Detect fake accounts and ATOs by uncovering the one thing fraudsters can't hide behind: their location.

Real-time fraud prevention is challenging for companies because of several primary factors. Firstly, fraudsters are constantly evolving in their tactics and developing new workarounds for existing anti-fraud protections. This constant adaptation means that companies are constantly racing to detect and respond to new types of fraud before they cause damage.

Scale is another challenge related to fraud prevention. A company that processes a high volume of transactions daily has avery short window to review them for risk. This time frame makes fraud prevention harder and puts more pressue on manual review team. One answer to this challenge is to ensure that an automated fraud detection system is in-place to reduce reliance on manual review.

Any fraud detection system, whether manual or automatic, has to balance security with business goals. Said differently, the system has to be robust enough to detect fraud without being so intrusive that it interferers with good customer acquisition or damages the user experience. Reliabiliy or the false positive rate is also a significant concern: it’s easy to imagine the frustration of a legitimate customer with a legitimate transaction blocked. Old fraud prevention tech also presents a legacy integration problem when upgrading to newer, real-time fraud detection tools. 

Finally, like regulators, today’s users are very aware of data privacy. If a fraud detection solution uses PII to perform a risk assessment, consumers and regulators will want to know how that PII is collected, used, and safeguarded. 

Despite these challenges, companies should continue investing in real-time fraud prevention as it is critical to protecting their customers and business.

There is no one-size-fits-all fraud detection solution, as the ideal solution depends on the specific needs and requirements of the company. However, some popular and highly rated fraud detection solutions include:

• Identity verification solutions: These solutions use various methods to verify the identity of individuals, including knowledge-based authentication, government-issued ID verification, and biometric authentication.
• Rules-based systems: These systems use predefined rules to identify and flag suspicious transactions based on available data.
• Behavioral biometrics: This technology identifies fraud by analyzing an individual's unique behavior patterns, such as typing patterns or mouse movements, to determine who they are whom they claim to be.
• Anomaly detection: This technology uses statistical analysis to identify transactions that deviate from normal patterns and may indicate fraud.
• Machine learning-based solutions: These use algorithms to analyze patterns in identity, transaction, or behavior data to detect anomalies that may indicate suspicious behavior.
• Artificial intelligence: AI solutions can combine multiple techniques, such as machine learning, rules-based systems, and anomaly detection, to provide a comprehensive fraud detection solution.

Ultimately, the best fraud detection solution is developed and configured to effectively balance security, business growth and user experience. 

Incognia active identity assurance combines several of these techniques to achieve the highest fraud prevention results:

• Location Identity: Incognia can help identify users based on their “trusted locations.” The user’s highly frequented locations, such as home and work, are classified as their trusted locations. When Incognia detects a user is in a trusted location, there is a higher probability of the transaction being legitimate and a lower fraud risk, offering a frictionless authentication experience.
• Location Behavioral Biometrics: The way the users move through the world each day—including the places we visit and when we visit them—creates a location behavior pattern unique to each user. Changing in real-time as we move, location behavior creates a dynamic fingerprint that is extremely difficult to imitate.
• Rules-based system: Incognia and its customers define rules and watchlists to identify and flag suspicious devices. During a preliminary POV (Proov Of Value) process Incognia and the customer define together a set of rules that can help flag suspicious activities. Examples of these rules are: 
• Monitoring and limiting the number of app-re-installations that every device can carry out. 
• Monitoring and limiting the number of accounts every device can access.
• Monitoring and limiting the number of devices connecting to the app from the exact location. 

The devices detected by these rules can be watchlisted or outright blocked to prevent fraud.

• Anomaly detection: Incognia will detect if an account is accessed by a different device than usual or from a different location. These anomalies are often a sign of fraud. Detecting these anomalies will allow the crafting of rules that help catch fraud while minimizing false positives. For example, in case of a new device accessing and existing account from a users' trusted location, it will likely be a sign of a new device being bought by the user. So this anomaly is most likely not a fraud, and this case can be excluded from the fraudulent devices watchlist.
• A.I & Machine Learning: Deployed in over 200 million devices and using machine learning and models based on confirmed fraud, Incognia delivers a highly precise risk signal with extremely low false positive rates. Incognia implements a type of supervised machine learning to detect & prevent fraud. Incognia leverages 
• data from more than 200M+ devices
• real fraud feedback from customers to train its models and detect / prevent fraud.

Incognia customers can participate in a data consortium, share fraud information, and benefit from the network effect with other Incognia customers over a network of 200M+ devices using Incognia SDK. This will allow blocking of fraudsters identified and confirmed by other Mobile Apps. 

Incognia provides a Global “Fraud Reputation Watchlist”: a list of “Device IDs” that have been involved in confirmed fraud by at least one Incognia customer. Incognia Device ID can track devices across different apps and is resilient to app re-installs. Customers will receive a “HIGH RISK” risk assessment if the user is using a device in this watchlist.

Incognia also uses this feedback as “supervised” machine learning training set to train its models to detect fraud continuously. Customers will receive a “HIGH RISK” assessment if the model detects a fraudulent behavior in a transaction.  To access this capability, customers must share the information of confirmed fraudulent devices on your app with incognia and other Incognia customers participating in the consortium.  Incognia provides a "Feedback API" for customers to report confirmed fraud.

For gig economy, peer-to-peer marketplace, and fintech companies, the main threats of fake accounts include fraud, impersonation, and resource depletion. For gaming verticals, player collusion is also a concern. 

A fake account is a perfect cover for someone looking to commit fraud on a platform without tying those activities to their real-world identity. An account created with stolen or fabricated identity information might hide behind anonymity to make unauthorized transactions, commit identity theft, make phony chargebacks, or engage in card-not-present (CNP) fraud. Fake accounts can also be used to impersonate real people and commit platform abuses in their names. 

Fake accounts also deplete resources and cause financial problems. In a 2022 earnings report, PayPal stated that an estimated 4.5 million accounts on their platform were illegitimate, the news of which caused the company stock to drop by 25%. On a large scale, fake accounts are also a significant drain on a platform’s resources, including computing power and bandwidth, potentially dampening the engagement experience for real users. 

In iGaming, player collusion is an additional threat to those listed above. Using fake accounts, bad actors can join a virtual poker game, for example, and present as strangers to unfairly manipulate the game in their favor.  

Companies must take the identification and prevention of fake accounts seriously, as they can lead to large consequences for the company and its users.

Fake accounts are becoming more common because of more advanced technology, and easier access to it, and not enough focus on the mitigation of new fraud threats.

The barrier of entry for creating and using fake accounts is lower now than in previous years. For example, the widespread availability of VPN and GPS spoofing apps makes location spoofing easy even for people who are not technical, meaning fraudsters can create fraudulent accounts that appear to be in multiple different geographies, without any particular skill or much effort. 

Not only is it easier to create fake accounts, but also the financial incentives are greater. As we use online platforms to manage more aspects of our lives, fraud schemes that rely on the creation of fake accounts have increased, among both solo fraudsters and organized fraud groups. 

Compounding these effects is that fake accounts are difficult to identify and many platforms are struggling to do this at scale. For example, to encourage new signups, many platforms make their onboarding as simple and frictionless as possible, often requiring only an email address or phone number to get started. 

While this low-effort onboarding is great and easy for your average user, it’s also a golden opportunity for fraudsters to take advantage of this access, even if limited. The more permissions they are granted, the easier it is for them to create an attack vector. Without using passive identity assurance signals, these companies often must decide between increasing user friction or jeopardizing security. 

Additionally, the lack of laws or regulations addressing fake accounts also contributes to the pressure put on platforms to handle this problem internally through policy enforcement which can be very manual.

Bots, which are automated software programs, enable fraud by helping bad actors automate and scale their operations. For instance, in addition to being used to create fake accounts, bots can automate fraudulent transactions, such as purchases with stolen credit card information.

Bots can also be used in spoofing and phishing schemes by sending out mass emails that  trick individuals into giving up their personal and financial information. Though many people today know the dangers of phishing, the sheer scale with which bots can send emails makes finding unsuspecting victims more likely.

Some fraud prevention technology either incorporates or is developed based on location analysis. It typically works by using geographic data to verify the authenticity of a digital identity or transaction. However, not all location signals are created equal, and some are more effective than others for risk analysis. Below are the most commonly used technologies today and how they can measure risk at the time of a transaction. 

• IP Geolocation: This is a legacy technology that has been used since the inception of the internet. It uses the IP address of the device initiating the transaction to determine its geographic location. Suppose the IP address is associated with a location significantly different from the billing or shipping address provided by the user. In that case, the transaction may be flagged as suspicious and subject to additional verification. One of the critical drawbacks of this signal is that location spoofing tools easily manipulate it. Users connecting through a VPN, TOR, or another anonymous server can hide their actual location and even choose to appear somewhere else.
• GPS: Today, the majority of mobile devices have GPS capabilities and this signal can be used to verify the location of a device during a transaction. If the location data obtained from the GPS does not match the provided billing or shipping address, the transaction may be flagged as suspicious.
• WiFi: WiFi, though not a traditional location signal, can verify a device's location when a transaction is initiated. If the WiFi network being has been previously associated with a different location than the billing or shipping address, it likely makes sense to flag the transaction for further review.

These technologies contribute to fraud prevention by providing a behavioral signal that can be compared to the information provided and verify that the person initiating the transaction is trustworthy. For example, location signals can help identify fraudsters attempting to use stolen or fake identities to make fraudulent transactions remotely.

It’s important to note that to rely on location technologies for risk detection, the location data being analyzed needs to be validated to ensure that it is not being spoofed or manipulated. Incognia addresses this by providing a more holistic solution to location-based fraud prevention, including device integrity checks that indicate that the device is using a spoofing application, the app has been tampered with, or the device is rooted or jailbroke, to name a few. This makes Incognia’s approach highly effective at detecting location spoofing, unlike fraud detection based on IP and GPS alone.

Overall, fraud prevention technology based on location effectively makes fraud more difficult.

When evaluating fraud prevention solutions, companies should consider the following factors:

• Accuracy: A good fraud prevention solution should have a high accuracy rate in detecting and preventing fraudulent transactions. The solution should also have minimal false positive rates to avoid declining legitimate new accounts or transactions.
• Real-time monitoring: A solution that provides real-time monitoring of new accounts or transactions can help detect suspicious behavior before fraud occurs, reducing the risk of significant financial losses.
• Customization: The solution should be customizable to meet the specific needs of the company, such as the type of transactions being conducted, the company's risk tolerance, and the industries within which it operates.
• Scalability: As the company grows, the fraud prevention solution should be able to scale up to meet increased demand.
• Integration: The solution should be easy to integrate with the company's existing systems and processes, including orchestration platforms, machine learning models, payment gateways, and other internal systems.
• User-friendly interface: The solution should have a user-friendly interface that makes it easy for fraud analysts to use and understand the tool, reducing the risk of human error.
• Customer support: The solution should come with excellent customer support, including access to expert support, training, and documentation.
• Compliance: The solution should comply with relevant regulations and standards, such as SOC 2 Type II, GDPR, CCPA, to help the company maintain compliance with these requirements.

Companies should look to layer best-in-breed fraud prevention solutions to create visibility across the user journey. This comprehensive approach to fraud detection is typically enabled by an orchestration platform that makes specialized signals easy to use and integrate with existing systems.

Incognia has developed a location identity platform that addresses all of these factors. Incognia's solution has an accuracy rate of 1 out of 17 million, making it much higher than leading consumer face recognition solutions (1 out of 1M). It provides real-time data collection and risk assessment based on Incognia’s SDK and API. It’s a cloud solution, meaning it can scale to meet demand. The SDK can be implemented in just a few steps, and  Incognia’s dashboard offers a very user-friendly UI for accessing the risk assessments. Our customers highly rate incognia customer support, and finally, Incognia complies with the market's leading requirements.

Fraud detection on mobile apps differs from fraud detection on other channels due to its unique characteristics. 

Mobile transactions have unique patterns, such as device identification, GPS location, and app usage data, that can be used to detect fraud. Fraudsters may also use different tactics on mobile devices, such as creating fake mobile accounts, using stolen mobile devices, or using mobile devices to make fraudulent transactions from remote locations.

However, the increased ability to commit fraud also comes an increased ability to detect it. Mobile devices generate a large amount of data, including GPS location, app usage, and device characteristics, which can be used to identify fraud. This data can create a rich, multi-layered profile of each device, enabling more effective fraud detection.

Because of its unique nature, mobile fraud detection has a few specific requirements. For instance, mobile transactions often happen in real time, meaning real-time fraud detection is table stakes for preventing fraudulent transactions from posting. Because mobile devices deliver functions through apps, the apps' security is also vital in preventing mobile fraud. 

Mobile fraud does not only happen during mobile transactions. It also happens at two other critical moments of the mobile app user journey: mobile user onboarding and mobile user login. 

During mobile onboarding, the critical mobile frauds are:

- New account creation using fake, stolen or synthetic identities: these are often used by fraudsters to perpetrate their attacks against the mobile platform, such as chargebacks and CNP (Card Not Present) frauds.

- Multiple account creation: these are often used to launder money using mule accounts

During login, the most  common fraud is:

- Account takeover: in this case, the fraudster uses credential stuffing to get control of accounts of legitimate users and defraud them by exiting their funds.

Finally, user experience is a crucial aspect of mobile fraud detection. Fast response times, easy-to-use interfaces, and minimal data entry requirements are part of a good mobile user experience. If users find security mechanisms troublesome or difficult to understand, they’re less likely to comply with them or to keep engaging with the associated app. 

Detecting mobile fraud requires a specialized approach considering the unique characteristics and patterns of mobile onboarding and transactions. An excellent mobile fraud prevention solution should provide a comprehensive and effective approach to fraud detection while still being easy to use and integrate with existing systems.

Several technologies can be used for mobile fraud detection, including:

• Device fingerprinting: This technology creates a unique profile of each mobile device based on its characteristics, such as the device type, operating system, and IP address. This information can be used to identify and prevent fraudulent transactions made from known or suspicious devices. Lately, app stores are restricting the use of the signals required to fingerprint a device, complicating fraud prevention on mobile 
• Behavioral biometrics: Behavioral biometrics analyzes a user's behavior, such as typing and app usage patterns, to create a unique user profile. This profile can then detect fraudulent transactions made by individuals who do not match the profile.
• GPS location: GPS data from the mobile device can verify the user's physical location when a transaction is initiated. If the location significantly differs from the billing or shipping address provided by the user, the transaction may be flagged as suspicious.
• App security: This technology checks the app's safety used to initiate the transaction, including verifying its authenticity and checking the required permissions.
• Machine learning: This technology uses algorithms and statistical models to analyze data and identify patterns that may indicate fraud. Machine learning can be used to identify new and emerging fraud patterns and adapt to changing fraud scenarios.
• Multi-factor authentication: This technology requires users to provide multiple forms of authentication, such as a password, fingerprint, or facial recognition, to confirm their identity before a transaction is approved.

These technologies can be used individually or in combination to provide a comprehensive approach to mobile fraud detection. The best technology for mobile fraud detection will depend on the specific needs of the company and the types of transactions being conducted.

Incognia’s location identity platform implements several technologies, accomplishing the goal of being more comprehensive. It uses device fingerprinting to detect the relationship between the user devices and the accounts created with them. It also implements a proprietary location technology that uses GPS, WiFi, and other signals on the mobile phone to locate a user even indoors precisely.

It can detect device integrity to verify if the device has been rooted or jailbroken or if the user uses emulators or tampered app versions to access their online account. Finally, Incognia’s passwordless authentication solution can be used in an MFA stack as the first authentication factor when higher security levels are required.

Location behavior, or the analysis of geographic data related to a user or device, can help with fraud prevention and detection by providing additional information about the user's behavior and activity. This information can be used to verify user location, identify suspicious activity, monitor for unusual behavior, or provide additional context for transactions. 

Verifying user location works by analyzing the user’s GPS or WiFi signals during a transaction. Suppose the location differs significantly from the user’s typical locations or the shipping and bill addresses provided by the user. In that case, the system can return a higher risk assessment for fraudulent transactions. 

Knowing a user’s typical location behavior also enables the technology to identify unusual or suspicious activity. For instance, if a user’s device starts making transactions far outside their familiar locations, that might cause a second look. Similarly, if a user device jumps around a significant distance, like between countries, in a short period, this also raises the risk of fraudulent transactions.

Location behavior also provides a complete picture of a transaction overall, including the time of a transaction and the type of device used. These elements can help make fraud detection (or authentication) easier to manage. 

Overall, location behavior can provide valuable information that can be used to detect and prevent fraud. Using location behavior as part of a multi-layered approach to fraud detection can improve the accuracy and efficiency of fraud prevention efforts.

Location behavior and device signals are considered some of the best anti-fraud solutions for several reasons:

• Unique data sources: Location behavior and device signals provide unique and highly accurate data sources that can be used to detect fraud. This data can create a rich user and device profile, providing more comprehensive information for fraud detection.
• Real-time monitoring: Location behavior and device signals can be monitored in real-time, making it possible to detect fraud as soon as it occurs. This is especially important for mobile transactions, which are often conducted in real time and require real-time fraud detection.
• Hard to mimic: Location behavior and device signals are difficult to mimic, making it more difficult for fraudsters to bypass fraud detection systems. For example, it is difficult to fake a highly individualized location or device fingerprint.
• Multi-layered approach: Location behavior and device signals can be combined with other anti-fraud technologies, such as device fingerprinting and machine learning, to provide a comprehensive and multi-layered approach to fraud detection.
• Adaptive: Location behavior and device signals can adapt to changing fraud scenarios, making it possible to continuously improve fraud detection and stay ahead of evolving fraud threats.

Overall, location behavior and device signals provide valuable data sources that can be used to improve the accuracy and efficiency of anti-fraud efforts. Using these technologies as part of a multi-layered approach to fraud detection makes it possible to detect and prevent fraud more effectively.

Incognia combines location and devices signals to provide more powerful fraud prevention capabilities. One example is the Incognia “Suspicious Locations” feature. Incognia Suspicious Locations delivers a new layer of fraud intelligence by analyzing location data in real time and making an automatic risk decision. It is available as an add-on to any existing Incognia solution, including Incognia Address Verification, Passwordless Authentication, and Location Spoofing Detection. 

The feature alerts fraud and risk teams when:

• clusters of high-risk devices are concentrated in a micro-location, like a small apartment or room
• a device connects from a location that has been previously associated with confirmed fraudulent activity

Fraud and risk teams can use this feature to detect systematic fake account creation and organized account takeover attempts. Once the Incognia risk assessment is received, the flexible signal can trigger a user being added to a watchlist, submitted to step up security measures, or blocked outright.