Data is the New Soil
Someone once said: “Data is the new oil.” Then someone else said: “No, data is the new soil.” Any way you look at it, data is the key ingredient to both innovation and sustainable growth. It empowers most of today’s business decisions. At Equifax, we actively pursue data perfection by looking at ways to reduce information asymmetry — the imbalance of information acquired from parties or sources — in the data used for decision making.
Like all information, data is a means to reduce uncertainty. In my first article of this series, I introduced the science behind identity trust. This concept addresses the implicit uncertainty of identity with two main questions: 1) Are you who you say you are?; and 2) Are your intentions what you say they are? In this second article, I will focus on how data can enable better identity trust decisions.
During an interaction, data helps resolve the uncertainty of an identity. At a high-level, data can provide confidence in positive affirmations of the identity and help detect negative intent. This must be done in a privacy-abiding and time-sensitive manner. Additionally, it should be done with high precision and the least impact on the consumer experience across all touchpoints.
But why is there uncertainty in trusting an identity? Where does uncertainty come from? Let’s take a deeper look.
Identity Trust: Easier Said than Done
When evaluating whether to trust a consumer identity at any touchpoint or transaction, multiple factors must be considered.
New and expanding signals
Consumer identities are increasingly digital. Attributes that characterize an identity have evolved from traditional, static personally identifiable information (PII) such as name, Social Security number (SSN) and address to include digital attributes such as phone number, email address, device signature and more. New technologies are accelerating the adoption of biometric aspects of the identity, such as fingerprints as well as behavioral biometrics based on mouse movement, screen time, etc. These new signals are increasingly preferred because they provide less intrusive ways to resolve an identity without having to collect sensitive PII.
Dynamic nature of signals
Unlike an SSN, customers can have multiple devices and email addresses. Mobile devices are updated every three years or so, and phone numbers can change as well. Access from different locations and devices can also be shared across several identities within a household. For example, multiple people within a family may share a single online account, using the same login information to make different purchases, from different devices and different locations. The consistency of these data elements varies, which poses a challenge in assessing trust while simultaneously ensuring the customer experience is not impacted and privacy and security needs are maintained.
Fraud is constantly evolving, with new schemes being quickly created and new threat vectors steadily emerging for existing fraud types. For instance, the current COVID-19 global crisis swiftly became a breeding ground for new types of fraud across multiple fronts. To date, Interpol reports that it has frozen more than $730,000 in suspected fraudulent transactions related to COVID-19. Meanwhile, existing fraud types are growing more sophisticated each year. Identity theft soared to nearly 50 percent in 2019, representing 20 percent of all fraud reported. More information exists than ever before to correlate and resolve an identity, yet there are increasingly complex and different forms of bad intent to assess from a risk standpoint. Under these circumstances, the value of data depreciates quickly, resulting in increased uncertainty and sub-optimal decisions that allow fraudsters to gain access while good customers are put through unnecessary friction.
Multi-source Data to the Rescue
Leveraging information from multiple and diverse sources can help to mitigate the hazards of fast-moving fraud behaviors and data trends. When aggregated together, the dynamic insights gathered across multiple data sources can help reduce uncertainty and enhance the trust decision. Simply put, multi-data insights are a necessity in any fraud strategy or program. According to the World Economic Forum, customer data collection approaches are evolving and are broadly categorized into four groups listed below. Feedback Data (on the far right) is an additional category that fraud investigators within the identity and fraud domain believe is highly relevant.
By appropriately sourcing data within each of the categories above, we can use the combined intelligence to reduce the information asymmetry and maximize the trust in the identity.
More Data Requires Better Artificial Intelligence (AI)
Sourcing more information also means more responsibility. Strict data governance frameworks adhering to privacy laws and consumer consent are required before any data collection process can be put in motion. There can also be a myriad of regulations, principles and guidelines that must be addressed, including the European General Data Protection Regulations (GDPR), the U.S. Fair Credit Reporting Act (FCRA), California Consumer Privacy Act (CCPA), U.S. Federal Trade Commission (FTC) regulations, the Dodd-Frank Act, Gramm-Leach-Bliley Act and more. Sourcing more information requires a fundamental shift in data approaches and analytic thinking. Without the right tactics and AI methods, you can end up with:
- a morass of activities
- little to no actionable insight
- zero movement on your analytic projects
A recent executive survey underscores this reality. It found that 65 percent of responding organizations reported investing more than $55 million in big data and analytics. However, nearly 75 percent are challenged with adopting big data and AI initiatives. What’s more, in today’s era of “big data,” inadequate data is often a top reason for the slow adoption rate, according to a recent poll. Nearly half of responding companies — 46 percent — say they don’t have enough data to successfully execute AI projects. Meanwhile, 45 percent report issues with AI scalability, and 43 percent struggle with data compliance. Multisource data and AI are a potent fusion that, when used with the right discipline, control and technique, can produce higher positive confirmations of identity. The combination also can help detect and block negative intent. However, there are common pitfalls to avoid when dealing with multisource data within the context of identity trust. I will explore these pitfalls in my next article. Stay tuned.