Numerous businesses, such as financial institutions, department stores, fulfillment businesses, on-line business, and businesses making sales over the telephone face the challenge of protecting the business from customers attempting to defraud it. These businesses regularly handle thousands of accounts from its users or consumers. Such accounts may include instant credit or credit accounts with a department store or other retail outlet, or accounts involving checks, credit cards, debit cards, or ATM cards of a bank, credit or other financial institution.
Identity theft may include account takeover, wherein a thief steals the identity of an individual and then uses that information to take over ownership of that individual's account; or new account fraud, wherein the identity thief uses stolen information to open new accounts in another person's name.
Conventional methods for detecting identity theft when opening new accounts or for modifying existing accounts may be problematic. Currently, to detect identity theft type fraud, businesses have used negative databases of suspicious addresses like mail receiving agents or known fraud addresses. This method is useful only if there is known negative information. Often, delivery addresses are not included in a negative database.
In the case of new account application fraud, contemporary detection methods focus on the verification of data elements that are ascertainable by the criminal. These approaches seek to verify the identity of the new account applicant based on the information that is provided in the application process. There are typically three methodologies used in the new account verification process. First, businesses check negative file resources to see whether there is negative information associated with a data element e.g., the provided social security number belongs to a deceased person. Second, businesses attempt to verify the applicant's identity through the use of matching those application data elements to independent data sources which often only serve to corroborate the stolen information that the crook is using. Third, there are logical references like; does the driver's license number fit the format from the issuing state? These techniques are generally used for both “in and out of wallet solutions.” “Out of Wallet” verification adds a level of complexity to the criminal enterprise through the presentation questions based on data not typically stored in a wallet or purse. For instance, asking a person to provide a the maiden name of his/her mother.
As recognized by the present inventors, what is needed is a system, method, and computer program product for detecting identity fraud theft using a method that may either supplant or complement some of the methods discussed above. There is a further need for a system, method and computer program that identifies both account takeover identity theft and new account identity theft.