How can businesses discourage friendly fraud and what is a professional disputer? In this episode, Simon sits down with a chief risk officer in the financial industry to discuss the evolution of fraud and detection techniques.
How can businesses discourage friendly fraud and what is a professional disputer? In this episode, Simon is joined by Michael Fox, who has significant experience in fraud detection in the financial industry, having worked for President’s Choice Financial, Capital One and Meridian Credit Union before moving to his current role at KOHO, a Neobank based in Canada. The two discuss the evolution of fraud and detection efforts, as well as the rise in friendly fraud and dispute fraud.
---------
“It is often what I call a crime of opportunity where it's a boyfriend or a relative or a grandson. This is often not professional fraudsters going out there and doing complicated hacks. It is that crime of opportunity. Somebody needs a little bit of money and they do that.”
Timestamps:
(01:07) Intro to Michael and Koho
(02:05) How has fraud evolved?
(06:48) What is friendly fraud?
(11:36) What can businesses do to stop friendly fraud?
(13:09) How has fraud detection evolved over the past couple of years?
(19:34) Building trust through good friction
(22:10) Big upcoming change due to deepfakes
---------
Michael Fox on LinkedIn
Simon Horswell on LinkedIn
Onfido’s Identity Fraud Report
[Subscribe to the Podcast]
Simon Horswell: [00:00:00] In this episode, I'm joined by Michael Fox, the Chief Risk Officer at KOHO, a Canadian neobank that offers customers a better way to manage your money with their app and their reloadable card. Michael has significant experience in fraud detection in the financial industry. Having worked for President Choice Financial, Capital One, and Meridian Credit Union before he joined KOHO.
In today's episode, we discuss how fraud continuously evolves with the times. Friendly fraud and the professional disputer, and how detection techniques have similarly evolved. But first, a word from our sponsor.
Producer: Inside the Fraud Lab is brought to you by Onfido. Onfido's real identity platform is trusted by thousands of businesses to stop fraud and know their customers.
Their AI powered identity verification means [00:01:00] businesses can securely and seamlessly onboard customers anytime, anywhere.
Simon Horswell: Hello and welcome to the show. I'm Simon Horswell. Michael, thank you for being with us today. Thanks for having me, Simon. Okay, so, Michael, why don't you introduce yourself, your role, and tell us a little bit about KOHO.
Michael Fox: Yeah. So my name is Michael Fox. I am the chief risk officer at KOHO Financial. We're a Canadian banking challenger startup. We have a little over a million Canadians signed up to KOHO in the business to consumer space. And, you know, we have a real mission of changing banking and changing the financial landscape in Canada with a focus on leveling the financial playing field for people, bringing financial products to the mass market, including underserved communities.
It's a nice,
Simon Horswell: nice mission. It is, it is. So, I think one of the areas we discussed that we wanted to cover today was kind of how, how fraud has [00:02:00] evolved. So, we've talked about this before and really how, how has fraud meaningfully changed? What have been the significant changes or the way that you've seen it evolve?
Michael Fox: Yeah, I've, I've been on fraud for a number of years across four different companies now. And, you know, we were reflecting some before on Like that evolution over, over the last decade or two, and it really has been dramatic looking at the scams from, you know, like, like 10 years ago to today, where we take something like, you know, the CEO scam, everyone's heard of the CEO scam, where you, you'll get an email or something like that, that says, can you send a wire transfer out, and it was all done over email, and it was, it was all about playing the numbers game and targeting.
A lot of people, and I know you've definitely dealt with these, Simon. Yep. You know, more, more recently, I saw an article, and it was a woman at a company where they created a full AI meeting, full of [00:03:00] characters, and they were all
Simon Horswell: AI generated. I saw this one. Yeah. I read this, yeah, it's, yeah. Everyone in the meeting was completely AI generated and it was all just for the benefit of one employee so that they could get them to commit a transfer live during their call.
It was incredible. It was
Michael Fox: the pinnacle of targeting and it's, it's, yeah, they had impersonated all of her co workers and she had, she had suspicion. But she didn't trust her suspicion and, and she, she sent the money out and got tricked. So, that's one just really pronounced example of how that kind of fraud is changing.
Another one, you know, we used to have this concept of non receipt fraud. That's when you'd send the cards out, This was even, this was before chip and pen evening, you'd send the cards out and they'd be in the mail and the fraud game was to intercept those cards and activate them and, and go and spend them.
This was a big fraud category. We don't, we don't really have non receipt fraud anymore. And I remember a story from when I first got into fraud where a man pulled up to someone's house. And [00:04:00] this was before people had cell phones. And that tells you how, how much the world has changed since then. And he knocked on their door and he asked if he could use their phone to call CAA or American Automobile Association would be the equivalent there and so on to, to help get his car towed.
And they said yes, and little did they know that he had taken their credit card out of their mailbox and he was activating it in front of them on their landline. It was, it was incredibly bold. Yeah, you don't see that anymore, right? We don't, we don't talk about that receipt front anymore.
Simon Horswell: No, but maybe we don't talk about that specific one, but I think that's always one of the things that, I think that's probably one of the reasons why so many scams work.
It's because a lot of the time people can't believe how brazen the fraudsters can be, and how calm they are under pressure. I mean, you're talking some pretty big cojones to walk into someone's house. with the credit card that you've just taken out of their mailbox and then use their phone to activate in front of them.
Cool as a cucumber, I'd [00:05:00] imagine, the entire time. That's, you know, it's just people just, you know, not appreciating what someone will and can do, you know, right in front of you.
Michael Fox: I think you hit on something there. A lot of this is based on trust and either trusting in people or social networks that are familiar to us or Maybe trusting in the kindness or at least the lack of that kind of boldness in strangers.
That's crazy, that someone would do that. And one thing that you and I talked about before was how card fraud has evolved. When I first started working in fraud, it was very much Your biggest fraud type would be counterfeit fraud, and you would do a bunch of basic rules, which merchant category is it in, what's the dollar amount, what's the fraud score, and that was based on the scoring model, what country is it in, all that sort of stuff, and you'd build rules and you'd work to keep that crowd fraud under control.
Europe was[00:06:00]
And then Canada got on board with Chip and Pin, but we still had a lot of cross border fraud with the United States. Right, of course. And then, and then the United States got on Chip and Pin, so you don't really hear about that card present. Fraud to a large degree anymore. It's, it's all moved to online fraud or, or mobile wallet fraud.
And as a result, what we're seeing is more kind of like kind of what I'd call friendly fraud or, or, you know, fraud around, around digital goods where it's There's like a blurred line between what a froster is and someone who it occurs to, to, to say that they, that they've had fraud on their card, if that makes sense.
Simon Horswell: Yeah, well, I think kind of that's a, that's a, that's another point that we've, that we've touched upon. I'd like to kind of unpack a little bit more. So people might not be familiar with this term of friendly fraud. So when we say friendly fraud, What is it that we're talking about exactly? Let's have a couple of examples.
Michael Fox: Yeah, there's a few. I'm going to [00:07:00] come back to that card fraud example, but one that I see a lot of is we've got account takeovers or even tap fraud. It is, it is often what I call a crime of opportunity where it's, where it's a, a boyfriend or a relative or a grandson. This is, this is often not professional fraudsters going out there and, and, and doing, um, complicated hacks.
It's, it's just, it is that crime of opportunity. Somebody needs a little bit of money and they, and they do that. But I've seen this evolution Within card fraud specifically, where because you've got chip and PIN and there's not as many opportunities to claim fraud, I'm seeing more of what I would call, um, like buyer's remorse because a lot of the transactions are digital goods now, right?
It used to be go to a store, you'd see the thing you want to buy, you know exactly what you're getting, you buy it. And now people are buying digital goods and they're, and they get it and they're like, Oh, maybe this isn't what I, what I wanted, or maybe it is what they wanted. [00:08:00] They just see an opportunity to say that it was fraud and make a fraud claim.
And that it's something that's making up a, like an increasing amount of fraud claims in the industry.
Simon Horswell: I don't want to put you on the spot, but have you got a rough idea how much that's grown over the last couple of years?
Michael Fox: I would estimate that it's, it's gone up by about triple over the last few years.
The other, the other piece of this is that. You'll see, not just on the cards where this is happening, but if you actually look at the patterns, you can see that this is a profession, there's this concept of a, of a professional disputer or refunder emerging, where you've, you know, you've bought something on, on Amazon and you'll, you'll complain about that and they'll put a refund to the card and we see this where there's, there's people that get a lot of refunds and, and, and That the method is to just keep, keep at the e commerce merchants.
They want to make their customers happy, keep escalating complaints, escalating complaints until
Simon Horswell: they, they may be threatened with some reviews on social [00:09:00] media, damaged reputation, or do it really visibly. But I think also as well, this idea of the professional disputers, I think kind of, we can start to see that maybe.
In a new light, certainly in the UK, we've had some more legislation brought in around push payments and the fraud that takes place around there, so that's where you convince someone to authorize a payment on the fraudster's behalf. Now it strikes me when you've got that kind of scenario, if I'm already a fraudster and I'm creating a fake account, I now have an account in my control that I can claim some money was taken from.
When it's me that's taking the money and essentially set up a perfect scenario for a professional disputer with the new rules that have come in, that does kind of paint rather a, uh, a tempting offer and a very difficult position for the financial services.
Michael Fox: Absolutely. You reminded me of something there.
Um, one of the big payment [00:10:00] funds movement methods in Canada is called e transfer. Right. And you'll see people do exactly that. Where they've sent an e transfer from one end, like one account they have, to another account they have. It's the same person on both ends. Yep. And then there's a fraud claim, oh I've been hacked, my account's been taken over.
I didn't authorize this payment, I didn't realize. Yeah, of course. This person on, this person on the other end committed a scam through, through social media on me and they, and they didn't give me the goods that that e transfer was meant to reap. But we see a lot of that. Increasing the amount it's you know, spurious scam claims and yeah, there's a whole profession springing up around it.
Simon Horswell: Yeah, this is it. I think it's only going to increase. It's as you say, we're, we're a lot less physical scams. I'm not going to say they've stopped, but it's kind of it's easier to scale up and see the returns quicker and minimize the risk when you're Doing something in an online environment. And again, if you're, yeah, if you're setting up a fake account that you're in control of and then claim scam and [00:11:00] it, you know, claim money back or a refund on it, and then it turns out that actually we think this is a spurious claim.
It's like, cool, I'll have a go tomorrow with a different identity. Absolutely.
Michael Fox: And, you know, there, there's a couple other mitigating factors there are called actually more aggravating factors. You know, you squeeze the balloon of fraud. And the, you know, the pressure of the air has got to go somewhere. And so it moves to other kind of front types and, and also at the same time, like times are, times are tough for people sometimes.
And so when people get desperate, they will resort to these kinds of things.
Simon Horswell: Okay, now, when we're talking about friendly fraud, as we've said, it is a very difficult thing to deal with. You know, one of the major issues is, it's, it's the wolf hiding amongst the sheep, because there are going to be people that have generally been ripped, genuinely been ripped off, and this kind of sets itself up very, very similarly to camouflage amongst that.
What should or what can businesses do to [00:12:00] try and stop it?
Michael Fox: You know, you've got to look at the patterns and the history there. I, I have to be careful cause I, I can't give away all of the secrets loss that we looked for, but you know, certainly if it's, if it's the, the grocery store that somebody goes to every week or, or, or the, the more appropriately, the, the online service that somebody purchases from every week and then all of a sudden it's fraud, then that that's, there's, there's obvious things that call into question there, right?
If, if somebody. Has been spending at the same location for several months. And actively checking the account that, that whole time and logging in and then a few months go by and all of a sudden it's fraud. You can kind of tell that there's buyer's remorse at play there. There's certainly other signals that we look at in terms of behavior and back end things.
I'll save those for a more private podcast.
Simon Horswell: Yep, no, fair enough. Fair enough. Maybe we won't, we'll have that in the special, the special restricted part of the podcast. Yeah. Yeah, yeah. In [00:13:00] the special access code. Okay, well that, that kind of leads us on nicely as well to the next topic that I really wanted to talk about as well.
So we've talked about the evolution of frauds. We've kind of looked at friendly fraud and the, the professional disputers and kind of how difficult that can be, but then kind of what you can to. To detect it. So how do you see fraud detection as, as having evolved over the last few years?
Michael Fox: It's, it's way more, way, way more, um, multi dimensional.
I think, you know, At KOHO, 100 percent of our signups are digital online. And, you know, when I first started working in fraud, it was probably 90 percent in person. And I remember one fraud ring in particular where the agents were literally looking at paper applications. And looking at the handwriting, because the frosters use the same handwriting on all of the paper applications.
Obviously, [00:14:00] we don't do that today. That sounds absurd looking back, but that was something they did. There were, there were rings where there were in person signups where the, The rep who was signing people up was complicit in it, either, either they were the person tasked with taking identity or they were the person doing the signups and maybe they had a financial incentive in the signups, so you look for patterns there as well, but you know, in terms of what it's evolved to, we, at KOHO here in particular, we have We have models and we do different routing based on REST to other forms of step up authentication.
You have to use those 360, uh, like the 360 degree view of the signals there. So it's, it's, you know, things like their, their face and digital identity, like we're obviously using. The way they kind of move through the app, the other information that they put in, the commonalities there. You know, Frosters, They're trying to move fast.
They're trying to sign up accounts by the hundreds, not one or two at a time.
Simon Horswell: It's a numbers [00:15:00] game and you're trying to maximize, yeah. Get as much stuff off the shelves as you can before you need to run out the store.
Michael Fox: Yeah,
Simon Horswell: yeah.
Michael Fox: Smash and grab before they get caught, right? So, you gotta look for these commonalities.
You gotta look at the things that they're doing. And, you know, they don't want to waste a lot of time learning about our Our goals, features, or, or, or our subscriptions, maybe they, they want to learn how they can monetize the fraud as quickly as possible. If they're a fraud ring, they've been there before and they know, they know where to look.
So they're, they're gonna, they're gonna put the same sort of stuff in our app and, and we can look for that. Overall, I'll say, you know, we, we used to use very, Basic, you know, like kind of two or three variable models to find these things. And now that's gotten more and more complex and we need to use everything that we know about those rosters to identify them.
And the other piece of that is when I first started doing this, You'd send a card out in the mail and their first opportunity to, [00:16:00] to do this was probably weeks later or at least a week later. Now people can sign up and they can get a card and transfer funds in minutes. And so the detection and the intervention needs to be in real time.
I mean, you have to have the models operating in real time. You have to direct those bad actors to additional friction paths. in, in real time where they're going to run wild.
Simon Horswell: Okay, so I mean the, the, the fraud has evolved and it's become maybe a little bit easier to perpetrate potentially, uh. So,
Michael Fox: I think so.
Simon Horswell: But at the same time, I kind of, I mean, my feeling on it is the way that we've done it The way that we are now looking at these things, the kind of level of detail that you can bring in to kind of monitor or investigate further, it does kind of mean that, yes, it has got a little bit easier to perpetrate, but at the same time, Some of the things that are involved in detecting it [00:17:00] and the speed at which we can move is kind of like kept pace with it.
You know, I've said with other people, you're not going to stop all fraud. If you work in the industry, you understand that that's, you know, zero fraud means, you know, you can't, you can't stop fraud if you intend to have customers. Because You have to have some kind of breach in your defense to let people into the system and it's just how someone exploits that.
But the signals that they're putting out, it's, I, my personal feeling is there's probably a lot more in ways of signals now than if we were just sending something out through the post, waiting for something to come back through the post. A hundred
Michael Fox: percent. And you hit on a running joke there, which is, you know, we could, we could have zero fraud.
We just, we just decline all the customers and not have any signups or not have any, any purchases. But we, we are living in the world now of big data, right, Simon? And there's things before that we had that weren't, there were things we could look at, but they, they weren't accessible from a data perspective.
You know, if somebody walks into a [00:18:00] branch to fraudulently create an account, look what that meant, going in to another system, pulling up a video, Now that information is all at our fingertips. So we're, the fraudsters can often be very innovative and hardworking in their approaches to fraud. But on the other hand, when we're working to fight them, I think, I think we're only constrained by our imagination at this point, because there's, there's so much that we can look at there.
Yeah.
Simon Horswell: That's it. I mean, yeah. Food, food. I'm always surprised by how creative some people get with what seems like such a simple equation. The, the ways around like some of the, the protections that we see, it's in some cases like, yep, that's, that's what I'd expect. And in some cases there's always going to be one where you're just like, wow, someone's just turned this problem completely on his head.
Um, but that, that's kind of what pushes you to, to, to get better. Um, detecting them or finding [00:19:00] them it just opens up new possibilities and then like you say you you get creative like well if that's a possibility then that branch is off over here and it's uh now one of the things that I talked about before on the podcast that I think does worry a lot of businesses is friction and it's always kind of positioned in opposition to security or anti fraud measures because if I'm examining a customer, if I'm kind of trying to make them cross a few barriers, well that's bad.
Bad, because that means that they're going to find it harder. There's a barrier in the way. What would you say about friction? I mean, is there such a thing as good friction?
Michael Fox: Sometimes there is. I mean, we certainly pursue low friction wherever possible. Friction? Can be helpful sometimes though, when it instills trust in the people that are, that are signing up.
And this is where I think cultural norms make a big difference. We, we do have some challenges in North America today [00:20:00] around what's, what's normalized behavior. You know, in, in Canada, I'm pretty sure KOHO was the first financial institution to launch photo ID and selfie or real time onboarding. It's still catching on.
If you go. To, you know, many parts of Asia or Europe to open a card. It's expected there. And, and I think, I think a lot of customers would question why you don't have it and sign up if you didn't have it there, but what we do find even in Canada, when people go through some of those higher friction methods, Yes, you have some people that will drop off as a result of that, but the people that go through that process are actually more likely to be active and they're more active, so there's a bit of a causation debate there, but there is something around the trust that we're creating in a financial institution and the sense of security.
Simon Horswell: So it's, it's a sense of reassurance, essentially. It's like a little bit of friction kind [00:21:00] of good, because it kind of gives you more traction.
Michael Fox: Yeah, that sense of reassurance and, you know, cultural norms, you know, and, uh, and example and Canada and, uh, again, most of the world using a pin. On a chip card is, is very normal.
It's expected, um, in the United States, that is seen as unnecessary friction in a lot of quarters. So if you bring, bring a chip card down there, you'll often see chip and signature. Um, I even, I tapped once and they asked me to sign and that's just, It's just amazing how these cultural norms can be so persistent.
And it can take a generation for it to change and for people to go, you know, like, I actually like PIN because it makes my card feel secure.
Simon Horswell: I'm not going to go down that rabbit hole now of chip and PIN and tapping, but yeah. Yeah, it's definitely become a very cultural thing. I think in the UK, it's just everywhere, the limit is increasing and everything, but yeah, there's a lot of security in that chip and PIN.
Michael Fox: Yeah, UK was first, or at least [00:22:00] before us on this by many years,
Simon Horswell: so we definitely took your lead. Well, they say the early bird catches the worm, but they also say it's the second mouse that gets the cheese. So, uh, what do you think has been the Biggest change in approaches to fraud, what do you think is going to be the biggest change that we see in the next decade or so?
Michael Fox: If we're talking about sign up fraud, you know, digital portable identity is, is really compelling to me. You know, really balances the best of both worlds if we can solve, you know, really for the security part of that. It's getting politicized a little bit, you know, some places being framed as, you know, big government type stuff, but in its purest form, it can actually be something that helps, you know, customers to sign up.
I think when I look forward to the challenges ahead, I talked about that CEO scam, and I talked about that woman being targeted, people, people are sharing everything online. They're sharing videos of themselves. And so, imagine someone who has hundreds of [00:23:00] hours of video online about themselves. It's not about creating an email anymore that looks like it's from that person.
You can train AI to speak in that person's voice, to answer questions the way that that person would naturally answer questions in a conversation. And we're also going to see sophisticated direct targeting. It's, it's less of a numbers game and more, this person looks like somebody that I can get 100, 000 from.
I'm going to target them on social media with all that they've shared and Build a whole scheme around it.
Simon Horswell: This is going to be the last episode of the podcast. You just reminded me of something very dangerous. Goodbye. No, it's, yeah, it really is a worry. I think the more people become aware of what is possible nowadays, the more people will start to understand what's possible.
You know, what we're letting ourselves in for potentially. I mean, we've seen an increase in deepfakes in identity fraud over the last year or so. We've really seen that blossom. We're now [00:24:00] starting to hear more and more scams that have involved deep voice. We can see where, you know, it doesn't take a genius to see where these two technologies are going to, you know, eventually come together.
And we're going to be in a very difficult situation. And it's not going to be something that's pre recorded. It's going to be something that's done in real time.
Michael Fox: We float AI on it as a boogeyman. Sometimes it is a boogeyman, but if, if people do get really sophisticated at those deepfakes, and they will, we're, we're gonna have to come up with other ways to to check that, you know, our own, our own kind of live multi factor authentication, you know, if your if your child or your grandson is contacting you, you know.
There's like other ways to verify.
Simon Horswell: Well, this is the thing. So, I agree. I think there's a lot of demonizing of AI because of the rise of generative AI and the use of things like deep fakes. But at the same time, it's probably going to be the same tech that [00:25:00] helps us to protect ourselves from it. It is a tool.
After all, it's not an entity as such. It's a tool that can be used for good or can be used for ill. And if it's being used for ill, then we need to balance that with finding the right solutions to, to use it for good.
Michael Fox: And, and sometimes as we talk about technologic, technological advancement, The basic solutions end up being the right ones where you're talking about, you know, what's the code word for the family or whatnot, and also human intuition.
And a lot of these examples where people are getting fooled, their gut instinct tells them something is off.
Simon Horswell: I was going to say that when you mentioned it earlier. I think there is, it's, I don't know if some people don't have this. But more common than not, when I talk to people who've experienced something like this, there is a sinking feeling in the pit of their stomach.
And I think whenever you feel that, that's your kind of prime, primeval instinct, that's just [00:26:00] saying, this is bad. Whenever you feel that, you should just get out of that situation.
Michael Fox: Yeah,
Simon Horswell: yeah. That's why they say, you know, trust your gut.
Michael Fox: Trust your gut. Maybe, maybe people are trained not to trust it, but absolutely, you know, trust your gut in these situations.
Absolutely.
Simon Horswell: Wonderful. Michael, thank you so much for joining us today. Where can listeners find you online and where can they learn more about you and your work?
Michael Fox: I don't, I don't yet have a Simon level podcast crew. Um, But I am increasingly active on LinkedIn. And so look, look for my posts there, message me.
I'm also very, very active at co op obviously, and I encourage you to follow us and what we're doing. Michael, thank you so
Simon Horswell: much for being with us today. Thanks again, Simon, it's been great. Thank you for joining us on this journey inside the fraud lab. If you'd like more insights into attack patterns and trends as we see them on Onfido, head to onfido.
com or click the link in the show notes to access our annual identity. [00:27:00] It's full of proprietary research into how fraudsters are attacking identity verification and how the world of prevention is changing. It's full of insights. For example, Financial Services has seen a 23 percent increase in fraud versus last year.
And 46 percent of document fraud targets national ID cards. If you'd like to learn more, get your free copy by clicking the link in the show notes. Goodbye for now, and I hope you join us again next time.