){kind=small}
Tailor Fraud Prevention to Customer Journeys in Mobile Identity
所要時間:4 分
Fraud appears in various forms throughout the customer journey. The global cost of a data breach reached $4.88 million in 2024 (IBM Report). By 2025, cybercrime costs are projected to hit $10.5 trillion annually. Phishing, recovery abuse, and message-driven fraud are happening at a massive scale. In this article, we’ll map each fraud type to the stage where it typically occurs and show how phone intelligence can make communications more effective, innovative, and secure.
Phone intelligence refers to real-time signals from carriers and KYC datasets that reveal a number’s validity, reachability, line type, carrier, subscriber match, and recent SIM-swap or porting activity, using Vonage Identity Insights.
This occurs when an attacker gains access to an existing user account. ATO often begins with phishing, credential stuffing, or a recent SIM swap. Watch for signs of velocity attacks and usage across multiple devices.
Impersonation happens when a fraudster pretends to be a real person without access to that person’s devices or accounts. Common tactics include: Caller ID spoofing, social engineering, and using stolen personal identifiable information (PII).
A mix of real and fabricated data is combined to pass verification checks. These identities often remain dormant until a high-value action is attempted, such as opening a bank account, making a loan request, or applying for credit.
Although not entirely fraudulent, account sharing violates terms of service and obscures user behavior, damaging predictive models and fraud scoring systems. Account sharing is a vulnerability that occurs when multiple people use the same login credentials. While not always malicious, it can distort fraud detection models by inflating anomalies; therefore, account sharing should be strongly discouraged.
The fraud type is typically a synthetic identity. A legitimate number might be paired with a fake name. A fake number may be paired with a real email address. Fraudsters use automated flows to access promotions and free trials.
The fraud type is usually impersonation. A fraudster may say: “I lost my phone, can you move my number to a new SIM?” They often combine stolen personal data with a spoofed caller ID to trick support agents.
The most common fraud type is account takeover. SIM swaps, stolen SIM cards, and compromised mobile devices often trigger it. Once inside, attackers reset credentials or drain funds.
The types of fraud might include account sharing and synthetic identity. Multiple users accessing one account can skew metrics. Fraud rings also create synthetic accounts to mine promotional rewards and free trials.
You can run all relevant checks with a single API call using the Identity Insights API.
If the fraud type is account takeover, you can use the following insights: SIM swap, location verification, current carrier, and number format. If we are dealing with synthetic identity & impersonation, you can use the following insights: subscriber match, original carrier, current carrier, and number format.
A risky signal does not automatically mean a malicious user. A recent SIM swap could be a perfectly normal device upgrade.
Treat signals as context. Step up when timing and combination make sense, monitor when the pattern is borderline, and reserve complex denials for clear multi-signal risk. This layered approach catches bad actors sooner while keeping everyday users in flow.
Identity Insights enables access to all relevant checks in a single API call. Alternatively, if a brand has a defined security policy specific to its customer journey, it could trigger a sequence of Insights requests depending on previous results.
For instance, if the phone number has an invalid format or is not a mobile number, security steps should be increased, or the identity should be rejected without requesting further information.
If a recent SIM Swap is detected, the brand might choose to skip Location Verification (since security steps are already heightened) or still run it to gather additional details about that journey.
Ultimately, it’s about finding the right trade-off between security, customer friction, and cost, depending on the journey and the associated risk. For example, in onboarding, you may prefer to reduce friction and accept more risk, whereas in payments, you’ll likely minimize risk even if that increases friction.
Lead with the customer journey, not just your fraud prevention toolset. Map where fraud shows up, apply only the checks that matter at that point, and call Identity Insights when additional signals are required.
Have a question or something to share? Join the conversation on the Vonage Community Slack, stay up to date with the Developer Newsletter, follow us on X (formerly Twitter), subscribe to our YouTube channel for video tutorials, and follow the Vonage Developer page on LinkedIn, a space for developers to learn and connect with the community. Stay connected, share your progress, and keep up with the latest developer news, tips, and events!
