For some companies, fraud is nothing more than an accepted expense casually factored into the company’s profits. But for those who understand the real threat, fraud is a risk that must be prevented and stopped at all costs. We have become so accustomed to the existence of fraud that it now sadly seems like a fact of life. It doesn’t have to be, but preventing fraud requires a paradigm shift. It requires knowing your customer (KYC) and adopting practices that many companies have shied away from for years. Fraud will continue to increase until the business world embraces prevention from the early stages of customer interaction.

Fraud is a business problem

The internet has made fraud easy. Covid-19 made it even easier, with more companies moving their workflows to digital platforms. Unfortunately, without a subsequent improvement in security practices, this digitization has exponentially increased the attack surface for fraudsters around the world who will not hesitate to seize the advantage. According to LexisNexis, there was one 19.8% increase in fraud costs from 2019 to 2022.

Fraud costs are a real problem for businesses. Of course, individuals also bear the costs of fraud, but companies see a significant impact on their bottom line. According to the same LexisNexis study, every $1 of fraud actually costs ecommerce sellers in America $3.75 once the answer is given and done. All told, fraudsters were able to steal about $28 billion by identity fraud in 2021 alone. Our current economic downturn means that fraudsters will be more, not less, brutal in their attacks.

It is clear that fraud is more than an annoying issue. Not only does it cost both companies and customers huge sums of money, but it can also lead to significant damage to a brand. Companies risk losing customer trust if they fail to address the problem and protect their customers. This problem is for companies to solve. However, it’s not as hard as we might think.

Related: Why verifying user identities is a good thing for your customers and your business

Most fraud begins (and ends) with identity

Most scams begin with account creation, where a fraudster pretends to be a real person or creates a fake persona to carry out fraudulent activities. KYC has historically consisted of methods such as human-based document verification, SSN, knowledge-based authentication (KBA), as well as other database information to identify that an individual is who they claim to be through what they know about the individual. This may have worked 20 years ago, but the traditional methods we were used to are no longer sufficient. Too much personal information is available online, and fraudsters can usually find the answers to security questions through data dumps or trolling a victim’s social media. Fortunately, the solution already exists, using widely accepted tools and stopping identity fraud at its source: creating an account.

Strong onboarding KYC practices have often been avoided due to the misconception that they create too much friction for users. Honestly, the tools are in place to make this a frictionless transaction. All the customer has to do in the beginning is capture their government issued ID and then take a selfie. Such a small step can significantly reduce problems later on by creating an environment where fraud is prevented from the start. It also paves the way for hassle-free ongoing fraud prevention using the selfie biometrics for continuous reauthentication.

The secret behind strong, persistent KYC

Strong onboarding practices ensure a highly effective and streamlined reauthentication process for subsequent transactions with a customer. As the customer continues to interact with a company, it can use advanced analytics to build a baseline of behavior to dynamically assess risk levels. All the customer sees is the occasional request for a selfie, which is then compared against multiple other data points to verify an individual’s identity.

Another term for this practice is multi-factor authentication (MFA). That’s lazily understood as “security measures” like SMS-based one-time passcodes. Unfortunately, while such extra security measures are industry standard, they are among the easiest MFA methods to breach — a thief can intercept an SMS-based code for as little as $16.

That doesn’t mean MFA should be completely discarded. The concept is fact based: the most secure identity verification is a combination of something you are, something you know, and something you have. The hardest thing to fake is something you are: biometrics. These include fingerprints, facial scans, voice recognition, and retinal scans (among many others). Today’s modern biometric proofing is fast approaching 100% accuracy.

Building in these security measures also provides much stronger assurances for the company as friendly fraud is a major problem. With facial recognition integrated into the account management process, businesses now have a timestamp and verified proof that a person made that purchase. With some simple tweaks to identity verification, businesses could save over $48 billion per year in fraudulent chargebacks.

Related: The technologies consumers can use to fight fraud

Active monitoring — the key to lasting success

However, the journey does not stop at biometrics. A robust layer of orchestration is needed to organize the small bits of data scattered across the Internet into a comprehensive view of each unique customer. This behind-the-scenes work can help monitor KYC fundamentals to continuously check for fraud.

Orchestration and active monitoring also help keep the good customers while weeding out (or even preventing from the start) those you’d rather not do business with. Using a trusted vendor to perform these third-party identity verifications, on top of the original and ongoing verification methods maintained in-house, helps ensure businesses. You can also assess risks in real time; if a customer is mostly located in California but tries to log in from Russia, you can better detect and stop the fraud.

Related: The solution to preventing identity theft in an increasingly digital world

Simple CBA methods alone cannot keep up with advanced identity fraud techniques. Unfortunately, many companies equate better identity verification with a worse customer experience, but in reality, fraud prevention can improve interactions and even streamline workflows for both companies and customers. Businesses can revel in better identity verification from the beginning of the customer journey, along with biometrics-based MFA and continuous, active monitoring. Our customers deserve it, and it will take a big bite out of the global identity fraud game.