A Case Study In Insurance Fraud Detection & Prevention
Below is a case study of how a UK insurance provider significantly reduced their fraud risk from persistent cyber criminals using the advanced fraud detection and prevention solutions offered by iovation a leading provider of fraud prevention software solutions.
Matt Gilham, Head of Financial Crime at esure, one of the UK’s leading providers of motor and home insurance products discusses how his company has reduced insurance fraud using iovation fraud detection/prevention software. Just like other UK insurers today, esure gets the majority of its new policy applications through insurance aggregation websites like Gocompare.com (Goco). The rise of digital applications for insurance policies brought with it an increasing number of bad policies. That led Gilham to add device recognition to his application fraud-fighting stack in late 2013.
After implementing iovation’s realtime blocking, we reduced the volume of fraud attacking us by 70%.
Matt Gilham Head of Financial Crime
Since that proof of concept, esure has continuously raised their guard against fraudsters without impacting the experience for its legitimate customers. The opportunists have gone elsewhere, but the better-organised and -funded rings have increased the sophistication of their tactics.
When esure added real-time blocking of devices applying for motor insurance on their site, the fraudsters turned to the aggregators to solicit quotes and submit applications. Then, esure and Goco – another iovation user – teamed up to create business rules that stopped bad devices from viewing esure’s policy quotes on the aggregator’s site. esure enjoyed a lull in its fraud rate for months after each change. But the fraudsters would not go away.
Over the phone, synthetic identities would be denied by esure’s identity and financial stress scoring services, but the stolen Personal Data of a reputable victim would slip through. As soon as the call center agent incepted the policy, the fraudster would receive an automatic email with a link to download the policy documents. Then, it was just a matter of time before a bad claim or a distraught ghost-broking victim would follow.
Using Device Recognition To Stop Insurance Fraud
While the fraudsters could change the ways they applied for esure’s policies, and use stolen PII to pass identity checks, they were still reliant on an Internet-connected device to conduct their business. That single point in the process remains fraudsters’ weakness; thanks to iovation.
iovation’s device recognition technology uses thousands of permutations of device attributes to identify a device instantly and continue to recognize it over time. (Coincidentally, this feature complements the GDPR’s mandates for data minimization and privacy by design.).
When any of iovation’s 4,000-plus Community of users encounters fraud from a device visiting their site, they place specific evidence of fraud against the device in iovation’s database of over 4.7 billion devices, the world’s richest.
Every anti-fraud professional involved is intrinsically motivated to add the highest quality of evidence to iovation’s 47 million reports of fraud and abuse.
“The evidence from iovation’s Intelligence Center helps my investigators to confirm their suspicions about the devices associated with dubious policies or claims,” says Gilham.
With more than 40 evidence types to choose from – ranging from reports placed against a device to technical anomalies like Tor nodes and proxy servers – Gilham and his team can create endless combinations of compound rules to sharpen their transaction decisioning process. Rules can be tuned in real time for immediate and precise control over how each visiting device will be treated.
“Back in 2013 iovation was the standout option,” Gilham explains. “That hasn’t changed. The unique device ID allows us to identify and monitor suspect devices and accounts with exquisite precision. We get more value out of iovation’s Intelligence Center with every insurer that joins. Most critically, we can quickly adapt our implementation of iovation as fraudsters shift their tactics.”
After discovering the ‘call center loophole’ that fraudsters were exploiting, esure created a portal for customers’ documents. This was a convenient, secure place for honest customers to access and store their documents in the cloud. For fraudsters, it was the end of the line. If they tried to register an account or log in with a hot device, iovation’s business rules stopped them cold.
“Since we began blocking bad devices at the portal, our fraud rate has decreased by a solid 40%. It’s somewhat counter intuitive, but we’ve seen a drastic reduction of telephony fraud due to having iovation on the web,” says Gilham.