According to the Federal Trade Commission, employment- or tax-related fraud — when a criminal uses someone else’s Social Security number and other personal information to gain employment or to file an income tax return — made up 34% of all fraud reports in 2017. It’s considered the most common form of data theft. Why? An increase in data breaches.
Data breaches expose sensitive personal information including SSN, driver’s license, medical and/or financial records for millions of consumers. This combined with advancements in graphics technology, has made it easier for a deceptive candidate to falsify a government-issued ID and assume another person’s identity.
The Identity Theft Resource Center collects fraud reports from consumers. According to its most recent data, the number of data breaches reported for 2017 was 1,579, a 45 percent increase over 2016. Businesses continued to suffer the majority of breaches and more than eight times the number of Social Security numbers were exposed in 2017 than in 2016.
Identity fraud is more than simply exaggerating credentials on a resume. Identity fraud means that someone is using another person’s social security number, fake identification, and other personal information to obtain a legitimate job.
Resume fraud is shockingly common: two out of three employers have encountered an applicant lying on their resume. This type of fraud wastes expensive recruiting resources, denies job opportunities to qualified applicants, and can expose a company to potential employee fraud and brand damage down the road. However, resume fraud is easier to detect than identity fraud. Most background check providers can verify specific details like an applicant’s degree, graduation date, job title, and salary.
When an identity thief uses a victim’s name and social security number to gain employment, the employer reports the wages to the IRS for income tax purposes. When the IRS discovers employer-reported wages from both the thief and victim, there is a mismatch with what the victim filed and it appears they didn’t report all of their wages. This type of fraud is much more difficult and time-consuming to detect, and often takes months or years to catch. It’s also a lot more prevalent than you’d think.
A 2017 report from the Treasury Inspector General for Tax Administration found the IRS failed to identify 497,248 victims of employment-related identity theft, even though criminals electronically filed tax returns with evidence showing they used the victims’ Social Security numbers to gain employment.
Even the most convincing looking documentation could easily be fake, and if you’re taking any credentials or documents at face value, you might already be at risk. The more sophisticated the fraud and the higher the position, the more damage and cost there is likely to be, and it’s significantly harder for the authorities to catch someone if they have no idea who they are chasing.
Background checks can be an excellent resource to help find red flags that may indicate false documentation. These kind of checks can be even more telling when information isn’t found, such as missing employment history, lack of social media presence, and so on. Criminal background checks are also necessary, but a good identity thief will likely pass with flying colors.
Identity-based systems can help detect employment fraud. They expand fraud detection significantly beyond the traditional rules-based system by accessing national repositories of identity information.
Identity-based detection is powerful because it does not treat self-reported data as the truth. For example, a common rule in many rules-based filters is to match the name, SSN and address from the presented information with the name, SSN and address on-file. This rule ensures that an applicant’s self-reported data aligns with the other information held by the agency. But matching data does not confirm an individual’s eligibility. However, because this type of fraud takes so long to detect, common fraud schemes may involve fabricated or false identities that have been nurtured through multiple filings over the course of years.
Recruiters rely heavily on technology, and so do job applicants. In fact, the very thing that streamlines the online job application process is the same thing that makes it easy to use stolen identities to apply for jobs. One of the newest technologies available to the private sector is identity verification with biometrics.
Biometric recognition technology relies upon the physical characteristics of an individual, such as fingerprints, voiceprint, pattern of the iris of the eye and facial pattern, in identifying an individual, offering positive identification that is difficult to counterfeit. This will also increase traceability of nefarious individuals or stolen identities.
Facial recognition is an automated method to record the spatial geometry of distinguishing features of the face. Different methods of facial recognition among various vendors all focus on measures of key features. The advantages to facial recognition include the use of commonly available technologies, such as phone cameras, no contact required, and it’s easy for humans to verify results. It’s also recordable, as the characteristics of an individual cannot be collected without their consent.
Many companies offer some sort of identity authentication for the hiring process, but biometrics is still new to the private sector. Companies like Cisive have gotten ahead of the game and offer the Human Resource industry’s first identity authentication solution, IDVerityTM is a state-of-the-art technology that forensically authenticates a candidate’s identity by validating the authenticity of their government issued ID and compares it to a candidates’ self-photograph taken on their mobile device.
The solution combines artificial intelligence (AI) technology including ID verification that authenticates the ID and identity verification using biometric facial recognition, liveness detection and live verification experts, to provide a complete solution to verify the real-world identity of a candidate. The balance of AI and human review is a critical component to keeping employers globally compliant.
All employers need to guard against insider threats, especially those perpetrated by persons using a fraudulent identity.
Product Manager, Cisive