Frictionless Fraud Prevention Helps Government Agencies Thwart Swindles
Originally written by Rachel Kirkland for WashingtonExec.com
Armed with powerful technology, Scott Straub is leading caller ID provisioner Neustar, Inc.’s first big push into the federal market in 10 years.
Since coming to his role in late 2018, Straub, who serves as public sector lead, has focused on developing data-driven solutions for governments in their fraud, waste and abuse prevention and contact center programs. Now, the company has begun securing more federal customers and is working to show Neustar’s increasing relevance in an age of digital fraud.
“In the government market, customers like to buy from people they know and trust,” Straub said.
Prior to joining Neustar, Straub directed federal market strategy at LexisNexis Risk Solutions, where he invented several identity-based products. He holds patents in products that have stopped nearly $1 billion in government identity fraud. His career includes stints at the Bureau of Fiscal Service at the Treasury Department, where he drafted strategic plans for multiple business units and created an analytics division.
When the hot trend in fraud was to target clients on the financial side through data breaches, Straub lead the development of fraud prevention tools to which he still holds patents. As government agencies became targets of the same kinds of attacks, Straub brought his experience working at the Bureau of Fiscal Service and an understanding of the system, processes and policies federal agencies can face.
As agencies have worked to put controls in place to stem identity theft, criminals have taken a different approach by targeting contact centers.
“Since we do provision over 90% of caller ID in the U.S., we have a very unique position in the telecommunications industry, so we can help government actually slow down the (fraudsters) that are targeting contact centers,” Straub said.
That position, combined with Neustar’s solutions, is gaining traction.
Also a member of the Professional Services Council, Neustar has been named a finalist for the American Council for Technology and Industry Advisory Council’s sixth annual Igniting Innovation Awards, to be held Aug. 3 as a virtual event. The company was nominated for its Inbound Authentication, which leverages Neustar OneID identity platform and Neustar’s Caller Name service, which powers its caller ID. It also relies on TRUSTID technology, which combines historical data from processing billions of calls with real-time telephone forensics to determine each calling device is unique, authentic, physical and presents a low risk of fraud.
Frictionless fraud prevention
Neustar’s solutions allow customers to skip answering a long list of authentication questions for a smoother experience that mimics the customer service users expect from the private sector. The authentication questions already have limitations, Straub said, as many cyber criminals can devote large amounts of time and resources to circumventing them.
Also, traditional identification methods don’t work.
“It’s a much better experience on both ends of the phone when the customer is greeted with, ‘Oh, hello, Scott. How may I help you today?’ instead of ‘Hello, Scott. What’s your favorite color?’ or ‘What’s the make and model of your first car?’
Neustar’s patented pre-answer caller authentication process helps prevent fraud by performing a forensic analysis of information available about inbound calls. Before an agency representative answers the phone, for example, to answer questions about benefits or an account, Neustar can verify the identity of about 70% of the inbound calls. It does this by compiling data from a variety of resources — the device itself, location and other variables.
“It’s a better experience overall,” “Straub said. “It gives confidence to the citizen when they’re calling in because they get treated better.”
The technology is widely used in the private sector, and Straub wants to bring it to more government customers. In the 25-30% of cases in which Neustar’s solutions are unable to verify identity, the customer service representative would use his or her organization’s own internal processes upon answering.
Leveraging caller ID
Another way criminals target victims is around digital identity. Ten years ago, people often went on-site for services. Looking for Social Security benefits? Visit a Social Security office with your paperwork in hand and present it to a real, live person. Need the same services today? You’re probably going online.
“The fraud criminals are really good at what it is they do,” Straub acknowledged. “They think of new schemes all the time. They’ll spoof IP addresses and different sessions and they’ll have a session replay where they’ll make it look like it’s the exact same computer (as a real customer). Some of the clients have a mobile device. They’ll swap out the SIM card. It just adds a second angle around digital identity fraud.”
Neustar also addresses spoofing — instances in which fraudsters leverage technology to make it appear the call is coming from a different phone number than the one they are actually using. Would-be fraudsters have used the method to try to target citizens by impersonating representatives of various agencies. Neustar has the ability to whitelist or blacklist phone numbers to cut down on some of those cases.
Another area of concern is around synthetic identity. Traditionally, the concept of proving who you are has been built around a cluster of information that can include one’s name, address, phone number, Social Security number and date of birth.
“But then the government has a slight problem,” Straub said. “Do we actually trust the information that’s being presented to us? Is this a real complete person? And that’s where my background with identity fraud prevention comes from. It looks like (a real complete person), but you took my name, Rachel’s address, Sarah’s Social Security number and then Kelly’s date of birth. It looks like a real human being, but it’s not. That’s a synthetic identity.”
To tell the difference, Neustar offers both offline and online data and a multipronged approach.
Identity theft is “rather rampant,” even though agencies prevent most attempts, Straub said. An agency’s fraud prevention rate could be 99.98% effective.
“But the 0.02% of a federal government that sends over $2 trillion out the door every year, that’s a large number,” Straub said. “The number sounds really big because it’s like billions of dollars in fraud, but it’s small from a performance perspective.”
In cases where a government agency doles out beneficiary payments, for example from the Department of Veterans Affairs or the Federal Emergency Management Agency, those agencies are disproportionately targeted by spoofers. And often, the individuals targeted are from an at-risk population and in a vulnerable situation.
“The criminals know these people want to talk to the government because it is actual money for them,” Straub said. “So they’re going to answer the phone … and then they get scammed. They give all the identity information to the criminal, and then the criminal calls into the call center (and claims their benefits).”
To register for the Igniting Innovation Conference and Awards where Neustar’s Inbound Authentication and other nominated technologies will be on exhibit, register here.