How can banks and businesses reduce the risk of fraud, and what preventive actions should be taken? We provide tips about the most important steps towards secure management of identity.
Since 2005, the number of reported frauds has more than tripled, according to statistics from the Swedish National Council for Crime Prevention (Brå). Among these, 44% were committed via the internet, while 39% were various types of bank or credit card frauds that could have been prevented through secure identity management.
Do you have control over your identities?
A prerequisite for knowing who should be entitled to and who should be denied access is to register the customers’ identities. These can be registered through face-to-face encounter and legitimation, but even via the internet with the help of an eID. Access is then provided according to the customer’s needs and activity patterns on the website.
Different types of services require different degrees of authentication. Perhaps you would like to make it easy to log in but more difficult to sign an agreement without proper authorization? Traditional login with the help of a user name and password gives the lowest level of protection and therefore should always be combined with a more stringent type of authentication via, for example, eID or fingerprint.
Store your data securely
Secure management of personal identities requires an equally secure storage of confidential information. The customer’s identity and the information that you collect concerning the person’s purchasing habits or economy should be easy to obtain when needed, but just as difficult to gain access to if eligibility is lacking. Files on a shared hard-drive or a workplace computer are not recommended.
Check list for fraud prevention
- Keep track of your customers’ identities.
- Adapt your authentication routines according to risk needs (confidential information = higher protection).
- Adapt your customers’ access according to their activity patterns on your website.
- Link the appropriate resources to the right identity.
- Review your data storage – who has access to what?