Study: 30% of Consumers Hit by Insurance-Related ID Theft

Close to 30% of Americans have experienced insurance-related identity theft, and the fraud seems to disproportionately affect younger workers, a new report finds.

The study, released by Aite, comes at a time when cybersecurity is a pressing issue for businesses, and follows a period where many security breaches have been reported from major companies, including health insurance plans.

"Unfortunately, data breaches have become more commonplace in recent years as fraudsters eye gaining access to a consumer's personally identifiable information. Yet there is another sometimes overlooked to dimension fraud and that is the fraudster is often someone that is known to the victim," said Aite Group research director Michael Trilli. "Regardless of the fraudster's identity the current environment puts an onus on insurers to ensure their customers can transact digitally and with peace of mind."

2 Types of Crime Studied, Many Victims

The report looked at two main types of crimes around identity theft: application fraud, when an unauthorized person uses a consumer's identity to apply for an insurance policy, and account takeover (ATO), when an unauthorized person uses an existing insurance account in an unauthorized manner.

The data was gathered in a survey of more than 8,000 U.S. consumers age 18 or older. It found that 27% of U.S. consumers experienced insurance-related identity theft in the past two years. Of those who experienced identity theft in insurance, 22% did relative to their health insurance or dental plan, 19% with their life insurance policy or annuity, and 18% with a personal line property and casualty (P&C) policy. The largest age group of consumers that were victimized by insurance-related identity theft were between 31 and 39 years of age.

One key finding is that faceless international hackers were not the primary problem. The data showed that family members of the impacted consumer were the most likely bad actors to submit a fraudulent application, and many ATO victims knew the person who stole from their existing accounts — either as a family member or a known associate.

Fewer Victims Were Boomers, More Were Millennials

Also confounding conventional wisdom to some degree was the finding that boomers — older consumers — were less likely to be the victims of this type of fraud. Instead, millennials between the ages of 31 and 39 years old were the most likely age group to suffer from insurance-related identity theft.

And knowledge about consumer scams is not necessarily a shield against being a victim: The study found that 38% of those victimized by identity theft said they were very knowledgeable about scams; while 32% of those who were not subject to theft claimed to be very knowledgeable. Overall, being informed about such scams did not seem to offer much protection.

The report included recommendations for insurers seeking to fight this type of fraud. These include:

Develop an end-to-end strategy. In addition to finding the fraud as early as possible, part of the solution also is applying fraud mitigation tools before a claim is paid (not after it is paid) as a safety net for those instances when fraudsters slip through the authentication process.
Think differently about authentication methods, because current methods may not be enough given the amount of personal information in fraudsters hands due to data breaches.
Replace outdated methods with biometrics. "Whether physical or behavioral, these methods will be more reliable than passwords or knowledge-based authentication and are accretive to a better user experience," the report said.
Develop a robust and transparent recovery process because a company's brand also is affected.
Emphasize consumer education. "Home in on education around protecting information and various scams, what steps to take if victimized, and perhaps the toughest but most helpful, teaching customers that the face of fraudsters could be family and friends," the report states.