April 22, 2021
Enterprises are increasingly using mobile intelligence (a collective term for device and mobile signals) as a critical source of data to authenticate consumer identity in order to prevent fraud and ensure frictionless customer experiences. Mobile Network Operators (MNOs) have long been the custodians and the providers of this raw data. Enterprises such as banks have leveraged this data to digitally identify their customers and strengthen the authentication of financial transactions. However, exponential growth in digital transactions globally and increasing sophistication in fraud have exposed the limitations of this approach, highlighting the need for an algorithmic model that taps into multiple data sources and attributes to assess a transaction's trustworthiness.
Partnering and integrating with MNOs to ensure maximum subscriber coverage is critical to achieving efficacy while fighting fraud. Enterprises must ensure that all the existing customers and prospective clients can be assessed and scored for risk of identity fraud. As per Statista, in the US, AT&T owns roughly 44% of the subscriber base, followed by Verizon at 30% and T-Mobile at 25%. Engaging in direct partnerships with carriers can demonstrate results only when coverage is maximized through multiple partnerships. This, however, is not a scalable approach and hampers time to market and the agility required to fight new fraud vectors.
Another key aspect to consider is whether curating the raw data provided by carriers alone is sufficient to fight emerging threats. Consider the recent cyber-breach at T-Mobile, where close to 400 customers had their data stolen. In another instance of fraud, attackers were able to fraudulently add entries to the Override Services Registry (OSR) to send copies of SMSes to themselves, allowing them to retrieve SMS OTPs. It is therefore critical that identity verification and authentication leverages signals and data from multiple sources beyond those provided by carriers.
Finally, designing optimal identity verification and authentication processes requires combining mobile intelligence data with historical patterns and data from other authoritative sources to algorithmically score the trustworthiness of a transaction. This would drastically reduce false negatives and help improve pass-through rates.
While raw mobile intelligence data provided by carriers is useful in establishing Possession, it falls short of establishing the Reputation of a phone number. Enterprises must have an authentication model that combines behavioral and phone intelligence signals to measure a phone number’s fraud risk and identity confidence in real time.
Prove’s Trust Score™, a real-time measure of a phone number’s reputation, identifies phone numbers that have been associated with a SIM swap or other suspicious activity. It prevents potential scammers from bypassing the Two-Factor Verification process. In the US, Trust Score™ has 100% coverage on all line types. In the UK, it connects with all four major carriers, i.e., EE, O2, Three, and Vodafone.
Signals such as the frequency, tenure, and recency of phone changes (e.g., SIM swaps, ports, phone number changes, and device upgrades) and other carrier and internal phone intelligence are used to arrive at a score. Scaled from 0 to 1,000 (with a score below 300 classified as low-trust, high-risk), the Trust Score™ model can be implemented to secure use cases across account enrollment, login, high-risk events, and customer communications.
As cybercriminals adopt newer technologies, bolstering the Two-Factor Verification process is critical for both businesses and their consumers. Prove’s Trust Score™ does just that.
Read and learn about FinTech topics you are interested in.