Digital-first businesses more willing to accept some fraud

Of businesses that are prepared to accept some degree of fraud during the customer onboarding process, those that were set up within the last 20 years or so will accept a higher rate of fraud than their more established peers, according to a report compiled for Onfido, a provider of automated identity verification and authentication services.

The firm conducted a study of executives from businesses across the UK and US and found that 75% of businesses were willing to accept small volumes of fraud, and of those, 49% said they could live with a rate of 5% or more. This rose to 59% among businesses established since the turn of the century – 24% more than organisations established before that.

Onfido’s chief product officer, Yuelin Li, said this was to some extent the result of changing priorities among digital-first businesses. She told Computer Weekly: “At the point of onboarding, digital transformers and newer companies have their own business goals.

“For new companies, it’s about growth – fraud in that regard can be something like you have a promotion on and people are signing up for multiple accounts.

“Digital transformers are also trying to compete, so accessibility, speed, low friction and completion rates rank above compliance. Ten years ago, compliance was higher, but for digital-first companies, user experience concerns are at the top of the agenda.”

However, Li stressed that this was not to say that businesses are neglecting their legal compliance obligations, but more that they simply would not survive if they provided an archaic experience that caused friction for the potential customer, such as demanding they send notarised documents through the mail.

Indeed, nearly half – 46% – of respondents did feel that their customer onboarding process was still too complex, rising to 55% in the UK. Frequent complaints were that it took too long to review and verify customers when onboarding them, leading to user drop-off, increased costs, and lost revenues.

Somewhat predictably, fraud rates have jumped significantly – 44% in total – since the advent of the Covid-19 pandemic in 2020, which forced vast amounts of businesses to adopt digital-first models.

This is in part because a lot of the fraud that occurred in the physical world before 2020 has moved online and can now be better tracked, said Li, but also because Covid-19 brought new opportunities for fraud, around unemployment benefits or business support loans.

For example, according to the UK’s Department for Business, Energy and Industrial Strategy, £1.1bn of the £46.6bn drawn through the Bounce Back Loan Scheme was flagged by lenders as potentially fraudulent, as of July 2022.

Across the board, respondents to the survey did recognise that fraud could have disastrous impacts on their businesses, with their top concerns being the risk of further data breaches, network attacks, forgeries or counterfeits, and social engineering. Respondents were also keenly aware of how fraudsters have been adopting new technologies, with synthetic fraud – the use of fabricated credentials that are not associated with a real human – and deepfakes the top concerns.

Onfido also found that businesses are struggling to keep up with changes to data privacy and protection regulations and lacked confidence in their ability to keep on top of such things – particularly in the US, where over half of individual states have now introduced, or passed, data privacy bills.

Organisations were further challenged by issues with their customer onboarding process – 87% said they saw issues there – particularly when it came to solution creep, 37% reported using five or more different suppliers to manage their fraud and compliance needs.