Issuing banks and financial institutions lost over $1.6 billion from stolen or synthetic identities used in credit card applications plus an additional $600 million from application fraud on demand deposit accounts (DDAs) last year. These figures were reported by Aite Group, who forecast total application fraud losses to nearly reach $2.8 billion in the United States by 2020.
It is estimated that by 2020 application fraud on new credit card accounts will cause nearly $2.1 billion in fraud losses while application fraud on new DDAs or bank accounts will cost US financial institutions $694 million.
While 19 percent of US adults who were notified of a data breach fell victim to identity fraud last year, more than twice as many children implicated in data breaches experienced identity theft. This resulted in $2.6 billion in total losses associated with child identity fraud, of which $540 million was borne by the victims’ families out-of-pocket.
Javelin Strategy & Research along with Identity Guard recently published the 2018 Child Identity Fraud Study, which found that 11 percent of households with a minor had at least one minor’s identity compromised. The study also pointed out notable differences with identity theft when it impacts children versus adults.
Taking out multiple loans to get more funding than would be approved for any one loan is something that both real consumers do, and fraudsters do when trying to get as much as they can out of a stolen identity. The challenge for online lenders is not just recognizing loan stacking, but recognizing which type of applicant it is. Recent data from a credit bureau shows that higher credit score consumers have higher charge-off rates with loan stacking, likely resulting from the fact that these are the identities fraudsters target to steal and monetize.
With cases of identity theft or the use of “clean” identities, it is difficult to distinguish third party fraud from legitimate consumers. Organizations can track loan or application velocity, but typically can’t see the intent of the applicant, and not all loan stacking is bad. According to data from credit bureau TransUnion comparing consumer loans rated prime, loans that were stacked with others were 3.2 percent more likely to end up in default compared to non-stacked loans. It is expected that the default rate would be higher, as consumers who are loan stacking may over extend, but the default rate isn’t significantly higher compared to single or non-stacked loans.
According to recent data and studies, identity fraud and new account fraud continue to plague both banks and consumers, with 80 percent of fraudulently opened credit card accounts in the U.S. applied for with synthetic identities and new account fraud on payment cards increasing by 11 percent in the UK over the last year.
New account fraud is an issue worldwide. According to Financial Fraud Action UK, a consortium of banks, issuers and acquirers fighting the collective issue of payment fraud, new account application fraud grew to £15.6 million last year, an increase of 11 percent from 2015.
While the number of data breaches that occurred in 2015 stayed nearly the same as from the year before, the number of personal records compromised in data breaches almost doubled to over 169 million, the highest total since 2009. Some of the largest breaches in 2015 were in the health care industry which often included social security numbers and enough information to commit new account fraud. There were over 5 million records compromised in breaches targeting the banking and financial industry, and hackers continued to target merchants and other organizations for email or user ID and password combinations.
The number of data breaches reported by the Identity Theft Resource Center (ITRC) increased each year from 2011 to 2014, before staying flat in 2015 at 781, just about the same number of data breaches as last year (783). The number of sensitive records compromised, however, which can include Social Security numbers, payment card numbers, email/user name/password combinations or Protected Health Information (PHI), nearly doubled from 85.6 million to 169.1 million.
Identity fraud occurred every three seconds in the United States and led to $21 billion dollars in losses in 2012 according to Javelin Strategy & Research’s 2013 Identity Fraud Report.