Scammers Are Leveraging ChatGPT to Commit Identity Theft: Is Better Data the Solution?
Financial fraud isn’t just surging: it’s booming.
The world is steadily becoming more digitized. The identities of both consumers and companies, along with the authentication protocols protecting them, are becoming increasingly digital. This digital shift offers fraudsters a plethora of opportunities.
Scammers are now able to blend legitimate, purloined credentials with manufactured but personally identifiable information to forge new identities, all aimed at executing financial fraud. For instance, The Federal Trade Commission received numerous new fraud complaints throughout 2022; of these, 21.5% were related to identity theft.
The situation necessitates an intelligent approach to protection for modern businesses. The onus is on organizations to continuously adapt and fortify their protective measures. They need to incorporate a powerful blend of next-gen technology, data analysis, and best-practice education as part of their strategy to fend off incoming threats.
Recommended reading
- What is EMV Bypass Cloning? Are Chip Cards Still Secure?
- Dispute Apple Pay Transaction: How Does The Process Work?
- Terminal ID Number (TID): What is it? What Does it Do?
- How Do Credit Card Numbers Work? What do the Numbers Mean?
- What is PSD2? How it Impacts Banks, Businesses & Consumers
- P2P Payment Use in eCommerce Jumps 66% in 2024
Boosting the Efficiency of Risk Management Systems
AI-enabled tools are helping payment methods evolve to be quicker and more seamless. As recently reported, Invezz is currently exploring AI-enabled cloud computing technologies aimed at “analyzing and selecting securities tailored to customer needs.”
At the same time, though, cyber criminals are also stepping up their traditional tactics. Notably, they’re integrating cutting-edge technologies like generative artificial intelligence (AI) to devise new assault strategies.
ACI Worldwide Head of Risk Services Erika Dietrich characterized novel AI utilities like ChatGPT as a “steroid pill” for fraudsters navigating the digital payments ecosystem during a recent conversation with PYMNTS. “Firstly, people can construct artificial email accounts and employ a range of AI-driven techniques and resources to not only extract data but also generate partial and fabricated identity characteristics,” she explained. “Secondly, these AI utilities simplify and exponentially enhance the capacity for criminals to generate bots for their attacks.”
Dietrich also highlighted the necessity of maintaining “adequate digital cleanliness” for consumers. She stressed the significance of businesses implementing multi-tiered solutions to verify and authenticate any information being inserted into their systems.
Dietrich added that, in light of this turbulent fraud landscape, it is essential that retailers and bill issuers clarify their mode of interaction with customers. They must clearly state, “This is our mode of engagement with you, and this is not.”
Balancing Security & Friction in Data-Intensive Settings
There’s a lot of wisdom in Dietrich’s warning about AI. But, there’s also the fact that multilayer fraud detection — itself backed by AI — can help eliminate fraud.
As a merchant, you must calculate risk while maintaining a seamless customer experience and keeping operational costs in check. This demands proficient coordination of data components, data sources, profiling techniques, and data association methods. It also required contemporary technologies like predictive AI and machine learning. These must be used wisely and at opportune moments.
It’s key that businesses strike a balance between authentication and friction. They need to distinguish necessary points of resistance, and only introduce friction in the consumer journey when there's a valid identity concern. This approach ensures a frictionless customer journey, while still establishing trust.
This is partly an analytical methodology, and partly an art. Striking the right balance is crucial because businesses employing a multilayered solution should also adopt a layered approach to their fraud prevention and risk control mechanisms.
The key lies in creating an accurate profile of buyers by leveraging past data. This insight should then be incorporated into a strategy based on factors like location, payment preferences, and device used. Accounts should be carefully monitored using artificial intelligence, then escalated for human decision as needed.
Human oversight will continue to play a role in data coordination and response management mechanisms. As Dietrich asserts, “There will always be a human in the loop.”
Four Key Takeaways for Meeting the Challenges of AI-Enabled Fraud
So, what can we take from this discussion?
The top-line point here is that, with every new technological advancement intended to simplify commerce and improve security measures, we can expect an equal response from fraudsters seeking to exploit these advancements for their own gain. A few other critical insights and points to note regarding “weaponized” AI in the financial sector include:
#1 | Increasing Sophistication of Fraud
With the evolution and integration of technologies such as AI in payment systems, fraudsters are also leveraging these tools to create more sophisticated strategies. This includes the creation of synthetic identities and automated bots for large-scale attacks.
#2 | Balancing Security & User Experience
Businesses need to strike a delicate balance between securing their systems and ensuring a frictionless customer experience. Intrusive security measures may deter potential customers, whereas lax measures may expose customers — and as a result, the business — to fraud.
#3 | The Role of Multilayered Solutions
A multilayered approach to anti-fraud and risk controls is needed. This involves using historical data to profile a customer and then tailoring a strategy based on factors like payment method, location, and the device or account used.
#4 | The Irreplaceable Human Element
Despite the increasing role of digital tools and AI in managing fraud risks, the human element remains essential, serving as a guide and coach in overseeing data coordination and response management.
Merchants Should Prepare
While Dietrich’s concerns are certainly warranted and timely, you should proceed with a note of careful optimism. With a little preparation, you can be well-placed to meet these incoming threats and improve their business practices.
Of course, it’s still wise to get ahead of the issue before it becomes a problem. Thankfully, there are several things you can do to insulate your business against new digital threats. Some best practices to consider here include:
Additionally, taking lessons from these incidents can help improve the company's preventive actions and overall cybersecurity framework. This active and forward-thinking approach ensures that the company maintains its resilience against potential future threats.
The threat of AI-driven fraud is real and growing. However, by leveraging a blend of technology, well-devised strategies, and robust security measures, you can safeguard your businesses and customers against these threats.
