Using data to finally get ahead of Ghost Broking

Combat ghost broking and fraud in the insurance industry with insights on detecting anomalies, utilising global intelligence, and improving risk decision accuracy.


How are forward-thinking insurers using data to finally get ahead of ghost broking?

Who ya gonna call?

Organised fraud rings are a constant threat that many in the insurance industry still struggle to deal with effectively. Now, in the face of a cost-of-living crisis, a need to reduce monthly outgoings will undoubtedly see many more consumers lured into the arms of unscrupulous fraudsters offering premiums that are too good to be true.

So how can insurance providers filter out the invisible fraudsters, without compromising on a quick decision for genuine online applications?

Ghost broking in the motor insurance market is now an all-too familiar challenge that many struggle to deal with effectively. Fraudsters continually make bogus applications using real or fake customer details to create accounts that they can use to farm out false policy sales to unsuspecting drivers down-stream, looking for cheap online deals.

Often multiple applications like this are created by the fraudsters, containing very subtle variations of the stolen or fake personal details – name, address, DOB, email, phone number – perhaps using one, or a small network of devices to generate the applications in short succession. The challenge is how to spot these bogus applications before a great deal of time and effort is wasted on processing them.

To understand the scale of this issue the Insurance Fraud Bureau1 recently reported that in the past year there were over 21,000 reported instances of policy fraud in the UK with links to ghost broking – That’s nearly 60 bogus policies generated every day. Some major UK insurers, like Aviva2 , also suspect that around 20% of all policy fraud is connected to ghost broking.

The good news is that closer inspection of this fraud reveals a weakness that can be used to combat it, namely that most of these bogus applications will contain commonalities that help indicate their malicious intent.

Use of the same address, phone number or email address multiple times associated with different names is a strong indication that something is amiss. As is an unnatural or improbable number of applications being made from the same device – PC, smartphone or tablet. Having the ability to truly assess these type of potential fraud flags in a more sophisticated way, is becoming an essential tool in every insurers anti-fraud arsenal.

How to finally get ahead of Ghost Brokers …

One way to get ahead of this issue is to understand the correlation of device and geolocation data – by automatically monitoring the geolocation of any device, a fraud screening process can instantly raise a warning flag if the device is not in an expected location, such as a UK motor insurance policy application being made on a device in Spain.

Of course, this could simply be a genuine customer looking for a new policy whilst on holiday, so to avoid unnecessary exclusions for genuine customers, this device data must also be assessed against a broader shared network of intelligence, such as LexisNexis® Threatmetrix®.

Powered by a crowdsourced intelligence database aggregating more than 75 billion global transactions each year, including logins, payments, and new account creations, Threatmetrix® helps companies to understand a user’s unique online footprint that can be used to determine the likelihood that the entity carrying out the application is the genuine user, or else poses a threat to them, based on a number of pre-defined risk factors.

ThreatMetrix already has a number of clients in the insurance market who have successfully utilised this capability to intelligently drive down their ghost broking and adverse policy rates, to industry-record low levels.

In fact, the commercial benefits of achieving this low level of adverse policy risk can be quite profound. Not only can insurers drive down financial losses to fraud, but the savings can go much further.

Brokers achieving this low level of adverse policy rate can, for example, become a far more attractive proposition to Underwriters, and in doing so capitalise on more advantageous premium rates – or offer a wider cross section of policy options to their customers.

And all of this benefit is achieved simply through a more sophisticated approach to fraud prevention.

One Call – one of the UK’s largest independent insurance brokers, with more than 750,000 customers and millions of pounds in gross written premiums – are a prime example. They struggled to identify fraud rings or ghost broking until they’d already been infiltrated. Only after the initial policy had slipped under the radar and another appeared – created from the same device, or with the same email address or telephone number – would they be able to belatedly detect the fraud ring. They were also suffering from the influx of Individuals switching from different insurance companies after defaulting on payment.

One Call realised it was missing a key opportunity for early, proactive detection. It desperately needed technology that could authenticate all applications from the outset, looking holistically at connections between devices, locations, email addresses and threat intelligence to detect anomalies that might indicate fraud right from the very first application. The solution came in the form of ThreatMetrix, underpinned by crowdsourced intelligence from the LexisNexis® Digital Identity Network®.

ThreatMetrix analyses the myriad connections between people and their devices, locations and behaviour and uses it to create a unique anonymised digital identity – LexID® Digital – that fraudsters cannot fake. Businesses can then use this to validate returning users with a high degree of confidence.

Of the benefits derived from their ThreatMetrix deployment a spokesperson from One Call said, “Industry leaders practically on every business conference stress the importance of enhancing a singular view of a risk associated with a customer. ThreatMetrix delivers just that. Using global digital intelligence, powered by LexID Digital we have been able to deliver a 60% increase in the accuracy of our risk decisioning, compared to our legacy device-based fraud tool. And the beauty is, that for our legitimate good users, this translates to less friction and more value-add services – so it’s a win win.”

At the same time, One Call is now sufficiently equipped to mitigate the evolving risks of being targeted by crime gangs and ghost brokers. They’ve earned the reputation as one of the top anti-fraud brokers in the UK with a more proactive, streamlined approach to detecting high-risk cases.

They have also reduced exposure to third-party liability on fraudulent policies, and reduced fraud losses from false claims.

This is just one example of how providing access to a global network of shared intelligence can help tackle hard to spot fraud to reduce loses, whilst also driving wider operational savings and efficiencies in multiple areas of an insurer’s business model.

Great success stories come from not only our customers in the insurance industry, but from the likes of banking, ecommerce, crypto, payment service providers, media streaming and other market players.

ThreatMetrix data can be presented via a secure and easy deployable API that delivers a near real-time system, which is engineered with an internet-wide scope and powered by a crowdsourced intelligence aggregating more than 75 billion global transactions a year, with a double digit’s growth every twelve months.

More than 5,000 global brands rely on ThreatMetrix to make trust and identity decisions every second of every day.

LexID Digital, a component of ThreatMetrix, provides the ability to harness a cross-industry intelligence related to digital interactions and behaviours across the global network and make most accurate decisions on trust and risk.

Learn more about LexID Digital and how ThreatMetrix platform can help your organisation.

LexisNexis is a registered trademark of RELX Inc. ThreatMetrix is a registered trademark of ThreatMetrix, Inc. Digital Identity Network is a registered trademark of ThreatMetrix, Inc. LexID is a registered trademark of RELX Inc.

Subscribe to Fraud & Identity in Focus to receive regular email updates.

Contact us today and find out how we can support you across the fraud and identity workflow

Insights and Resources