CTOS Data Systems Sdn Bhd recently collaborated with GBG, an identity management, location intelligence and fraud prevention company to launch CTOS IDGuard as a platform to prevent application fraud within the banking industry in Malaysia. Here's what you need to know about CTOS IDGuard and how it can be useful for both banks and customers.
A few weeks ago, we wrote about identity theft and how it can affect you as a consumer. If you missed it, identity theft happens when someone steals your identity and uses it for their own personal gain. This could include stuff like making transactions using your credit card and signing up for loans in your name.
While there are some ways for everyday consumers like us to safeguard ourselves from becoming victims of identity theft, have you ever thought... what are banks doing to avoid this?
Well, an established financial institution would have their own fraud protection team to review applications. But for the past few months, something else has been quietly making waves behind the screen: the CTOS IDGuard platform.
What is CTOS IDGuard and how does it work?
CTOS IDGuard by CTOS
Before we explain what CTOS IDGuard is all about, you need to know what CTOS is. If you haven’t heard of them, well, they’re Malaysia’s largest credit reporting agency. It’s most commonly known as a place where you can check your own credit score. (FYI, that’s also where companies - and maybe even potential in-laws - go to check on your score too.)
In recent months, they’ve partnered with GBG (a global technology specialist in fraud and compliance management, identity verification and location data intelligence) to complete a large-scale pilot of the CTOS IDGuard collaborative platform.
CTOS IDGuard was made with the intention to combat application fraud in Malaysia. It’s the first fraud bureau in Southeast Asia, marking yet another major milestone in Malaysia’s move to strengthen our financial services sector, and to stay apace with the needs of digital financial services.
It’s particularly timely now as we move into a digital banking revolution. In KPMG’s Global Banking Fraud Survey 2019, they revealed that fraud and financial scams in the banking sector are on the increase worldwide. With over half of the banking survey respondents recovering less than 25% of losses, fraud prevention cannot be more important.
In this five-month pilot, CTOS worked with seven of the country’s leading banks to screen through applicants in the area of personal loans, cards, auto financing, mortgages, and SME loans.
Powered by GBG’s fraud detection engine, they were provided with real-time automated alerts on potentially suspicious loan applications. (Think inconsistent applications where the same applicant would apply for multiple banks using different personal details, such as their income level.)
“Whether it be as simple as alerting banks to known fraudsters or uncovering duplicate applications with differing income or contact details, credit application fraud is a persistent threat to Malaysia’s banking institutions’ reputations, confidence and finances, especially in these challenging times.” - Dennis Martin, Group CEO of CTOS
Using data that were given by banks and other public sources, the CTOS IDGuard pilot scheme screened through 450,000 applicants. From there, the pilot:
- identified 24,396 potentially suspicious applications, and
- confirmed 691 cases of these applications as fraud.
Just by doing that, they raked in a total of RM21.1 million in potential savings. (That’s basically the value of the loans that would’ve been dispersed to fraudulent applications.)
“The CTOS IDGuard collaboration with the banking sector has been shown to help in three ways: increasing the ability to detect fraud, increasing the speed to complete investigations into suspected fraud, and increasing the confidence with which to make a decision about suspicious applications,” Martin adds. “CTOS IDGuard will become increasingly effective with more members expected to come on board soon, giving participating banks the robust, comprehensive and data-rich resource they need to protect their most important assets.”
To add, banks which become members of the CTOS IDGuard fraud bureau will be part of an industry group that will share best practices and latest trends in fraud locally and regionally every quarter.
How does the CTOS IDGuard help everyday Malaysians? (And what can you do to protect yourself?)
While you may think that this only helps banks, you’ll be surprised as to how CTOS IDGuard can affect you as a consumer.
“It is crucial that the public and businesses get access to credit on as fair terms as possible as we move towards a post-MCO Malaysia,” Martin said. “The cost of fraud directly impacts the cost of credit; reducing fraud will benefit everyone, not just banks.”
From what we understand, fraudulent borrowings cost banks hundreds of millions. This may have a trickle down effect to consumers, as an increase in cost may reflect in the cost of borrowing in order for banks to make business sense and stay competitive - heightened interest rates, for example.
While we wait for the CTOS IDGuard to officially launch in the coming weeks, there are other ways for you as a consumer to safeguard yourself from identity theft.
During our research, we found out that CTOS has a separate offering called CTOS SecureID. If you sign up for it, you will be alerted for any changes in your credit profile (e.g. if someone uses your identity to apply for a loan). You’ll also know if your personal information is found on the dark web.
Apart from that, you can also practice these general tips to stay on top of your game:
1. DO review each line of transaction in your credit card bill.
When you get your bill, or even as and when you want to online, check your transactions that each one of them were done with your knowledge.
2. DON’T make a payment on open networks.
Public WiFi and unsecured websites (site URLs that start with http:// instead of https://) make it easy for other computers to intercept your information. By putting in sensitive information, like your credit card details, thieves would be able to easily steal these for their malicious plans.
3. DO look over your shoulders before you pay.
Whether using a pin or making a payment online, just do a quick look around you to ensure there are no prying eyes trying to remember your details.
4. DON’T give your credit card information to unverified people.
Yes, this means even your credit card number. A lot of people think that it’s important to hide the last three digits (CVV) of your credit card, but the truth is that every part of your card should be kept private to yourself. If you ever find someone calling you on behalf of an institution, asking you to verify your credit card number, be wary. You should be the one to initiate the call, and not the other way around.
5. DO call your bank immediately whenever something happens.
Whether you suspect funky business happening, or if you misplace your card, call your bank to alert them to check up on activities. You can also ask them to freeze your card until you find it back.
6. DON’T send an email with your credit card number.
As secure as emails can be, it’s so easy for people to hack into email accounts. Don’t increase the chances of someone catching your details – look for alternatives if the business you’re dealing with asks for your credit card number.
7. DO shred your documents.
Credit card bills that come in the mail should be destroyed in a way where thieves will not be able to make out your numbers. Thieves may dig through recycling and rubbish bins to search for information.
8. DON’T post photos of your credit card online.
There literally isn’t a single reason for you to do so. Posting a photo of your card online, even if you hide most of the numbers, is an open invitation for thieves. You’ll be surprised how quickly they can put the pieces together, as credit card numbers are created in a specific way. (E.g. all Visa card numbers start with ‘4’, the next five digits reveal the bank or issuer.)
9. DO disable autofills.
When shopping online, some sites may have an autofill feature so you don’t have to keep typing in your details. Avoid that – just key in your details when you want to buy, as such sensitive data stored can easily be stolen by hackers.
10. DON’T keep your phone logged in to your banking app.
Always log out once you’re done as your security can be compromised if your phone lands into the hands of a thief.