Adhip Ramesh, an avid technology enthusiast is an Engineer by qualification. Having gained sufficient experience for his disparate roles, Adhip has answered to his true calling of entrepreneurship. Adhip is now the CEO and Founder of Trustcheckr, one of the India leading frauds insights and analytics platforms developed solutions and easy to integrate tools to safeguard digital transactions from frauds and secure data privacy. The company has so far carried out over 10 million fraud checks and cumulatively helped prevent possible NPAs by 30 crore rupees. In a conversation with CXO Outlook, Adhip talks about commonly occurring fraud types, tools to detect fraud calls, and much more.
What are the ways our digital banking data made vulnerable and our data is exposed to frauds in the fintech sector?
More financial transactions are happening online, be it opening a bank account or applying for loan/credit card, trading stocks etc.., With digital banking face-to-face interactions are reducing and the risk of frauds are increasing. Most commonly the recent data breaches are feeding to the fraud loop, thereby opening up more avenues for synthetic identity frauds. Typically, fraudsters get access to this data from dark/deep web and using various social engineering techniques to fraud people with their hard-earned money. The commonly occurring fraud types are as follows:
Synthetic Identity Frauds – Fraudster create collective digital IDs (phone/email) which looks like real and use the same to create accounts
- Phishing – Online frauds carried out via email to entice users to click the link and get the user information
- Vishing – Social engineering attack when fraudster call victim to collect sensitive information
- Smishing – Fraudsters send attractive SMSs to make users click the link on the SMS
- Account Take Over – Fraudsters use bots illegally to access victim’s bank account and perform transactions
- Referral Abuse – Fraudsters refer other fraudsters to get access to referral rewards which are led to fraud transactions
- Similar Password Fraud – Innocent users use similar passwords across platforms, including financial apps. This poses a threat if the data is breached
- Wi-fi vulnerabilities – Connecting to unknown Wi-Fis gives access to sensitive information to fraudsters
- Fake Financial Apps/Webs – Users must download the apps only from authenticated sources to prevent fraudsters gaining access to their device
How to use validate APIs for our online businesses/transactions helps to identify risks in lending?
Validate APIs enables organisations to establish the authenticity of the digital IDs of the users. This helps organisations to cut down on synthetic identity frauds, impersonations, usage of fake IDs etc.., which accounts to ~20% of the total on-boarded cases. Typically, industries like Fintech, Payment, Banks, NeoBanks should use Validate APIs to keep their customers data accurate.
The following risks can be reduced in lending:
- Onboarding Authentic Users
- Reducing False or Fake customer Data
- Improving Contact ability of the NPA accounts
Validate APIs which can be easily integrated at multiple phases like onboarding, underwriting or transaction initiation. The inputs required are name, phone number and email address. The API uses AI algorithms in the backend and calculates the score along with the response in less than 800 msecs. the organisation would get the holistic score on the user’s digital identity to understand the risk and authenticity levels.
5 Major easy to integrate tools to detect the fraud calls
- Phone Books – Cross-verify customer data with phonebooks like TrueCaller to identify the spammy phone numbers by looking if the phone number is reported or not
- Common User Group (CUG) – Organisations can come together and form CUG black lists to check for blacklisted customer profiles and filter them out at the stage of on-boarding.
- Validation APIs – Use Real-time AI based validation detection APIs to understand the risk and authenticity of the digital IDs like phone, email etc..,
- Social Scanning and Listening – Using Social Listening techniques to gather the commonly reported fraudster information.
- Contact Centre Validation – Calling customers with prospecting questions. But this is an expensive process
How can we ensure effective safe digital transactions in an era of openness?
Fighting frauds and fraudsters with unity is the best solution to ensure effective and safe digital transactions. There are multiple process can be setup like Crowd Reporting and CUG creation by businesses to ensure the fraud methodologies can be captured and predicted at the first instance of fraud occurrence. Whenever the same fraudster or same method is used to con a new victim, immediately these fraud prevention solutions should be pre-empt digital frauds at scale.
Along with this, awareness programs would enable innocent users to know about different types of frauds happening around them. This would make sure to develop the mindset of not getting into frauds and face them with strong opposition. Technology can make sure to learn about fraud trends using AI and learning methodologies and predict the risk of any transaction or digital identity at scale to help both business and common users to be safe from digital frauds.
How will APIs and fraud check scores eliminate the risk of digital frauds for individuals and businesses?
The use of APIs will enable businesses to be agile in created Digital workflows for scale. Quicker response time, ease of Integration enables faster decision making times and there by making the community scale faster. Using Alternate Data sources via API integration, provides an opportunity for unbanked segment to access credit and improved purchasing powers. In this process, with ease provided by Technology, processes going online, the fraud risk exponentially increases. For eg: A person can send money to anyone with just phone number. With this simplified process, it is easy for fraudsters to create fake identities, create a UPI ID and start scamming people online in marketplaces.
The need of the hour is to check the fraud scores of all these digital identities before a business onboard anyone or an individual do financial transaction with the stranger.
For Businesses: A business can reduce synthetic identity frauds upto 20% using Fraud Check scores. The APIs can be integrated at multiple stages of customer journey like Application, Underwriting, Loan Disbursal (for Fintechs, Banks), Transaction Password (for Payments) etc.., If there are any red signals, they can reject the customers or move them to manual review queues.
For Consumers: A consumer before making a transaction with a stranger can check the fraud scores using the websites would be really helpful to check the authenticity of the other users in the transaction process.
Can you share the insights about the payment behaviours and spending patterns TrustCheckr have been seeing during the pandemic peak time?
At TrustCheckr we have seen upto 150% increase in the checks on peer to peer transactions. The number of online transactions have increased leading to sending money online to unknown people. Hence validating the numbers before sending money is of prime importance at this time.
The most frequent usage of TrustCheckr is as follows:
- Common people sending money to Business/SMBs UPI IDs/Phone numbers have increased upto 200% – this is justified by increase in the number of digital transactions for all purposes owing to social distancing norms of COVID 19
- We have seen significant increase in marketplace transaction activities mostly on classified sites. Users are checking for authenticity on TrustCheckr
Overall numbers have seen a slight dip for the month of May 2021 due to staggered lockdown announcements across the country. During this time the usage of TrustCheckr by businesses witnessed similar trends. In the month of June 2021, things are looking upwards and mostly back to Jan/Feb 2021 numbers
In some of the sectors like Entertainment, Travel, Shopping offline there is dip in the transaction rates. But other sectors are more or less the same. We have seen more than 50% increase in UPI related searches along with QR Code scans on TrustCheckr. Fake payment QR codes (mostly send instead of receive) notifications are on the rise. Users feel that they are receiving money, instead they end up sending it. If fraudsters have access to screen sharing apps, they would get the PIN/Password of the user as well.
The new fraud behaviour is impersonating someone’s Facebook profile and asking for money citing urgency or emergency. We have seen more than 50 cases being reported on TrustCheckr in the last 2 weeks.
Brief us on TrustCheckr & its vision of 2021
TrustCheckr Vision: Enabling Digital Safety for Organisations and Individuals by pre-empting digital frauds in the growing online transactions using digital data available across the web including deep and dark web data
TrustCheckr, the single point of focus is to identify and eliminate fraudulent digital identities from the corners of the web to secure businesses and customers. TrustCheckr provides cross industry fraud insights platform using APIs and provides TrustCheckr Score to enable organisations and individuals to identity the risk associated. We provide following APIs:
- TrustCheckr Digital Identity Verification
- TrustCheckr Phone Risk
- TrustCheckr Email Risk
- TrustCheckr Web Risk
Industries covered: Fintech, Banks, Payment, P2P, Marketplaces, Rental Economy.
Using TrustCheckr APIs, organisations can unlock the following values:
- 25% reduction in fraud rates during on-boadring
- 30% increase in automation
- 15% decrease in manual reviews
- 18% savings in overall costs