Preventing drive-by fraud

Editorial Type: Case Study Date: 03-2017 Views: 1,507 Tags: Networking, Security, iovation PDF Version:
Max Anhoury, VP Global Partnerships at iovation explains how the AA used device intelligence to catch insurance fraudsters

The observed behaviour seemed to be harmless. Two Internet-enabled devices had been submitting less than ten automotive insurance applications per month for a couple of years. The steady trickle of new policies didn't cause alarm until the fraud team for the Automobile Association (AA), the UK's largest motoring organisation, noticed an increasing trend.

"Within a week of taking out the policies, those customers were calling in to cancel them," says Stephanie Driscoll, Fraud Operations Manager for the AA. "We started listening to recordings of the calls and soon realised that we were dealing with a group of five individuals. Each time, the customer was emphatic that a cancellation letter which must include a No Claims Bonus declaration should be issued and sent to them urgently."

In the UK insurance market, ghost brokers submit applications with falsified or stolen personal information to get the lowest possible premium. A cancellation letter featuring a No Claims Bonus entitlement can to some be a valuable asset. As soon as the cheap, bogus policy is sold on to a victim, the fraudsters quickly cancel the policy, pocket the customer's payment and quickly disappear.

In an effort to stop such fraud, protect drivers and preserve its reputation among insurers, the AA decided to implement device-recognition technology from iovation. When an end user's device interacts with specified integration points, for example account creation, application submission, etc. on the AA's online properties, the iovation solution can evaluate device attributes and assign it a unique ID.

Using this method, the AA identified the two Internet-enabled devices as the sources of all these mysterious policies and soon suspected fraud. However, consumer privacy laws prohibited the AA's fraud team from consulting with their peers at other insurers about the personally identifying information provided on the applications.

"When it comes to collaboration, quite often we're fighting fraud with one hand tied behind our backs," says Chris Monk, the AA's Collections and Fraud Manager.

Using the iovation generated unique device ID, the AA now had a legal method for collaboration. The AA posted a query to the iovation private Fraud Force Community of over 3,500 global fraud professionals asking if any other company had encountered these suspicious devices.

Meanwhile, the City of London Police approached the AA for information about an insurance fraud investigation. "We showed them that their case was linked to numerous policies we'd already identified using iovation," says Driscoll. "Using that data the police expanded their investigation and requested more detailed information about the associated policies and devices. In the end, we worked closely with the police over 12 months."

The AA's query had started a productive conversation at the iovation Fraud Force Community, where another UK insurer had also encountered the suspicious devices.

While adhering to UK privacy laws, the two insurers pooled their observations. They concluded that the fraudsters were using the AA's cancellation letters to get cheaper policies with the other insurer. These policies could then be sold quickly and profitably on the black market.

"The City of London Police needed something to tie the case together. The iovation device recognition service did exactly that," says Monk. "By the end of the investigation a solid case had been built against the fraud ring involving five automotive insurance companies." In court, three of the fraudsters submitted a guilty plea and a fourth was sentenced for four counts of fraud.

"We're always thrilled when we can contribute to a fraudster's conviction," says Driscoll. The AA's fraud team isn't resting on its laurels. They continue to monitor early signs of fraud and react immediately to thwart the fraudster's ongoing attempts. NC