Stopping identity fraud in public assistance programs

INDUSTRY INSIGHT

Stopping identity fraud in public assistance programs

Last year, U.S. taxpayers lost more than $100 billion from public assistance programs because of fraud and improper payments. Criminals who commit benefits fraud often use other people's personal information to file for food stamps, Medicaid, unemployment insurance and other public assistance programs. These skilled fraudsters know how to game the system, and often do it in multiple states with the same identities.

This is an alarmingly easy criminal enterprise that has increased dramatically since the advent of online services, which have removed the barriers to fraud created by face-to-face contact. Agencies have also moved from paper checks to electronic benefit transfer and debit cards. Fraudsters, including many organized criminal groups, have taken advantage of the digital shift to employ more sophisticated techniques to commit identity fraud -- and are now able to do so at a massive scale.

Human services agencies have always worked to prevent fraud in their programs. In this new era of online threats, fraud schemes are constantly changing with new technology, and all of government is scrambling to keep up.  However, despite constantly shifting fraud schemes, a three-step model has been shown to help prevent identity fraud and improve program integrity in public assistance programs. This model includes:

  • A multilayered approach for verifying and authenticating the applicant’s identity.
  • Integration of external data into existing enrollment processes for a broader view of applicants and beneficiaries.
  • Advanced identity intelligence to supplement the traditional overpayment recovery techniques.

Are you really who you say you are?

Most government programs require applicants to provide their name, address, birth date and Social Security number to verify an identity. Using data-matching technologies, states cross-reference this information with known government data; if they match, the identity is considered verified.

In today’s online world, however, this information is readily available for sale on the dark web. Traditional identity verification through data matching only confirms an identity exists, not that the applicant is the true owner. A second step is needed -- one that answers the question, “Are you really who you say you are?” This multifactor authentication offers a far superior model for identity fraud prevention because it uses multiple layers of authentication to determine if the identity exists and if it actually belongs to the applicant.

More layers, more choices and better outcomes

Multifactor authentication has been proven to be highly successful in financial services and other industries, but it has been slow to migrate to the government sector. However, some agencies have begun to reap the benefits of this proven technology. For example, after initial cross-reference verification, agencies automatically conduct a risk assessment of each identity and either pass through those with low-risk indicators or route those with high-risk indicators for further authentication. This approach greatly improves fraud prevention while minimizing the impact on applicants and call centers.

These agencies establish risk levels using identity risk analytics that combine self-reported data, agency and public records information and contextual information such as an IP address, geo-location and identification from visiting devices.

Additional layers may include sending a text or email with a time-sensitive password to a previously established phone number or email address. For high-risk identities, the agency might require applicants to submit a photo of their driver’s license, Social Security card or a “selfie” via a smartphone app or even request an in-person visit to confirm the highest risk identities.

It is time to start working together

Multilayered identity verification requires agencies to expand beyond the traditional data cross checking of name, address, SSN, etc. To stop identity fraud, agencies must work together -- to integrate data from other state and federal agencies as well as third-party public and private data into their verification processes.

Leveraging the lifetime of identity information amassed in national repositories can help agencies ensure that people applying for benefits are indeed who they claim to be. For example, one Northeastern state combats unemployment insurance fraud with multilayered authentication using a database with billions of public records to verify a broad range of personal information and prove applicants’ identities. In 17 months, it thwarted nearly 650 identity fraud attempts and prevented $4.4 million in improper payments.

When applicant data is shared between states, authentication is even more powerful. States can better identify fraudsters who move their criminal activities from one state to another. The National Accuracy Clearinghouse (NAC), for instance, leverages both agency data and public records data through advanced linking technology to help a consortium of five states -- Mississippi, Alabama, Florida, Georgia and Louisiana -- protect their Supplemental Nutrition Assistance Programs against dual participation. Each state contributes beneficiary data to the NAC repository. When people apply for public assistance benefits, their applicant information is compared to the NAC to verify they are not currently receiving benefits in another state.  So far, just using this simple dual-participation check, the NAC has revealed thousands of matches of SNAP recipients across the five participating states, resulting in tens of millions of dollars in estimated savings.

External data also reveals a more nuanced, multidimensional view of applicants and reduces dependence on potentially fraudulent self-reported information. It helps public assistance programs by uncovering unreported information that may impact benefits eligibility, such as hidden bank accounts or property, undisclosed income, changes in household composition or relationships to known criminals, other recipients and care providers.

Beyond ‘pay and chase’

Multifactor authentication also improves program integrity by allowing agencies to focus on preventing, rather than investigating, fraud. Program integrity is no longer dependent on the ‘pay and chase’ payment recovery method. Instead, agencies proactively authenticate an individual’s true identity using predictive analytics. Predictive analytics apply advanced computational algorithms to flag unusual patterns, trends and behaviors that help states anticipate potential fraud and avoid it before it occurs.

For example, one large Northeast city used predictive analytics to identify fraud patterns among Medicaid, SNAP and cash assistance recipients. The city combined its data with public records data and applied a predictive scoring model to determine which cases to investigate, based on likelihood the investigation would result in a successful conviction or recovery.

The city’s analysts designed a study to test the predictive value of various “red flags” that indicate potential fraudulent activity among enrollees, such as ownership of luxury vehicles or multiple properties. The study, performed by a large university, found over $400,000 in recoverable fraud in only 500 targeted cases, resulting in more successful investigations with less investigation time.

Wrapping up

Identity fraud in public assistance programs continues to grow explosively. However, states can maintain program integrity by using multilayered identity authentication tools to verify identities and expanding beyond traditional departmental data to leverage information from other government agencies and external third-party sources.

A model that validates an identity, ensures the presenter is its true owner and provides a bigger picture of the program allows agencies to progress from simply confirming an identity exists to truly preventing identity fraud -- the use of a stolen identity to commit a crime. In this way, identity analytics can offer a more efficient way to prevent and investigate fraud avoiding long waits, busy tip lines and ad hoc investigations.

inside gcn

  • machine learning

    Mitigating the risks of military AI

Reader Comments

Tue, Jul 12, 2016 Sillie Abbe

More layers operated in AND/Conjunction or OR/Disjunction? If the latter is involved somewhere it would ruin the security as in the cases of biometrics. It is known that the authentication by biometrics usually comes with poorer security than PIN/password-only authentication due to a fallback password operated by OR/Disjunction. The following video explains how biomerics makes a backdoor to password-protected information. https://youtu.be/5e2oHZccMe4

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group