Fraud Detection in Fintech: How to Detect and Prevent Frauds in the Lending Industry?

Mr. Rohit Arora, CEO & Co-Founder, Biz2Credit & Biz2X

In India, technological advancements have changed financial services and spawned a new industry known as fintech. In the last few years, this industry has grown tremendously in India and around the world. Fintech companies raised $806 million in fundraising between January and August 2021, according to Inc42data, accounting for the second-largest part of the fintech funding pie (18%). It has grown tremendously as a result of simple credit business models like peer-to-peer lending, BNPL, and digital loans. It has also brought in innovation in fintech ancillary businesses and enablers, such as e-KYC, payments gateways, credit scoring, and so on.

The problem The trend in Fintech has caught the attention of both investors and fraudsters, who have devised inventive and innovative ways to defraud the system and make easy money. India scored first with 25.5 billion real-time payments transactions, according to a report by ACI Worldwide, which tracks and analyses real-time payments across 48 worldwide markets. Frauds involving real-time payments are on the rise, according to the report, as fraudsters increasingly target new channels. Identity theft accounted for 11.6 percent of all fraud cases in India, with digital wallet account hacking accounting for 6.2 percent. Phishing/spoofing, identity fraud, account fraud, and transaction fraud are the most common types of digital fraud that businesses encounter. Phishing/Spoofing: In recent years, this has become one of the most common methods, in which targets are approached via email, phone, or text message, posing as a legitimate or trusted source to trick gullible individuals into sharing sensitive data or accessing their company computer networks. The information obtained is then used to acquire access to social media networks, bank accounts, and other financial accounts, resulting in financial loss.

Another tactic is to imitate popular apps, which, if downloaded, can take over all of the data in a matter of seconds; and users that provide sensitive information such as their bank account number, full name, address, and other personal information are vulnerable to identity theft and have their bank accounts emptied of funds. Transaction Frauds: Around 1.4 lakh cases of transaction fraud were reported in FY, resulting in a loss of around 600 crore rupees due to compromised credit and debit cards and net-banking details. When fraudsters use stolen credit cards or identities to make substantial purchases, the amount of time it takes for the firm to authenticate the user legitimacy is usually relatively short. The victim usually reports a loss of funds in their account after the fraud is discovered, and the company compensates the victim, but the scammer usually escapes unnoticed.

Account Fraud: When fraudsters get unauthorized access to a person’s bank account, they take advantage of the chance to empty the account balance. Victims are frequently unaware that their personal information has been stolen until they are informed of the financial loss. Another sort of unique account fraud occurs when clients with good credit decide to conduct fraud by taking out a substantial loan from a bank and then disappearing after
stealing the funds. This type is particularly difficult to detect because determining the intent of the individual seeking a loan is difficult. This is most common when the macroeconomic environment is experiencing difficulties, such as job losses, and people with solid credit histories may resort to such measures out of desperation.

Synthetic Identity Fraud: The most common type of fraud we encounter in fintech loans these days is fraudsters falsifying personal information, often known as Synthetic Identity  Fraud. Fraudsters can now easily obtain personal information such as phone numbers, addresses, ID proofs, and images from social media sites that contain the majority of customers; vital and susceptible data, as well as the deep web. The deep web is the section of the internet that is hidden behind passwords or other security barriers, making it inaccessible to ordinary search engines such as Google, Bing, and others. It is simple to generate and remove digital identities (phone numbers and email addresses). The lack of mapping between these digital IDs and offline IDs, despite various checks, further complicates the situation. The fintech business as a whole operates in a fast-paced climate, which offers lenders little time to analyze their clients; applications, making fraudsters; jobs easier.

Below are the top areas in which Fintech firms are coming up with advanced solutions to detect and prevent frauds.

1. AI-powered KYC – The best time to prevent fraudsters from exploiting the system is to screen them well during onboarding itself. Traditional Banking system employ hundreds of employees to assess borrowers’ income and spending patterns based on the transactions available in their bank statements. But manually going through pages of bank statements is tedious and prone to human errors or, at times, even subjective biases. This is where the automated bank statement analysers, called Bank Secrecy Act (BSA) engines, come to the rescue. A lot of Fintechs are now involved in creating intuitive and dynamic rule-based automated BSA solutions.

2. Prevent payment frauds using multi-factor authentication and biometrics – It’s much harder for a criminal to fool a system that uses a person’s unique physical characteristics. While passwords can be lost and stolen, biometrics serves as an additional barrier for fraudsters to overcome. And although biometrics could also be faked sometimes but forging biometrics takes much more time and is very expensive, unlike hacking static login credentials.

3. Advanced Transaction Monitoring and Instant Notification – It is vital to trace customers’ transactional behaviour. If any abnormal transactional history is found, the transaction is to be allowed only after additional authorisation from the customer. AI and Machine Learning play a crucial role in gathering behavioural data which can determine if these patterns are likely fraudulent. If a high probability of fraud exists, your system must be able to instantly report it to you via suspicious alerts — and in some cases block the account from further transactions. The more transparent your client’s behavioural portrait is, the less likely its for you to miss out on fraud.

4. Basic Web Safety – It is very important to educate your clients about security basics. Like leaving cards exposed, clicking on unfamiliar links, opening digital wallets by connecting to public WiFi, etc. These basic preventive measures can save you from Fintech frauds to a larger extent.

Conclusion
A good fraud detection and prevention system should be able to spot fraudulent transactions and flag them for further investigation. Fraud detection and prevention is a continuous process. Fintech is evolving with the advent of novel technologies that leverage Artificial Intelligence to prevent and detect fraud, much like how fraudsters are constantly devising new ways to defraud financial institutions. Detecting and preventing fraud is a continuous effort. In the fintech industry, modern-day technologies like machine learning (ML) and artificial intelligence (AI) are effective for fraud detection and prevention. As technology advances, financial institutions that use these technologies will develop and become more successful, helping the finance sector to build a safe and secure digital wall against fraudsters. Also, one must keep a note that preventing fraud does not have a one- size-fits-all answer. Companies must continue to learn and update themselves regularly to stay ahead of the game.