetrix can reduce risk and streamline the customer experience by:
- Providing a cross-channel view of the customer
ThreatMetrix covers all channels by detecting users attempting to mask the identity of their device or location when logging in or transacting via web browsers. Additionally, API calls to third-party vendors can be invoked via pre-built connectors, enabling insurers to verify phone number attributes such as phone type, carrier, and name/address for customers calling the contact center or IVR system. Spoofed phone numbers can also be detected in real time before a call is answered by verifying whether a call is truly occurring between the phone number displayed and the contact center.
- Streamlining the customer experience
ThreatMetrix passively authenticates returning users without adding friction, enabling insurers to navigate the balancing act of accurately identifying fraudsters, while minimizing friction associated with opening new accounts, changing account information, or taking distributions. Invasive verification strategies often lead to hinderances in business growth and legitimate customers turning to competitors.
- Reducing fraudulent activity
ThreatMetrix market leading fraud solution enables insurers to take a proactive approach, accurately detecting and blocking fraudulent activity in real time. Insurers can automatically reject new account applications using stolen or spoofed identity credentials, block suspicious login attempts, and detect collusive behavior or bad agent activity.
Leveraging User Identity and Behavior Patterns to Detect Threats
ThreatMetrix Smart Analytics provides an extremely powerful way of detecting and analyzing real-time changes in user behavior by using advanced behavioral analytics and machine learning. Based on a user’s history derived from The Network, ThreatMetrix behavioral model uses behavior and metadata for automated detection of user behavior patterns and anomalies. This helps insurers more accurately differentiate between true fraud and changes in legitimate behavior, resulting in a reduction to the step-up frequency without increasing overall risk. The Smart Analytics toolset allows insurers to create custom variables, rules, models and policies to analyze patterns specific to their organization as well as their users, and automate responses for transactions. Transactions that ag as high-risk can be automatically rejected or routed to the appropriate authentication or identity verification service for step-up, while legitimate users experience no friction. Insurers can confidently detect:
- New Account Applications From Legitimate Users: Confidently approve new account openings from legitimate, trusted users; streamlining their online experience and reducing unnecessary friction.
- Transactions From Cybercriminals or Bad Agents: Reject transfers or distributions from known fraudsters. Detect ghost broker activity, legitimate agents engaging in premium misappropriation, or bots performing mass testing of stolen credentials. Also detect multiple identities using a single device, mismatches between identity and location, devices disguising their true locations, and other indicators of identity theft.
- MITM or MITB Malware: Avoid accepting transactions from devices compromised by malware. Use page ngerprinting to detect compromised sessions that may be redirecting or altering transaction information in flight.
- An Unparalleled Network: The ThreatMetrix Digital Identity Network protects 1.4 billion unique online accounts using intelligence harnessed from 2 billion monthly transactions.
- Privacy by Design: ThreatMetrix is unique in its ability to solve the challenge of providing dynamic risk assessment of identities while maintaining data privacy through the use of anonymization and encryption.
- An Integrated Approach to Authentication: Flexibly incorporate real-time event and session data, third-party signals and global intelligence into a single Smart Authentication framework, to deliver a consistent and low-friction experience with reduced challenge rates.
- Advanced Behavioral Analytics and A Clear-box Approach to Machine Learning: ThreatMetrix Smart Analytics analyzes dynamic user behavior to build more accurate, yet simpler, risk models. The result is a competitive edge in customer experience with reduced false positives, while maintaining the lowest possible fraud levels.