Javascript is not enabled.

Javascript must be enabled to use this site. Please enable Javascript in your browser and try again.

Skip to content
Content starts here
CLOSE ×
Search
Leaving AARP.org Website

You are now leaving AARP.org and going to a website that is not operated by AARP. A different privacy policy and terms of service will apply.

New Tech Tools Protect Consumers From Identity Fraud

Emerging fraud-fighting technologies are being used to help thwart criminals who might pretend to be you


spinner image a silhouette of a person with a phone over a part of the face with a picture of a face
Photo illustration: Tyler Comrie (photo: Getty Images)

Here’s a scary thought: There are now so many criminal breaches of consumer-information databases that they rarely even make the news anymore. In 2023, there were more than 3,200 major database breaches, 78 percent more than the previous year, according to the Identity Theft Resource Center.

Given this, it’s wise to assume that much of your personal information is available to criminals; it’s well documented that there is a thriving open market for personal information on the dark web, where the credit card numbers, Social Security numbers and other personal data of countless Americans are bought and sold for surprisingly small amounts of cash.

So the real question is, how can criminals be prevented from using that data for identity fraud? Or more precisely, how can financial institutions, ­retailers and others we transact business with know whether it is us contacting them and not an impostor?

There are increasingly hopeful answers to these questions. Here is just a small sampling of private businesses developing and deploying new technologies to thwart criminals who might be trying to impersonate you.

Phone verification

A typical fraud would have a criminal, armed with your account numbers and personal info, calling your bank or other financial ­account holders and impersonating you to get access to your money. Digital security companies such as Prove have come up with a clever way to identify impostors by using the customer’s phone to help verify their identity. The system will ping the phone’s SIM card to verify with the carrier that it’s you at the other end of the transaction. It also checks how long the phone has been operational and the trustworthiness of the carrier to determine whether the phone is actually yours or if it’s a burner using a cloned number.

A new tool from the company uses your phone to prefill some of the information on an application via a “secure handshake.”

“We connect those dots to answer the question: Is [the applicant] validating their own information,” says Mary Ann Miller, fraud and cybercrime executive adviser and vice president of ­client experience at Prove.

Scoring the likelihood you are you

Other companies, including SentiLink, work a bit further in the background when helping financial institutions determine if someone applying for an account or a monetary withdrawal is who they say they are.

The company scans about 1 million applications per day. Roughly 10,000 of those are attempts at identity theft — with nearly one-fifth of the targets being 65 or older.

Using a machine learning algorithm that factors in countless bits of data and takes less than a second to run, SentiLink will provide a score on the likelihood that the requested transaction is fraudulent. The higher the score, the better the chance it’s a bad ­actor. That sends up a red flag to the financial institution, which can request further information or pause the transaction. 

Identifying you by your patterns

BioCatch, an international tech company, has developed a ­proprietary algorithm that’s based not on devices or location but on the way you enter information and access your accounts on a day-to-day basis.

Take your bank account, for instance. Some people check it once or twice a week, scanning to see if deposits or payments went through.

They log in, typically, either via the financial institution’s app or on a browser on their desktop. They type in their information in a certain cadence, with a certain amount of time spent between key presses and certain swipe patterns on their phone. All of that creates a behavioral profile.

When someone logs in to the account and it goes against the normal profile, BioCatch alerts the financial institution. The bank or credit card company could then confront the person logged in to the account, asking for a one-time password (which is sent to the rightful account owner’s phone).

Ensuring your voice is your own

Not long ago, you could at least trust that financial partners you’d dealt with before could recognize your voice. But artificial ­intelligence can create a virtually undetectable clone of your voice that can discuss any topic using just a short audio clip lifted from ­social media, a speech or a phone conversation. Pindrop, an information security company, monitors the audio traffic of banks and other financial institutions, insurers and call centers, authenticating whether the voices of customers are real. The company has analyzed more than 5.3 billion calls, detecting over 100 million spoofing attempts.

According to Pindrop, that has stopped $2 billion in fraud losses. The company uses AI and machine learning technology to perform risk analysis of calls and interactive voice response technologies to ensure the caller is who they say they are.

It’s all done in real time and doesn’t slow down your (legitimate) interactions with your bank as you’re trying to do business.

Creating a digital identity

Coming up with quick ways for businesses to be sure no one is stealing your identity is becoming a critical need.

Bluink, a Canadian company, has launched a technology called eID-Me, which meets that country’s stringent identity verification standards. For consumers, it’s an easy process. Take a selfie while you’re at home and scan your ID, then submit them for approval. That information is encrypted, and the company compares your live selfie with your ID photo and the address on your ID with your phone’s location.

Once those are confirmed, a certificate is bound to your phone (and can only be unlocked on that phone). U.S. companies, such as Plaid, ­offer a similar service, completing identity verification in less than 10 seconds, with support for more than 16,000 types of IDs from 200 countries and territories.

Warning you of a scam attack

What many of us need is a digital watchdog that never sleeps or gets distracted.

Identity Guard works with IBM Watson, a supercomputer, to help prevent identity theft. The company charges a monthly fee to customers who sign up for its services and will send near-real-time email and text alerts when there’s a threat to infiltrate your credit or break in to your bank accounts, as well as if your personal information is misused.

The service will monitor your home title to ensure nothing suspicious (such as new names being added to it or yours removed) and your personal credit history to ensure identity thieves don’t set up credit cards or loans in your name.

                                  More Members Only Access

 

Unlock Access to AARP Members Edition

Join AARP to Continue

Already a Member?