New weapons in the war on fraud

Fraudsters are constantly changing their methods, forcing investigators to stop looking at trends that have long passed and focus on new ones coming across the horizon.

Two of the immediate hazards involve the Internet of Things (IoT) and telematics.

Through the IoT, micro-chipped everyday objects like refrigerators and thermostats have the ability to transmit data in real time to homeowners, insurers and other entities.

Telematics on the rise

According to Stamford, Conn.-based Gartner, a technology research and advisory company, telematics refers to “wireless and black box” devices. Current telematics applications in the insurance industry primarily involve automobiles using aftermarket boxes installed to provide data for policy rating purposes.

IT leader Cisco thinks it might happen even more quickly, predicting that “up to 50 billion things (or devices) will be connected to the internet by 2020; or the equivalent of six devices for every person on the planet.”

While telematics is primarily thought of in terms of the property and casualty industry, with a device boom it is inevitable that usage will eventually expand into other lines of insurance including life and health. However, we may already be there.

Current devices

Much like insurance companies are using telematics to gage individual driving habits for rating purposes, there are fitness companies manufacturing wearable personal devices so individuals can assess health-related information like physical activity levels, food consumption/caloric intake, weight loss and sleep habits.

While wearables are primarily designed for individual usage, imagine those same devices transmitting information back to an insurance company to assess rate information for homeowners, commercial, life, disability, workers’ compensation or health insurance policies. It may sound futuristic, but actually it is not.

Insurer John Hancock recently began offering policyholders in their “Vitality” program a free Fitbit to track their fitness efforts and health progress. The Vitality program’s goal is for insureds to stay healthy and doing so accumulates points like a rewards program. The more points an insured earns, the greater the rewards available to them including premium savings.

Consider the future of device technology. A recent insurance industry survey by professional services company Accenture reported that approximately “63 percent of respondents believe that wearable technologies (“wearables”) will be adopted broadly by the insurance industry within the next two years, while 31 percent of respondents indicated that they are already using wearables to engage customers, employees or partners.”

The use of telematics isn’t a faraway concept. It is being used right now.

Fraud involves a deliberate deception practiced on an individual to his or her disadvantage. (Photo: Shutterstock)

Device manipulation

In the auto industry’s current telematics environment, installed devices not only report back information on individual driving habits, but also car performance, maintenance issues, crash data, vehicle location data and airbag deployment.

Automobile information can also be reported for regulatory and emissions purposes. The massive allegations in the case involving Volkswagen (VW) shows how devices can be manipulated to fool federal regulators and unsuspecting consumers.

VW has admitted to installing software on vehicles to skew emissions tests. The device manipulation sparked the opening of a criminal investigation by the U.S. Department of Justice (DOJ) and led to a $14.7 billion settlement with the company. Approximately $10 billion will be used to repair the faulty cars and compensate owners.

While software is legitimately used on vehicles for a variety of reasons, the ability to manipulate devices for competitive or financial advantage is significant. This type of device fraud will certainly migrate to the insurance industry.

Elements of fraud

Fraud involves a deliberate deception practiced on an individual to his or her disadvantage. When devices are manipulated and transmit false data back to an insurance company that is deception. It is deliberate and there will be a disadvantage to the company.

Given where the insurance industry appears to be going with devices and technology, it is a topic everyone should be talking about — yet few are.

Since negative information transmitted from devices to insurance companies has a direct correlation to policy cost, there is significant motivation to manipulate devices and the data generated from them.

If the insurance company does not realize the data transmitted is false, then they may errantly rate the policy according to the perceived risk. Since the risk information transmitted seems less than the actual risk, fraud occurs.

Data manipulation not new

This data manipulation is not new. Consider an applicant’s failure to disclose material information to an insurance company during the application or claim process, such as a life policy where an applicant is motivated to conceal a dangerous hobby or activity as increased risk greatly increases the policy’s premiums and may decrease the coverage the applicant is able to purchase.

Another possibility involves a workers’ compensation or disability policy where transmitted data would be significantly inconsistent with a claimant’s stated activities of daily living, representations or restrictions which prevent returning to work. This is motivation for device deception.

Data manipulation is not new and can result in an insurer receiving false information and setting incorrect coverage limits. (Photo: Shutterstock)

Getting ahead of fraudsters isn’t easy

Today’s organized crime rings are sophisticated, dynamic and extremely advanced in their efforts.

They also don’t have the corporate constraints associated with organizational politics, budgets, personnel or bureaucracy.

Given all of the fraud prevention efforts being deployed across verticals, the only way organized crime rings continue to make money is to stay one step ahead of technology or prevention efforts. The fact is that new IoT and telematics technology is likely already sparking fraud innovation from criminals.

Fraud doesn’t wait for technology products like telematics and IoT to mature; it usually starts in a product’s infancy. Consider this scenario: A telecommunications company spent five years developing a new service to roll out to customers. On the very first day the service hit the market the company experienced massive fraud from it and everyone wondered why.

It wasn’t because the business failed to think of the various fraud applications and plan for them. The reality was that the bad actors had also spent five years in R&D figuring out how to commit fraud against the service. They anticipated what the company’s defenses were likely to be, and where the vulnerabilities in strategy were, creating a successful attack vector. This approach ensured that the fraud ring could be organizationally profitable when the product initially went to market.

Seeing the impact from fraud, the business quickly fixed the service’s loopholes, but the financial damage was already done. The telematics industry will face similar challenges with new products and services, and bad actors are already thinking about how to beat the system or devices.

Analytics play a role in investigation

Insurance companies are currently using analytics to identify fraud patterns, the presence of organized criminal activity and claims that justify more investigation. Device analytics and technological countermeasures will become even more imperative.

The ability to determine whether devices have been hacked or tampered with to generate false claims or policy data will be critical to preventing massive device fraud and the payout of fraudulent claims.

The massive number of new devices connected to the internet also means an influx of big data generated for insurance companies and presents significant business challenges: creating effective data management programs; determining how to analyze voluminous amounts of data; and managing data integration for claims, policies, underwriting, actuarial and marketing initiatives.

When a connected device stands between an insured, a policy or a payout, there will be significant motivation to manipulate the device and the data it generates to be in the insured’s or applicants’ favor. If 50 billion devices are connected to the Internet, it’s not a matter of “if” it will happen but “when,” and insurance companies should prepare for the onslaught now.