Category: Fraud prevention

Passing Know Your Business (KYB) Checks Isn’t the Same as Stopping Business Fraud

Passing Know Your Business (KYB) Checks Isn’t the Same as Stopping Business Fraud

The contractor you just onboarded to work inside your environment could be a fraudster operating under a stolen identity, even though the vendor they claim to represent is a legitimate, registered company. Registration simply proves that a business entity filed paperwork with a state. It says nothing about who…

Loyalty Program Fraud Prevention in Travel is an Identity Problem

Loyalty Program Fraud Prevention in Travel is an Identity Problem

When a rewards balance disappears, the loss becomes visible at redemption. Miles may be transferred to a partner program, points converted into gift cards, or award travel booked without the account owner’s knowledge. By the time that happens, however, the loyalty program fraud has already succeeded. The real…

Understanding and Defending Against Vishing Attacks in 2026

Understanding and Defending Against Vishing Attacks in 2026

Most vishing defenses assume the attacker is after a password. The campaigns causing the most damage in 2026 rarely ask for one. Instead, they persuade a help desk representative to enroll a new phone number or convince a user to approve a connected application. The login that follows appears…

Governing Agentic AI Agents: What Your Identity Team Needs to Plan for Now

Governing Agentic AI Agents: What Your Identity Team Needs to Plan for Now

When an agentic AI agent acts on a user’s behalf, most current deployments run it with that user’s privileges and record its activity under the user’s identity. The agentic AI agent itself disappears into the session. That design choice creates the core challenge of governing agentic AI. Two…

AI-Powered Cyber Fraud Detection: What’s Real, What’s Hype, and What Truly Matters for Enterprises

AI-Powered Cyber Fraud Detection: What’s Real, What’s Hype, and What Truly Matters for Enterprises

The Federal Bureau’s (FBI’s) 2025 Internet Crime Complaint Center (IC3) Report logged $20.9 billion in cybercrime losses across more than one million complaints. For the first time in the report’s 25-year history, the FBI identified AI as a distinct crime category: 22,364 complaints and $893…

Designing a Healthcare CIAM Strategy That Balances Patient Access and Identity Security

Designing a Healthcare CIAM Strategy That Balances Patient Access and Identity Security

The Office of the National Coordinator for Health Information Technology (ONC) reports that in 2025, 65% of individuals accessed their health records online, 57% used app-based access, and 51% used proxy or caregiver access. Those numbers mean patient identity infrastructure now serves a population that…

Social Engineering Tactics in Cybersecurity: The Enterprise Defense Playbook

Social Engineering Tactics in Cybersecurity: The Enterprise Defense Playbook

Identity weaknesses played a material role in almost 90% of the 750-plus incidents Palo Alto Networks’ Unit 42 investigated in 2025, with 65% of initial access driven by identity-based attacks. This was not solely because those organizations lacked multi-factor authentication (MFA) or security training. Rather,…

Designing a Call Center Fraud Prevention Program: From Agent Training to Automated Controls

Designing a Call Center Fraud Prevention Program: From Agent Training to Automated Controls

Every enterprise call center fraud prevention program faces the same design tradeoff: how much of the identity verification burden should rest on agents, and how much should shift to automated controls? Most organizations still lean heavily toward the agent side. They invest in training, create verification scripts, and…

How ID Dataweb Enables IAL2-Compliant Identity Proofing at Scale

How ID Dataweb Enables IAL2-Compliant Identity Proofing at Scale

In July 2025, the National Institute of Standards and Technology (NIST) released the final version of Special Publication (SP) 800-63, Revision 4. This update reflects nearly four years of research, two public draft cycles, and close to 6,000 public comments. The revision defines updated Digital Identity Guidelines designed…

Risk Signal Strategy: Which Signals Matter for Each Identity Fraud Type

Risk Signal Strategy: Which Signals Matter for Each Identity Fraud Type

Most enterprises collect more authoritative identity data and risk signals than they act on. They also lack clearly defined relationships between specific risk signals and specific identity fraud types. A device fingerprint that is effective against credential stuffing may be irrelevant for synthetic identity fraud. A phone number check…