Fintech Company Prevents Fraud With Digital Experience Intelligence
US-based online personal finance company providing a suite of financial products including student loan refinancing, mortgages, personal loans, credit card, investing and banking through their mobile app and desktop interfaces to over 7.5M users.
The Fraud and Security team noticed a pattern of suspicious behavior by some users. They suspected these users might be opening multiple accounts to get additional sign up bonuses, launder illicitly obtained money or even commit identity theft.
The Fraud and Security team noticed a pattern of suspicious behavior by some users. They suspected these users might be opening multiple accounts to get additional sign up bonuses, launder illicitly obtained money or even commit identity theft. To mitigate the risk they needed to overcome three challenges:
1. Multiple identities
Fraudsters were using multiple usernames, devices, ip addresses and other tactics to conceal the true scope of their activity. If they were shut down they could simply use a different account to gain access.
2. Timely analysis
The window of time to stop fraudulent activity before the harm was done was short. For example, a sign up bonus for a new account is typically issued within a few business days. That doesn’t give much time for risk analysis.
3. Getting evidence
In order to take action they needed auditable proof that fraud happened. A difficult task when all the activity was happening online.
Glassbox analysts created a digital footprint app that would trace from a single data point all the activities and entities associated with a single user. With this information the fraud and security team could automatically flag suspicious activity in real time, quickly investigate all the associated entities and save relevant session recordings for proof when taking action.
Linking multiple identities
Glassbox captured usernames, device ID’s and IP addresses associated with each session. The information was streamed in real time to the company's data lake and correlated with information on each user from internal data sources. An algorithm continuously scanned the database to map all the connections between each data point.
Real time investigation
In a simple interface, the Fraud and Security team could query on an identifier such as IP address or username and immediately see the other addresses, device ID’s and usernames associated with it. This revealed suspicious patterns such as logging in from multiple devices or even switching between usernames. It also ensured they had all the aliases in one place in case they needed to take action on them.
Auditable digital records
If the team decided to escalate they could then replay associated sessions for visual confirmation. The recordings could also be saved for audit purposes and shared as needed with legal and compliance teams. They could be easily retrieved by searching for any of the associated identifiers.
The digital footprints tool reduced exposure to fraudulent activity, increased efficiency of investigations, and enabled faster and more confident decision making. For example, in one investigation, querying on a single username instantly revealed: 81 other usernames, 35 IPs where this user connected from, and access originating from 15 different devices.
Reduced exposure to fraudulent activity by proactively flagging users with suspicious activity patterns.
Increased efficiency of investigations with access to real time information on the full scope of a users digital footprint.
Enabled faster and more confident decisions based on auditable session recordings.