A rise in fraud continues to plague the insurance, banking, retail, telco and gaming sectors, with so-called “shallowfakes” now being highlighted as a growing threat alongside more sophisticated “deepfakes”.
While deepfakes require AI to create realistic but synthetic still or video images or voice recordings, shallowfakes can be created easily and quickly using regular software, such as PhotoShop.
“The accessibility of tools to modify documents – from IDs, utility bills and bank statements through to photographs, contracts, invoices, purchase orders and salary slips – means that it is becoming easy for fraudsters to make changes to documents and images at speed and on scale,” says fraud and cybercrimes thought leader, Clive Gungudoo, MoData’s Director of Financial Crimes and Risk Management.
Clive has more than 25 years’ experience in multinational banking, technology and integrated financial services – predominantly in financial crime and risk management – and has expert knowledge on exactly what solutions organisations need to implement to minimise the financial and reputational risk to customers.
Why the rise in shallowfakes?
Document fraud has always been around, but it is the scale of the problem is unprecedented.
“Numerous factors have contributed to the rise in document fraud, particularly the increase in self-service automation,” says Clive. “With the digitalisation of the insurance and banking industries, hard copies of documents are rarely required as organisations now rely on existing and new customers to either send digital documents and images via email, or to upload them themselves using the organisation’s online portals. The COVID-19 pandemic accelerated self-service across many industries through necessity, and customer onboarding is now largely done online rather than in person.”
This significantly increases the opportunities for fraudsters to alter and manipulate documents digitally prior to upload. These fraudsters tend to use ‘synthetic identities’ – a mix of fake, stolen or data-breached personally identifiable information (PII) that check out with third-party data sources.
“This modus operandi sees criminals using ‘mules’ – real people with real identities – to bypass secure biometric and identity verification during remote onboarding and account opening,” says Clive. “The uploaded digital documents are generally not checked during the automated online processes, allowing fraudsters and money launderers to get through the compliance gates.”
Clive says the cost-of-living crisis also plays a big part in the rise of opportunistic fraud. “Simply put, when people are under financial pressure, they are more likely to tamper with invoices and supporting documents to, for example, inflate an insurance claim or to secure loans and financing.
In personal or business circumstances, they might operate with complete fraudulent intent and falsify electronic bank proof of payment advices in exchange for goods and services, a tactic also used by large-scale fraudsters,” explains Clive. “Similarly, opportunistic occupational fraud is increasing. Often in these cases procurement invoices are forged, amounts are inflated, and payments are made to personal accounts of staff or family members.”
Clive says that in large-scale fraud operations, document forgery is prolific, particularly in relation to invoice redirect scams and business email compromise (BEC) fraud. “In these cases, fraudsters intercept invoices and change the banking details before they are sent for payment processing. The electronic payment then ends up in mule accounts controlled by the fraudsters.”
Using AI to detect shallowfakes
Traditionally, document authenticity checks have been conducted manually, but the subtlety of shallowfake alterations is not easy to detect with the naked eye.
The solution? AI-powered detection.
As Clive points out, while AI is not needed to create shallowfakes, it is extremely useful in detecting them – a service MoData offers to its customers to counter next-generation fraud and money laundering, where growing mule accounts are at the centre of facilitating financial crimes.
MoData’s AI-powered Document Authenticity solution means documents are automatically scanned on submission, picking up alterations to images and documents in just three seconds – virtually real-time. Acceptance or the red flagging of documents, including PDFs, JPEGs, PNGs and TIFFs, is automated, saving both time and resources.
“Document forensics is also able to detect forgery patterns across documents, thwarting tech-savvy fraudsters who might be manipulating the same document several times or using sophisticated templates,” says Clive. “AI Document Authenticity technology is optimised for high precision and accuracy and is a vital aid in both the identification of and the defence against shallowfakes – plus it means document processing can be fast, efficient and secure. With a 99.99% accuracy rate for automated approval of trusted documents, the need for manual reviews is minimised.”
The use of fraudulent documents is unlikely to slow down. In fact, ongoing digitalisation means the opportunities for fraudsters and money launderers to use shallowfakes are only likely to increase.
“MoData’s Document Authenticity solution can be used in any vertical where digital documents need to be reviewed as part of business processes, whether that is processing an application for a loan at a bank, submitting supporting documents for KYC and AML compliance purposes, reviewing legal documents for a court case, assessing invoices for an insurance claim and payment, and reconciling procurement purchase orders and invoices,” says Clive. “Implementation is seamless and is done via a simple rest API.”
To showcase the efficacy of the service, MoData offers insurers and other candidate clients a free proof of concept demonstration by assessing historical documents. “Our customers are usually very surprised by the scale of manipulation in documents that have not been picked up through traditional review processes.”
The cost of inaction in the fight against document fraud is high, with organisations facing huge financial losses, as well as reputational damage.
As Clive points out: “AI-powered document-fraud detection is both a necessary and cost-effective defence against fraudsters – it is essential to have it in place to future-proof your business.”