In this series, we interview compliance officers and other financial crime experts to find out the latest career tips, industry insights, and interesting trends you need to know. Sign up for our newsletter so you don’t miss out on upcoming interviews!
In this installment of our Fincrime Fighters Expert Interviews, we had the privilege of speaking with Simon Horswell, Fraud Specialist Manager at Onfido, and one of the contributors behind Onfido's Identity Fraud Report 2023. You can find Simon on LinkedIn.
I’m Simon Horswell, fraud specialist manager and expert document examiner at Onfido, a global identity verification provider.
In 2000, I started working in border control. During my initial induction training, I was fascinated by the sessions on document fraud and I pursued it by chasing down every single case that I could get involved in. After four years working at the airport as a Document Expert, I completed a 10-week attachment at the UK National Document Fraud Unit (NDFU) and said, “This is where I need to be,” and took an opportunity for a position there. Working at the NDFU, I gained great exposure dealing with police forces, providing witness statements and expert testimony, leading training for border guards, and traveling internationally to work on document fraud guides with other experts, embassies, consulates and immigration officers.
After seven years, I moved to the private sector, working closely with forensic equipment on existing and new products to examine documents. It gave me insight into how documents can look and behave differently when viewed by cameras and machines. Later, Onfido, a start-up founded by three Oxford University graduates, approached me and told me about their mission to broaden access to online services by making identity verification more accessible. With my knowledge about how identity documents can behave when viewed remotely, it was a good fit. Onfido was the first company I dealt with that I felt really could automate document assessment. I was quite invigorated by the whole idea and haven’t looked back since.
It’s the investigation – putting all the pieces of the puzzle together, pulling on the thread, seeing where it goes and getting a result that makes sense. At the end of training, I always say, “Good luck and good hunting,” because you’re sending people out to investigate, find out what the problem is, catch the fraud, and come up with the result. It’s almost Sherlock Holmes-like.
Accepting that you won’t get everything right all the time or that some decisions won’t be conclusive. Early on in your career, you can feel pressure to find a binary answer, but sometimes if there isn’t enough evidence, the right answer is inconclusive.
You have to accept that because there are massive consequences either way if you get it wrong. Nothing leaves a mark like the first case you missed.
Remaining objective. If you have a preconception that something is fraudulent, it can color your whole investigation. When putting the puzzle together, you have to remain objective. Document examination is a form of forensic examination – you shouldn’t have any preconceptions; in every case, you should put all the pieces together and see what the logical conclusion is.
Doggedness is also a key trait, chasing an investigation or examination down to the end. A thorough investigation can take time and requires patience.
One surprising trend is that fraudsters are going for quantity over quality, using a brute force tactic.
Because fraudsters are working at scale, they’re lowering their sophistication level to ramp up volume efficiently. They’re looking for the weakest animal in the herd.
If they can find one attack vector that is missed by one particular company or vendor, then they will get as many attempts through that gate before it closes. The good news is that AI is well suited to detecting this type of fraud at scale.
Fraudsters are attacking 24/7. Interestingly, before the pandemic, we saw that fraudsters were mainly active Monday to Friday, 9am - 5pm, and it looked more like individuals acting.
Now, we’ve seen a shift – we’re able to link fraud cases together by IP addresses and other signals, and we’re seeing that fraud attacks seem much more organized.
Since the pandemic, there has been a significant increase in demand for online access to goods and services. The increasing use of biometric verification technology for regulation and compliance provides a positive user experience and ups the ante and effort required by fraudsters to attack. That said, as biometric systems become more common, we’ll start to see them attacked more in 2023. We’re already seeing fledgling attempts into deepfakes, and people will start to explore that more over time.
We still see customers that don’t tie identity document checks to any human characteristics (biometrics), which is a fundamental error. Anyone can grab someone else’s ID or find a document on the Internet and use it, as there is no proof needed that the document belongs to that person. Just seeing an ID document doesn’t do anything; requiring an ID check and a biometric match is fundamental for true identity verification. Our report bears this out year after year.
Additionally, you can really limit the amount of digitally altered documents if you adopt a software development kit (SDK). For instance, Onfido’s SDK ensures an ideal, live document or image is uploaded from a device, mitigating fraudsters' attempts of uploading a picture from a photo-editing software package. With altered documents on this rise, this creates an extra barrier to fraud tactics.
Lastly, businesses should be employing a multi-layered approach. There is no catch-all solution or silver bullet check.
You need as many layers as possible because you won’t be able to block 100% of fraud.
Make it as problematic as possible for fraudsters to subvert fraud controls so the amount of effort is bigger than the reward.
Don’t be complacent. If you want to be more proactive, get a stronger defense in place now. Don’t wait for organized fraud to test your processes.
You won't stop all fraud – but the more barricades you build, the more you’ll stop (whilst also making yourself a less attractive target).
If you’ve just been using documents, introduce biometrics to create confidence the document is presented by its rightful holder. Then, on top of that, start looking at passive, non-visual signals that tell you about the device being used. I think that will form a big part of effective strategies for 2023. You can even look at the transaction behavior. If you start looking at the whole picture and build intelligence by multi-layering signals, you’re taking a more proactive approach. Prevention is the best form of defense.
Get machine learning models or algorithms to do the heavy lifting on low-hanging fruit, such as repeat attacks, which is when fraudsters create thousands of variations of the same document by altering just a few details each time.
Because they act at scale, fraudsters don’t recreate a new document each time; instead they’ll change a few figures and leave the name, document number, or biographic details.
You don’t even need to look at a document to fish these out, and if you automate that process, you’re saving the manual review process for edge cases or more complicated cases. Put a net in front to catch the easy cases first so that you can spend more time on the more sophisticated ones.
The trend I’m looking out for in 2023 – and I don’t know if it will play itself out over the next 12 months – is digital identity documents. More countries are taking on this idea of digital identity documents, whether it’s via a digital wallet or a specific government app. There’s a big push from the convenience side for the end consumer, and it’s a lot less infrastructure required from the issuing authority side. It does save a lot of money and it’s very attractive.
What will be interesting is how those evolve and how they get adopted in regard to online verification and account onboarding. If documents never physically exist, and security features such as the print process, protection of the photo and holograms go away, what should examiners look for? Many of the emerging schemes require verification through a specific NFC app. So, how do we verify documents in a remote environment, if there is no consensus or differing digital schemes between countries or two government organizations in the same country?
With travel documents, there are internationally agreed and adopted guidelines, but now we're talking about documents like driving licenses and national identity cards, which don’t have anything similar in terms of international agreement. How we’re going to approach that problem - of interoperability - is really interesting. If people aren’t thinking about it yet, they should think about it now because it won’t go away.
In this series, we interview compliance officers and other financial crime experts to find out the latest career tips, industry insights, and interesting trends you need to know. Sign up for our newsletter so you don’t miss out on upcoming interviews!
In this installment of our Fincrime Fighters Expert Interviews, we had the privilege of speaking with Simon Horswell, Fraud Specialist Manager at Onfido, and one of the contributors behind Onfido's Identity Fraud Report 2023. You can find Simon on LinkedIn.
I’m Simon Horswell, fraud specialist manager and expert document examiner at Onfido, a global identity verification provider.
In 2000, I started working in border control. During my initial induction training, I was fascinated by the sessions on document fraud and I pursued it by chasing down every single case that I could get involved in. After four years working at the airport as a Document Expert, I completed a 10-week attachment at the UK National Document Fraud Unit (NDFU) and said, “This is where I need to be,” and took an opportunity for a position there. Working at the NDFU, I gained great exposure dealing with police forces, providing witness statements and expert testimony, leading training for border guards, and traveling internationally to work on document fraud guides with other experts, embassies, consulates and immigration officers.
After seven years, I moved to the private sector, working closely with forensic equipment on existing and new products to examine documents. It gave me insight into how documents can look and behave differently when viewed by cameras and machines. Later, Onfido, a start-up founded by three Oxford University graduates, approached me and told me about their mission to broaden access to online services by making identity verification more accessible. With my knowledge about how identity documents can behave when viewed remotely, it was a good fit. Onfido was the first company I dealt with that I felt really could automate document assessment. I was quite invigorated by the whole idea and haven’t looked back since.
It’s the investigation – putting all the pieces of the puzzle together, pulling on the thread, seeing where it goes and getting a result that makes sense. At the end of training, I always say, “Good luck and good hunting,” because you’re sending people out to investigate, find out what the problem is, catch the fraud, and come up with the result. It’s almost Sherlock Holmes-like.
Accepting that you won’t get everything right all the time or that some decisions won’t be conclusive. Early on in your career, you can feel pressure to find a binary answer, but sometimes if there isn’t enough evidence, the right answer is inconclusive.
You have to accept that because there are massive consequences either way if you get it wrong. Nothing leaves a mark like the first case you missed.
Remaining objective. If you have a preconception that something is fraudulent, it can color your whole investigation. When putting the puzzle together, you have to remain objective. Document examination is a form of forensic examination – you shouldn’t have any preconceptions; in every case, you should put all the pieces together and see what the logical conclusion is.
Doggedness is also a key trait, chasing an investigation or examination down to the end. A thorough investigation can take time and requires patience.
One surprising trend is that fraudsters are going for quantity over quality, using a brute force tactic.
Because fraudsters are working at scale, they’re lowering their sophistication level to ramp up volume efficiently. They’re looking for the weakest animal in the herd.
If they can find one attack vector that is missed by one particular company or vendor, then they will get as many attempts through that gate before it closes. The good news is that AI is well suited to detecting this type of fraud at scale.
Fraudsters are attacking 24/7. Interestingly, before the pandemic, we saw that fraudsters were mainly active Monday to Friday, 9am - 5pm, and it looked more like individuals acting.
Now, we’ve seen a shift – we’re able to link fraud cases together by IP addresses and other signals, and we’re seeing that fraud attacks seem much more organized.
Since the pandemic, there has been a significant increase in demand for online access to goods and services. The increasing use of biometric verification technology for regulation and compliance provides a positive user experience and ups the ante and effort required by fraudsters to attack. That said, as biometric systems become more common, we’ll start to see them attacked more in 2023. We’re already seeing fledgling attempts into deepfakes, and people will start to explore that more over time.
We still see customers that don’t tie identity document checks to any human characteristics (biometrics), which is a fundamental error. Anyone can grab someone else’s ID or find a document on the Internet and use it, as there is no proof needed that the document belongs to that person. Just seeing an ID document doesn’t do anything; requiring an ID check and a biometric match is fundamental for true identity verification. Our report bears this out year after year.
Additionally, you can really limit the amount of digitally altered documents if you adopt a software development kit (SDK). For instance, Onfido’s SDK ensures an ideal, live document or image is uploaded from a device, mitigating fraudsters' attempts of uploading a picture from a photo-editing software package. With altered documents on this rise, this creates an extra barrier to fraud tactics.
Lastly, businesses should be employing a multi-layered approach. There is no catch-all solution or silver bullet check.
You need as many layers as possible because you won’t be able to block 100% of fraud.
Make it as problematic as possible for fraudsters to subvert fraud controls so the amount of effort is bigger than the reward.
Don’t be complacent. If you want to be more proactive, get a stronger defense in place now. Don’t wait for organized fraud to test your processes.
You won't stop all fraud – but the more barricades you build, the more you’ll stop (whilst also making yourself a less attractive target).
If you’ve just been using documents, introduce biometrics to create confidence the document is presented by its rightful holder. Then, on top of that, start looking at passive, non-visual signals that tell you about the device being used. I think that will form a big part of effective strategies for 2023. You can even look at the transaction behavior. If you start looking at the whole picture and build intelligence by multi-layering signals, you’re taking a more proactive approach. Prevention is the best form of defense.
Get machine learning models or algorithms to do the heavy lifting on low-hanging fruit, such as repeat attacks, which is when fraudsters create thousands of variations of the same document by altering just a few details each time.
Because they act at scale, fraudsters don’t recreate a new document each time; instead they’ll change a few figures and leave the name, document number, or biographic details.
You don’t even need to look at a document to fish these out, and if you automate that process, you’re saving the manual review process for edge cases or more complicated cases. Put a net in front to catch the easy cases first so that you can spend more time on the more sophisticated ones.
The trend I’m looking out for in 2023 – and I don’t know if it will play itself out over the next 12 months – is digital identity documents. More countries are taking on this idea of digital identity documents, whether it’s via a digital wallet or a specific government app. There’s a big push from the convenience side for the end consumer, and it’s a lot less infrastructure required from the issuing authority side. It does save a lot of money and it’s very attractive.
What will be interesting is how those evolve and how they get adopted in regard to online verification and account onboarding. If documents never physically exist, and security features such as the print process, protection of the photo and holograms go away, what should examiners look for? Many of the emerging schemes require verification through a specific NFC app. So, how do we verify documents in a remote environment, if there is no consensus or differing digital schemes between countries or two government organizations in the same country?
With travel documents, there are internationally agreed and adopted guidelines, but now we're talking about documents like driving licenses and national identity cards, which don’t have anything similar in terms of international agreement. How we’re going to approach that problem - of interoperability - is really interesting. If people aren’t thinking about it yet, they should think about it now because it won’t go away.