Are agencies unintentionally contributing to unemployment fraud?
- By Robert Prigge
- Sep 11, 2020
COVID-19 has had a huge impact on the American job market, and more than 57 million initial unemployment benefit claims have been filed since mid-March. But it’s not just the newly unemployed seeking those benefits -- the FBI recently reported a spike in fraudulent claims related to the pandemic by people using stolen identities.
How unemployment fraud is happening
Long before the onset of COVID-19, fraudsters could easily obtain personal identifiable information including names, Social Security numbers and home addresses from the dark web, data breaches, phishing attacks and even by cold-calling victims. Increasingly, fraudsters are using this stolen PII to submit fake pandemic-related unemployment claims online. Once the claim has been submitted, fraudsters can then request an unemployment benefits debit card and reroute all communications to their preferred contact information.
What’s more, once a claim is filed, the state mails a physical letter to the address on file with the claim details, including additional sensitive information of the person being defrauded. The California Employment Development Department Request for Additional Information Form, for example, includes the claimant’s full Social Security number. If the fraudster has already redirected the mailing address, the government is unintentionally exposing critical information that can put the victim at even more risk for continued identity theft.
In many cases, victims don’t know a claim has been filed on their behalf until it’s too late.
The FBI’s advice to look out for suspicious communications and charges doesn’t cover all instances of unemployment fraud as criminals can bypass these communications channels, file fraudulent claims and steal benefits.
What state agencies can do about it
The state agencies responsible for unemployment benefits program must adapt to the modern fraud landscape to keep citizens safe, and that starts by improving identity verification methods.
Allowing citizens to submit unemployment claims with readily available personal information is not secure, as it is impossible to know whether the person filing the claim is who they say they are. This problem could be addressed with a biometric approach to identity verification that starts by requiring users to capture a picture of a government-issued ID and a corroborating selfie when they submit a claim. This identity assurance gives government agencies much higher levels of confidence that the claim is legitimate — versus a fraudster submitting a claim with breached or stolen data.
How digital identity verification works
Digital identity verification can protect citizens and government agencies from unemployment fraud, amid the pandemic and in the future. Features of a robust solution include:
- Requiring a photo of a government-issued ID: Asking for a photo of a driver’s license or passport when someone submits an unemployment claim establishes the individual’s real-world identity, and artificial-intelligence-powered software can quickly determine if the ID document is real.
- Asking for a real-time selfie: This will automatically deter criminals from moving forward with submitting a fraudulent claim, as they will not want to show themselves attempting fraud. Once the real-time selfie is taken, digital identity verification software can determine in seconds if the photo is the same person as pictured in the government-issued ID. If not, the account verification process stops, deterring most attempts at submitting fraudulent claims.
- Ensuring the individual is physically present: Spoofing attacks (using a photo or deepfake video to unlock an account requiring a visual of the person) have been proved effective. A digital identity verification solution with liveness detection, which asks the user to position their face within an oval and then move a bit closer, ensures the user is present and not a spoof.
- Requiring a real-time selfie each time the user logs in: This selfie is then compared to the original selfie and government-issued ID to confirm the right person is accessing the account, not a fraudster trying to log in with stolen information.
This entire process can be done in a matter of seconds, making it simple for users to onboard and access their accounts. Because advanced digital identity verification methods requiring a government-issued ID and biometric authentication (leveraging a person’s unique human traits to confirm identity) are highly accurate, state agencies can worry less about fraudulent unemployment claims and focus on helping citizens get the support they need.
Automated identity verification solutions can be easily implemented into a government agency’s benefits onboarding process, whether it be within an app or website. Citizens filing unemployment claims provide an abundance of personal information including employment history, Social Security numbers, home addresses and more, and government agencies are responsible for protecting this information. Advanced digital identity verification solutions keep information secure, keeping agencies compliant with all necessary regulations.
The National Institute of Standards and Technology is currently reevaluating its digital identity guidelines to improve security and privacy amid evolving threats, demonstrating the need for more secure measures to combat fraud. By implementing advanced digital identity verification, government agencies can adapt to the modern fraud landscape and prevent cybercriminals from obtaining benefits on behalf of someone else, ultimately protecting their citizens from fraud.
Robert Prigge is the CEO of Jumio.