By David Briggs, CEO GeoComply
COVID-19’s impact is far reaching and affects nearly every part of our daily lives. If that wasn’t enough, cyber criminals are exploiting new ways to prey on the scenario, particularly on the government programs designed to help people and small businesses who are struggling financially. As a result, internet-based fraud is skyrocketing and until necessary steps are taken to mitigate the risks, no corner of the internet is immune.
Based on actions taken by the U.S. Department of Justice (DOJ), testimony by experts before Congress and reinforced in a recent report from the Government Accountability Office (GAO), lawmakers and industry experts should insist that government agencies and private industry do everything they can to stop the fraud plaguing government-backed stimulus programs.
With President Trump’s recent approval to extend the Paycheck Protection Program (PPP) and the U.S. Congress poised to approve a new wave of federal relief packages in the coming weeks, now is the time for the government and private industry to take action.
Government Backed Stimulus Programs Plagued by Unprecedented Rates of Fraud
Federal programs, like the PPP and unemployment insurance, are particularly vulnerable to fraud because of how quickly they were set up to address the financial needs of millions of people and businesses. The Government, banks and fintechs are under pressure to deliver these much-needed funds, so applicants are not being properly vetted and know your customer (KYC) processes are frequently truncated.
This creates an inviting environment for cyber criminals to thrive in anonymity. For two decades, an IP address has been, and often remains, the sole data standard used by banks to locate someone on the other side of an online transaction. Given that software like VPNs, DNS Proxies and other IP spoofing tools are readily available to fraudsters, reliance on an IP address alone is not enough.
The Solution is Simple
Whether it’s hailing a rideshare service, finding a gas-station, checking the weather or ordering a meal via a delivery service, other industries have already abandoned IP data because of its limitations and now rely on sophisticated geolocation technologies utilizing modern methods such as GPS, GSM triangulation and WiFi data to determine true location and authenticate their customers.
By utilizing the same tools and techniques already in use by other regulated sectors to ensure the integrity of location data, the government and other financial institutions tasked with distributing critical funds, will be able to evaluate risk and stop the fraud before it happens. A bad actor must spoof not only the identity of the intended recipient of the funds, but also their own location. So if you can detect the location fraud, you can stop the crime from happening.
Stop the Flow of Government Funds to Bad Actors by Integrating Accurate, Authenticated and Unaltered Location Data
Integrating accurate, authenticated and unaltered geolocation data checks at the time of a borrower’s application is critical in stopping the expected fraud arising from the next round of government relief disbursements. Moreover, KYC best practice dictates that lenders incorporate a straightforward location check at time of application as well. These simple steps would go a long way to protect these critical programs from fraud.
It shouldn’t be a surprise that criminals are exploiting the increased use of the internet due to the coronavirus pandemic, but it is alarming that more isn’t being done to identify this type of fraud and prevent it. As the Government and industry search for ways to help Americans in need, they must also utilize readily available anti-fraud tools to thwart criminals’ access to these coveted funds.