All Posts

Now that we have already done a deep dive into NIST IAL 2 (NIST IAL2 Identity Verification An Updated Review of Requirements), we will explore level 3. This will only be at a high level as a client requested it as an additional method for certain users. Similar to how the government added in-person help for Login.gov at the USPS, other businesses may require this feature. For example, if you are a bank and want to achieve IAL3 for wiring a large amount, then you could require proofing to be done onsite.

Four parts of NIST 800-63 include identity guidelines, identity proofing, authentication, and federation documents. The NIST page provides a good overview of each section, and you can explore the guidelines for granular details further. As each covers a massive amount of information, we will only select the 800-63A, titled Enrollment and Identity Proofing. Trust Swiftly fits perfectly in this section, and we have meticulously built our tool to comply with this requirement.

If anyone has been paying attention in the past few months, they will realize that most KYC protections have been breached at this point. The gates are wide open, and fraudsters encourage the peasants to pillage the castles. YouTube and other social media platforms are doing nothing or acting too late to slow down the training of fledgling fraudsters.

Recently, companies have been facing an uptick in fraud and other employment attacks that put them at risk. HR, recruiting, and people teams face immense numbers of candidates and typically lack the tools, processes, and availability to thoroughly vet potential new and existing employees.

The SBA, a lifeline for many small businesses, is under siege from fraudsters. The urgency of the situation is clear when we see them pouncing on new programs and even disaster funds. A quick scan of Telegram reveals half a million in likely illegal disbursements, just the tip of the iceberg.

The following post will review strategies for Radar as an overall product and then for Stripe users on managing fraud efficiently. Throughout the years, Stripe Radar has grown to become a comprehensive product with improved risk scores and continues to add features.

Decentralized identity will become significant in identity proofing and verification in the coming years. There are plenty of explainers and deep dives into the technology and why companies and people should pay attention to it. It is still a fragmented space, but new iterations are slowly improving and standardizing the solutions.

Understanding the significance of 'Know Your Employee' (KYE) in onboarding is becoming the next level of security in IAM. Recently, remote employees and contractors are a weak link in the security of a business. In one case, North Korea has targeted businesses with inside employees that decide to earn salaries, exfiltrate information, or remain sleeping agents until needed.

As most companies and bad actors are now using AI against each other, there has not been too much exposure of methods used in bypasses. We have covered some KYC and deepfake vulnerabilities, but the fraud world doesn't stop with just one component. Companies are racing to create their own AI agents to help automate and detect more AML and KYC checks.

In 2024, identity verification software has expanded across industries, and more companies are utilizing these services. Around five years ago, many solutions did not exist, and there were only a few options on the market to verify an ID. Even worse, they were manual, slow, costly, and challenging to implement.

As more AI models and tools are released into the wild, they are becoming visually realistic and easier to use. When a model becomes optimized to run on lower-end hardware and meets realistic capabilities, it starts to gain critical mass to be used for fraud.

As technology advances, there is no slowdown in bad actors taking advantage of tools to commit crimes. Now, with more advanced AI entering the stage with vast capabilities, the barriers to entry for many identity verification bypass methods are being lowered.

We recently assisted a P2P crypto vendor that was facing major losses due to buyers on a P2P marketplace. They faced significant chargebacks and bank recalls from verified buyers with positive reviews. Unfortunately, many fiat payment methods are easily disputable by a buyer if they complain to their bank or financial institution.

This post will delve into the underworld of banking fraud and some examples of wire fraud. The anatomy of the fraud ecosystem keeps getting more complex, with more bad actors joining and applying their skills across industries. Banks need to be especially aware of these fraud scams as they can instantly lead to 6- and 7-figure losses.

ChatGPT's latest release of models can analyze images using the Vision API, meaning now is the time to test out new use cases. Using ChatGPT to view images can prevent fraud and create complex detection and prevention workflows. However, ChatGPT can not replace an entire identity verification stack as privacy limiters prevent the models from extracting certain information.

With WooCommerce’s rebrand to Woo, we released our latest updates with our new partnership with the top fraud prevention plugin, Anti-Fraud. Next, if you are researching alternative plugins for Token of Trust, Read ID, and Age Checker, you have found the ultimate answer.

Credit card fraud is still on the rise, and bad actors are shifting their strategy to automated bot attacks that target WooCommerce stores. If you have not experienced a carding attack, we will give you a brief overview of what happens and the impact on your business and bottom line.

We have updated our AI system to detect all identity documents with nearly every country supported and document type. The system is self-learning and constantly updated with support for any document your business collects.

Trust Swiftly recently encountered an uptick in the industry for chargebacks and fraud attacks. More consumers are interested in AI-related tools, which has created a market for cheaper subscription subscriptions. The bad actors are getting more advanced and collaborating extensively to widen their targets.

Recently the White House released a plan to stop the ongoing systemic fraud that many states and agencies faced these past few years. Covid allowed for an explosion in easy money through new programs that did little in due diligence.

Electronically prescribing drugs has increased steadily over the years but recently moved towards greater adoption with increased DEA guidance. COVID changed many aspects of identity proofing, and the need for electronic prescriptions skyrocketed. At the same time, the bad actors have seen new opportunities to exploit anything digital.

Many guides and references about Stripe Radar are damaging sales and conversions due to improper setup and configuration. Copying another businesses’ rules to your account is bound to end in more lost sales than if they were left alone. Instead, you need to selectively enable the rules that apply to your business and where they are seen to make an impact against fraud.

After releasing our WordPress WooCommerce plugin, we noticed an increase in signups for shops starting out on their fraud prevention journey. For those unfamiliar with Woocommerce, it can essentially turn any WordPress site into an eCommerce store like Shopify.

To stay ahead of fraudsters, it is always a good idea to check up on their latest techniques. A recent review of some fraud options reveals these bad actor businesses even further progress.

Every eCommerce shop deals with the eventual scenario of a risky customer order. There might be some red flags through past experiences, or another fraud tool alerts you about risky behavior. Usually, this happens because a customer’s velocity, IP, device, amount, or one of many other factors triggered a review for the order.

Securing funds and identifying users is critical to keeping crypto exchanges and related products safe. With the recent growth in new technologies dealing with crypto, it is essential to protect them with additional controls. They all should follow similar building blocks, whether building an NFT marketplace or shoring up your KYC program for crypto exchange.

Fraud has no bounds, and as seen in the latest research on identity theft, it has taken a worse turn. Many bad actors have mastered fake and stolen identities for big payouts on loans or similar scores. They have seen hospitals, pharmacies, and doctors as another easy target.

A confounding find recently allowed us to uncover another tactic fraudsters have been taking advantage of to defeat fraud identification systems. Identity verification has seen more complex responses to an ever-increasing number of security checks.

Today’s international regulatory environment is constantly fluctuating. As digitalization continues to penetrate an increasing number of industries, regulations –particularly in domains such as information privacy and Know-Your-Customer (KYC) policies –will have to progress to sustain. However, regulations typically evolve at a slower pace as compared to industry improvements. As a result, what is acceptable for a business to do today may become proscribed tomorrow.

An identity verification service helps businesses reduce fraudulent practices, an outcome of which is also the alleviation of risks that appear during online transaction processing. Moreover, you can experience a considerable decrease in customer onboarding expenditures, a parameter that falls in line with domestic and global anti-money laundering requirements.

ID verification has become a crucial method to identify individuals in the past year due to virtual requirements. It has allowed many new services to be offered digitally, such as account openings and financial services in critical times of need. However, with every new technology, there are plenty of bad actors waiting to exploit it.

Amidst the COVID-19 pandemic, the world saw an increase in another form of security concern—a cyber one. Reports show that cyber-attacks increased by over 600% during the COVID-19 pandemic. As the world continues to shift to online solutions for business and commerce, criminals are moving towards digital scams and fraud rackets to exploit others for the sake of personal gain.

Ways Fraudsters Perform Identity Theft A 2019 Internet Security Threat Report by Symantec stated that cyber-attackers are expanding their targets and using cleverer methods to perform identity theft and scam — and nobody is exempted. Almost 10% of individuals are now victim of identity theft every year, with 21% of these people having been victimized

ATO (Account Takeover) attacks have been on the rise this year, and we expect them to continue to grow without proper mitigations. A multi-lateral approach should be taken to stop these threats effectively. There are plenty of low-cost mitigations that can be implemented to prevent these attacks, which we will go into further. Combining these methods, we have seen our clients significantly reduce the threat of account takeovers.

Top Benefits of Flexible Identity Verification As identity theft cases are increasing quickly, every company has to set up a cutting-edge verification tool to guarantee that only genuine users are accessing their solution. The verification process is indispensable from the perspective of user experience. If your company is secure, individuals will feel confident about using

How to stop online fraudsters with identity verification? To start, we need to understand fraudsters and their motives. Most are after anything with monetary value. The more money they can make, the more likely you will be a victim of their scams. Also, the easiness of committing that scam will factor into their targets.

Payment Orchestration Meets Fraud Optimization Many companies have diversified their payment platforms by offering multiple acquirers and payment methods for their customers. This approach is a critical way to diversify your payment stack and increase conversions. By having only one payment method like PayPal, you put your business at tremendous risk due to disruptions.

Strengths and Weaknesses of Complex Verification Methods In today’s online world, one factor of security is not enough. Businesses need a layered approach to defend themselves with solutions that are easily deployed against evolving threats. This is one of the main reasons behind dynamic friction and why one approach will not work. Fraudsters are learning

Blocking Greater than 1% is Bad Business. Many businesses might have rules that look like the below when dealing with fraud. They see a risky user and decide to block them without even giving them a chance. Or they put them through a slow manual review. In today’s, online business users expect results fast, and

What is dynamic friction for fraud? Friction for those unfamiliar with it in the identity space essentially means slowing down a person. Not many people like to be slowed down, and that’s the same way people feel about friction. Companies slow people because they don’t want to take unwanted risks. If there are no checks

How can companies better approach friction? Joining fraud tools with identity proofing is critical to responding to advanced threats while minimizing friction. Once this is done, we can tune existing detection for new threats and know which signals will increase trustworthiness. For example, instead of rejecting any payments by our fraud tool, we can set

A case study into the costs to get to a 1% block rate and 0 manual reviews Before we understand the client’s use case, we need to gather the pre-requisites for fighting fraud. First, you will need some fraud tool to get a baseline of the standard data on a person to set up any