Fraud is a growing threat: how can data reform help?

As online experiences become more sophisticated for consumers, so do fraudsters. How can data be used to help?




Over the past two years, as the world experienced the uncertainty of lockdowns and fluctuating restrictions, the pandemic has turbo-accelerated the rate of digitalisation and is offering consumers new and advanced experiences online.

From banking, retail, socialising and healthcare, the internet has transformed the ways in which users interact with online products and services and many, if not all these innovations are here to stay. This means that all sectors will need to keep pace.

This digital transition has seen swathes of vulnerable consumers such as children and the elderly now using these technologies, bringing attention to the digital skills gap and the need for greater safeguarding mechanisms for individuals when using such services.

As online experiences become more sophisticated, so too have fraudsters who are exploiting the digital environment to find new ways to target consumers. According to the UK National Crime Agency (NCA), the most robust figures from the Crime Survey of England and Wales show there were 3.4 million incidents of fraud in 2016-2017. However, the NCA thinks that fewer than 20% of incidents of fraud are reported, meaning the true figure may be much higher. 

Tactics such as scam phone calls, text messages and emails, as well as fake websites and social media posts are being used to target individuals including vulnerable people. However, consumers are becoming much more aware of the possibility of being exposed to fraud and Experien’s Identity and Fraud Report 2021 shows that online security is a priority for 62% of consumers, who demonstrate a growing awareness of the need to protect their information online.




Industry crackdown on fraudsters

Experien’s report also shows that when it comes to using technology in the future, the number one priority for UK businesses is to improve how they detect and prevent fraud, with strengthening the security of mobile and digital channels a top investment priority.

Each segment of the sector is working hard to prevent fraudsters from violating their services. From telcos to cyber companies, to tech platforms and service providers, each has a significant role to play to disrupt the journey of a fraudster.

techUK is working in partnership with UK Finance and the National Economic Crime Centre (NECC) to open cross-sector dialogues and form tangible solutions which reduce the threat of financial fraud. The Online Fraud Steering Group (OFSG) brings together senior representatives from the tech sector, financial services and law enforcement to collaborate and take collective action to disrupt fraudsters.

In December 2020, OFSG members Meta, Microsoft and Twitter committed to introducing a revised advertising onboarding process that requires UK regulated financial services to be authorised by the Financial Conduct Authority (FCA) prior to serving financial services adverts on their sites.

Organisations are also under mounting pressure from consumers to offer seamless and frictionless user experiences, with consumers consistently saying they’ll abandon an online transaction if security checks take longer than 30 seconds. That’s why there’s been a recent explosion of new and innovative identity verification processes such as facial and age recognition technology.

Telecom operators and Ofcom are also working together to crack down on nuisance and fraudulent phone calls and SMS text messaging, which has grown over the course of the pandemic.

Similarly, the Financial Services industry are deploying technologies such as artificial intelligence (AI) to monitor consumer transactions and detect suspicious payments. Visa’s anti-fraud detection system has led to Visa’s system-wide, global fraud rate declining by two-thirds over two decades and prevented an estimated $25 billion in fraud in 2019.

Partnership between public authorities and industry can play a big role in helping to tackle fraud moving forward. At a recent techUK event, Digital Identity and Fraud Prevention, panellists spoke of the importance of data and intel-sharing across the public and private sector at different levels in order to react and respond to fraud threats as they arise, such as the work of Onfido with the Association of Document Validation Professionals and Interpol. You can watch the webinar below.



How can data reform help?

Lots of the data used to mitigate fraud is sensitive personal data, which is governed by the UK Data Protection Regulation 2018 (GDPR). Whilst this regulation is fundamental in protecting consumer’s data rights, it’s complex to understand and implement correctly, leaving organisations with a high degree of legal uncertainty when identifying the legal basis to engage in processing activities.

The UK Government’s recent data protection consultation, Data: a new direction, suggests a reform that could help organisations crack down on fraud, and has been widely supported by techUK’s membership.

The proposal to introduce a limited, exhaustive list of legitimate interests which would not require a lengthy legal assessment (balancing test) before the processing activity takes place, could offer organisations legal certainty when using personal data, while reducing the compliance burdens of the balancing test.

The inclusion of personal data processing activities for the purpose of fraud detection and age verification to this list, may be a positive step in enabling organisations to bolster their efforts to tackle fraud, increase consumer safety, and support vulnerable consumers.

As fraudsters continue to adapt and evolve using sophisticated techniques, the UK’s regulatory frameworks must also keep at pace and reform to the GDPR is a welcomed step.

You can read techUK’s full response to the data reform consultation here.

This blog is part of a series exploring the UK's upcoming reform to its data protection regime. Learn more here.



Dani Dhiman

Dani Dhiman

Policy Manager, Artificial Intelligence and Digital Regulation, techUK

Dani is Policy Manager for Artificial Intelligence & Digital Regulation at techUK, and previously worked on files related to data and privacy. She formerly worked in Vodafone Group's Public Policy & Public Affairs team supporting the organisation’s response to the EU Recovery & Resilience facility, covering the allocation of funds and connectivity policy reforms. Dani has also previously worked as a researcher for Digital Catapult, looking at the AR/VR and creative industry.

Dani has a BA in Human, Social & Political Sciences from the University of Cambridge, focussing on Political Philosophy, the History of Political Thought and Gender studies.

[email protected]

Read lessmore


techUK - Building a Thriving Digital Society

Visit our Digital Society Hub to learn more or to register for regular updates.

techUK is in constant dialogue with Government and policy makers to provide the perspective of the tech industry on a wide range of policy issues. Current policy engagement includes online safety, data protection, competition in digital markets, and online fraud. Get in touch to see how we can support your policy work. Visit our Digital Society Hub and complete the ‘contact us’ form.