Peter Ford is Executive Vice President, Information Solutions Business for iconectiv.
Artificial intelligence (AI) is a tool. Like a hammer, a wrench, or any other tool, AI can be used to build, tear down, or both. This is something to keep in mind when considering how AI impacts customer experiences, bottom lines, brand reputation and more.
For example, many banks and other businesses use Biometrics with artificial intelligence to replace the traditional, tedious safety glove with a quick, easy experience. Speech and facial recognition frees customers from having to remember and enter PINs, passwords and account numbers. AI-powered biometrics can also help the bottom line because these businesses spend less time and money on password reset requests and fraud investigation enabled by the common practice of using the same login credentials for multiple companies.
AI can also deliver highly personalized customer experiences—the kind that boost brand loyalty and revenue—such as with AI-powered chatbots and personal shopping assistants that use machine learning to understand each customer’s unique preferences. This information allows AI to help people quickly find what they’re looking for or discover products they didn’t know existed.
However, hackers and fraudsters are increasingly using artificial intelligence to enable new attack vectors. Some are taking advantage of AI-powered systems implemented to provide better customer experiences. For example, AI-generated deepfakes target biometric authentication systems, with 37% of organizations experiencing deepfake voice fraud and 29% fall victim to deepfake video, according to a 2023 Regula survey.
Some AI fraud tools leverage the name recognition and interface design of their legitimate counterparts, such as FraudGPT. Describe HackerNoon how it can be used to craft bank phishing emails as easily as ChatGPT churns out press releases, blog posts and term papers: “Users just had to format their questions to include the name of the bank and FraudGPT would do the rest. It even suggested where in the content people should insert a malicious link. FraudGPT could go further by creating fraud landing pages that encourage visitors to provide information.”
A multimodal approach to KYC
Know Your Customer (KYC) is the process of verifying an individual’s identity to understand the risks of doing business with them, such as avoiding fraudulent transactions and money laundering. For some businesses, KYC is a government mandate, such as with the Financial Industry Regulatory Authority (FINRA) Rule 2090 in the case of financial services companies.
AI makes KYC both harder and easier because it is a tool increasingly used by fraudsters and businesses. FraudGPT, deepfakes and other AI hacks are causing a lot of hype and headlines right now, but smart businesses have spent the last several years looking for ways to use AI to protect their networks, customers, brands and their income.
A common safeguard is to use artificial intelligence to detect suspicious activity and then use text messages to alert affected customers. This strategy also highlights the importance of a multimodal approach to KYC processes.
First, a consumer must provide identification in the form of a photo ID, license, etc., to prove that they are who they say they are. Once verified, they are assigned a phone number, which acts as a digital ID. As the user engages with their phone, AI tracks biometrics and usage patterns to detect fraud. Customers are often notified via text or call when suspicious activity is detected, highlighting the phone number’s role as a key digital identifier.
As the preferred digital identifier, mobile phone numbers have become a critical resource for businesses’ KYC processes. At every stage of the lifecycle — including registration, transactions, account management and event tracking — AI can use mobile phone numbers to quickly determine if customers are real customers and not fraudsters.
Fighting Fraud: Training, Data and the AI Landscape
But fraudsters also recognize that mobile phone numbers are now the preferred digital identifier for banks, credit card companies, payment gateways, e-commerce providers, insurance companies, hospitals and other businesses. Here’s why over 40% of all fraud reported to the US Federal Trade Commission begins with a text message or phone call.
This attack vector shows why businesses need a reliable, authoritative independent source for information about each phone number. Take the example of online payment fraud, which has risen to the top $38 billion worldwide in 2023 and is on track to reach $91 billion by 2028, according to Juniper Research.
Fraudsters use SIM swaps and porting out to steal phone numbers and then use these digital IDs to pose as legitimate customers. Stealing numbers also allows them to receive the text messages that banks and other businesses use for multi-factor authentication.
To effectively fight fraud in the age of artificial intelligence, businesses need to focus on three key areas:
• Consumer Education: Consumer education is vital, as most scams start with a text message. By making consumers aware of these tactics, they can be more careful and cautious about spam.
• AI Evolution: As AI technology evolves, so does the sophistication of AI-based fraud. It’s important to stay ahead of fraudsters by constantly advancing AI capabilities to detect and prevent new types of fraud.
• Deterministic data: The foundation of effective fraud prevention lies in having deterministic and valid data. Businesses can better block account takeovers if their AI has direct access to information about each phone number, such as whether it was recently ported and how long it has been associated with a particular SIM. If this data suggests fraudulent activity, the AI may require the individual to provide additional information, such as a mailing address, account number, PIN, or mother’s maiden name.
Accurate, continuously updated phone number information provides another layer of protection against attacks that exploit the weaknesses of other types of identifiers, such as inconsistent names and addresses or spoofed IP addresses. This valid phone number information empowers AI—and contact center staff—with insights to overcome these challenges and effectively protect against fraud.
Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Am I eligible?
