Content Library

How to stay ahead of first-party fraud

First party fraud deep dive blog

Digital banking is on the rise, and mobile banking is widely embraced by younger customers. But with these behaviors also come higher rates of fraud — especially of the first-party variety. In Alloy’s Annual State of Fraud Benchmark Report, we found that 91% of financial institutions realized a year-over-year increase in fraud, and 62% experienced first-party fraud, making it the most prevalent type of fraud attack reported by respondents.

To stay on top of the risks first-party fraud presents, it’s important to first understand it. In this article, we define first-party fraud, explore its many forms, explain how it differs from other fraud types, and identify the best way to protect your organization against it.

What is first-party fraud?

First-party fraud occurs when an individual defrauds a financial institution in their own name. Sometimes they could simply open an account, deposit bad funds, withdraw the money, and then ghost the bank or fintech once the fraud is discovered. Other times, they manipulate parts of their identity or falsify their financial situation. For example, a fraudster might report incorrect income information or fabricate a home address for a lower auto insurance rate.

First-party fraud can take many forms, including but not limited to:

  • First-party application fraud

  • First-party bust-out fraud

  • Friendly chargeback fraud

  • First-party synthetic fraud

Let’s take a closer look at each.

When does first-party application fraud occur?

First-party application fraud occurs when someone misrepresents personal information to influence the outcome of a credit card, loan, bank account, insurance, or investment application (among others). For example, an individual might lie about their income on a credit card application to increase their chances of getting approved or generate a higher credit line.

For large banks and fintechs, some losses from first-party fraud could be considered inconsequential. After all, what’s a couple hundred dollars here and there to an organization that holds billions, or even trillions, in assets? However, over time, the losses from first-party fraud can add up to quite a significant total.

In some instances, first-party application fraud is just the beginning. Once a fraudster has penetrated your system, they could seek and expose other vulnerabilities — all under the guise of a completely average, honest customer. During this time, banks and fintechs, seeking to deepen the customer relationship, might even reach out with new product offerings which opens up even more opportunities for fraudsters to misuse additional products or exploit loopholes. But even as they’re building up their own credibility through seemingly innocuous activity, it could only be a matter of time before they bust out some really malicious behavior…

What is bust-out fraud?

Bust-out fraud is when someone applies for a financial service (such as a credit card) using their own identity, establishes a normal spending pattern, makes prompt payments for a period of time, then suddenly maxes out the account — without any intention of ever paying the balance.

It’s a slow burn that requires patience and persistence on the fraudster’s part. Once they’ve maxed out as many cards as they can, they might turn to another financial institution — or manufacture a synthetic identity to commit third-party fraud — and repeat the process.

Whether it takes months or years, when a fraudster eventually decides to “bust out,” it can be to the tune of tens of thousands to even millions of dollars.

Also known as “sleeper fraud,” bust-out fraud applies to both installment credit, such as loans, and types of revolving credit — not just traditional credit cards, but in-store credit cards, home equity lines of credit (HELOC), and other personal credit lines. In short, bust-out fraud is a serious threat. Right now, the scheme is costing credit card companies alone an estimated $1.5 billion annually.

How does friendly chargeback fraud work?

Friendly chargeback fraud, or claims abuse, is a credit-card scheme in which someone makes a purchase with a credit card and then disputes those charges with the issuing bank or fintech. “I never bought that,” the fraudster might say. “It wasn’t me.” Once a false claim is in place and a refund has been issued, the fraudster keeps the goods or services they purchased — but the bank or fintech is left paying the bill.

Banks and fintechs might send the refund without further investigation to avoid a lengthy dispute process that costs time and resources (and to protect its reputation, too). Assuming the cost of the charge isn’t astronomical, they might even issue the refund to keep the customer’s business.

It’s a simple scam, but over time, the damage can add up across your entire customer portfolio. Chargeback fraud cost issuers $690 million in 2020. This year, that figure is expected to jump to $1 billion.

When does first-party synthetic fraud occur?

First-party synthetic fraud occurs when a fraudster combines bogus credentials with genuine data to falsify aspects of their own identity. For example, they’ll mix a fake SSN with a legitimate date of birth and name to open new bank accounts or make unlawful purchases with new credit cards. This qualifies as first-party fraud for two reasons:

  1. The fraudster is misrepresenting their own personally identifiable information (PII).

  2. The fraudster never intends to pay back whatever funds they “borrow.” (They’re just stealing.)

It’s important to note that first-party fraud is a very specific type of synthetic fraud. There is also third-party synthetic fraud, where 100% of an identity — name, DOB, and SSN — can be made up. In the case of third-party synthetic fraud, the “customer” isn’t a real person; they don’t actually exist. In the case of first-party synthetic fraud, the perpetuator combines fake credentials with real information; it’s a misrepresentation of identity — not a completely fabricated story.

Now that we've examined multiple types of first-party fraud, let's take a look at how you can strengthen your current prevention measures to stop these instances from occurring or catch them earlier before they can escalate.

Detecting and preventing first-party fraud

It goes without saying that your financial institution is legally required to implement a KYC process. And a robust identity verification process — which not only complies with KYC but includes fraud identity attribute screenings — can help you prevent identity theft, financial fraud, and other financial crimes. But to protect against as many different instances and types of fraud as possible, you need to do more than collect the mandatory customer data that is required to meet KYC regulations. You need to ensure the accuracy of the data, navigate privacy and compliance regulations, and address evolving fraud techniques and technologies — all at the same time.

Having processes in place to properly identify fraud is also incredibly important. For example, synthetic fraud is difficult to pinpoint and will often be tagged as first-party fraud or a credit loss, so banks and fintechs can’t take the necessary steps to prevent it in the future. (Not to mention, if there isn’t a legitimate person to repay the loan, then you have to eat the cost.) Better fraud identification leads to better fraud fraud prevention measures overall, and there’s less chance of causing customer friction when first-party fraud isn’t mislabeled.

Preventing first-party fraud at account origination

First-party fraud can be difficult to detect at origination because the fraudster is using their own true identity. While KYC processes can help you verify that a person does indeed exist and they’re using their true identity, the next step is to determine whether that person has a high-risk profile for committing fraud.

During onboarding, your verification processes should support a fraud-prevention procedure that examines the following data points:

  • Customer identity. The customer’s name, date of birth, address, and SSN should either match the information on their government-issued ID, driver’s license, or passport, or be cross-referenced against multiple data sources to ensure that the discrepancy isn’t a red flag. For example, a customer’s license could have an old address while their utility bill displays their new residence. Cross-referencing data from these documents is critical to fraud prevention and enables banks and fintechs to approve more good customers.

  • Employment history. Periods of financial instability or discrepancies in your customer’s job history could be red flags. So, pay close attention to customers with a history of job hopping or employment in high-risk industries such as casinos, online gambling, payday lending, cannabis, or crypto.

    Here, you might know what to collect — W-2s, pay stubs, and tax returns are all important. But collecting, uploading, and validating all this information can slow down onboarding. Your customer wants to do business now, so you need to be quick yet thorough. If your organization doesn't balance your prevention measures with ease of experience, you will simply replace a lower risk of fraud with a higher risk of customer drop-off.

  • Background check and sanctions screenings. Your goal here is to determine whether the customer is conducting any financial misconduct. To do so, you need to review the customer’s criminal history, social media accounts, and professional references. Red flags would include evidence of the following:
    • Criminal activity or suspicious financial behavior

    • Past fraud or identity theft

    • Politically exposed persons, such as politicians and their immediate family members who have potential access to public funds and influence over policy decisions

    • Sanctioned individuals or entities, or any dealings with those parties

To assess risks, Alloy uses advanced analytics to automatically synthesize various data points from hundreds of sources. For example, a customer’s SSN, name, and date of birth from one data source (such as a bank) is all measured against their SSN, name, and date of birth from another data source (such as the IRS).

Alloy automates red flags, too. So when suspicious activity occurs, you can identify those risks and re-route your decisioning process from there to either add layers of step-up verification, manual review, or a denial. That means stonewalling fraudsters before they can strike.

All that said, even with a thorough identity risk prevention process in place, fraudsters can still slip through the cracks. Fortunately, there’s a second line of defense: ongoing monitoring.

How ongoing monitoring helps prevent first-party fraud

The most effective fraud prevention efforts go beyond onboarding to include ongoing monitoring. But what exactly does first-party fraud look like during the ongoing monitoring phase?

At the ongoing monitoring stage, examples of first-party fraud include:

  • Money laundering – Fraudsters use banks to transfer illegally obtained funds.

  • Loan fraud – Fraudsters falsify loan applications to obtain funds.

  • Tax fraud – Fraudsters file false tax returns or manipulate existing returns to receive refunds.

  • Check fraud – Fraudsters deposit counterfeit checks.

Fraud monitoring throughout the customer lifecycle

Even the most tenacious fraud experts can struggle to suss out all types of first-party fraud — especially with manual procedures or limited technologies in place. After all, they’re only human, right? To detect and prevent fraud in real-time throughout the customer lifecycle, you can use automated processes and an Identity Risk Solution to help. A best-in-class Identity Risk Solution:

  • Scans public records, social media profiles, and device information to ensure that customers aren’t using stolen identities.

  • Collect behavioral signals to analyze the digital interactions of new applicants to gauge fraud risk at the time of account opening

  • Analyzes trends in customer behavior to identify activity and help determine which customers could be at a higher risk of committing fraud.

  • Deploys step-up verifications on an as-needed basis, which require high-risk customers or transactions to provide additional information.

  • Flags and verifies any changes in PII made after onboarding.

Put simply, the challenges of first-party fraud are monumental. At Alloy, so are the solutions.

With an Identity Risk Solution at the core of your financial institution, you can deliver a one-two punch that knocks out first-party fraud at origination and the ongoing monitoring phase.

Be prepared to fight fraud in 2023

Hear what experts are saying about the latest fraud trends — and how you can stay prepared and proactive.

Watch our webinar

Related content