Fighting back: Strategies to combat identity fraud

by Benjamin David, editor, The Payments Association

Share this post

What is this article about?

The current state of identity fraud, its evolving tactics, and strategies to combat it, based on the 2023 Cifas Strategic Intelligence Assessment.

Why is it important?

It highlights the growing sophistication of identity fraud and the need for continuous innovation, collaboration, and education to prevent and mitigate this pervasive issue effectively.

What’s next?

Leveraging advanced technologies like AI and biometrics, enhancing verification processes, fostering public-private partnerships, and increasing consumer awareness to stay ahead of increasingly sophisticated fraud tactics.

The 2023 Cifas Strategic Intelligence Assessment provides a comprehensive analysis of the current state of identity fraud, a growing concern for financial institutions and payments industry leaders. Drawing from the National Fraud Database (NFD), this report reveals the scale and sophistication of identity fraud, highlighting the continued need for vigilance and innovation in fraud prevention. Since the assessment, further developments within the UK and internationally have impacted how we perceive the necessary steps to combat identity fraud.

On May 15, City Forum’s Economic Crime Summit heard from various speakers exploring the requirements to better tackle economic crime. The Lord Mayor referenced his Smart Economy Network, where fraud and identity issues are a core focus. Additionally, the CIFAS fraud pledges for 2024, published in May, emphasises better support for victims of identity theft and expanding the fraud strategy to include business victims.

The Payments Association (TPA) ambassador Dr Ruth Wandhofer’s report from March 2024, “From Fintech to Ubiquitech,” highlighted the need for developing solutions by integrating multi-modal biometrics within a robust customer authentication regime. She stressed that building on existing banking standards is essential for a more secure financial ecosystem. Her insights align with the growing recognition that both public and private sectors must collaborate closely to combat identity fraud effectively.

Simon Fell, HMG’s anti-fraud champion, also contributed valuable insights post-event, stating, “There is much more to do —we have to keep delivering and stay alive to the fact that fraudsters will consistently alter their approach even as we tighten up our systems and use the amazing new tools available to us to identify attacks.” This sentiment underscores the adaptive nature of fraudsters and the need for continuous advancements in fraud prevention measures.

At Identity Week in Amsterdam earlier this month, TPA ambassador Andrew Churchill remarked in a panel on identity and fraud that “the elephant in the room concerning current approaches is that organised criminals already circumvent financial service levels of security, so moving Government services onto even lower standards is certain to become a field day for fraudsters.” His comment highlights the critical vulnerabilities in current security frameworks and the urgent need for robust and adaptive strategies to safeguard against identity fraud.

These developments and expert insights reflect the dynamic and challenging landscape of identity fraud in 2023, necessitating a multi-faceted and proactive approach to fraud prevention and mitigation.

Overview of identity fraud in 2023

In 2023, identity fraud constituted 64% of all cases recorded in the National Fraud Database (NFD), with 237,642 instances documented. The 2023 Cifas Strategic Intelligence Assessment states that it is one of the most prominent types of fraudulent conduct in terms of impact and concern from surveyed members. Moreover, it finds an increase in identity fraud across personal bank accounts (+12%), with member concerns centred on social media enablers, the growing threat of AI and sophisticated data harvesting techniques designed to exploit an array of cost-of-living pressures. It also reveals reported issues of repeat victimisation and challenges in safeguarding customers who are more susceptible to ever-advancing social engineering tactics where spoofing and brand impersonation are common themes. “The continued importance of data and intelligence sharing in order to stay ahead of emerging threats was widely reported by cross-sector members,” it added. 

The high prevalence of identity fraud underscores the sophisticated methods employed by fraudsters who have adapted to technological advancements and financial institution measures. Despite improvements in fraud detection and prevention technologies, the sheer volume of online personal data and the increasing use of digital transactions provide fertile ground for identity fraud to thrive. This ongoing threat necessitates continuous innovation in fraud prevention strategies and greater collaboration across the financial sector.

Key trends and findings

The 2023 Cifas Strategic Intelligence Assessment highlights several key trends in identity fraud, noting significant sector-specific impacts, evolving methodologies, and the implications of regulatory and legislative changes.

Product group
Percentage change
All in one
Asset finance
Bank account
Online retail
Plastic card

Sector-specific impacts:

  1. Bank accounts: Identity fraud targeting personal bank accounts increased by 12%, with personal current accounts being the most affected. This rise is particularly concerning given the centrality of bank accounts to individuals’ financial lives. Fraudsters often exploit these accounts to facilitate further fraudulent activities, such as opening credit lines or making unauthorised transactions. 
  2. Plastic cards: Despite an 8% decrease in identity fraud cases, plastic cards remain highly targeted. The high levels of phishing and data harvesting leading to account takeovers illustrate the persistent vulnerabilities in this sector. Fraudsters continue to develop sophisticated methods to bypass security measures, including using stolen card details to make online purchases or creating counterfeit cards. 
  3. Telecommunications: This sector experienced a significant 49% decrease in identity fraud cases, likely due to a shift towards facility takeover activities instead. Facility takeover involves fraudsters hijacking existing customer accounts to acquire high-value devices or services. 

Strategic responses and recommendations

A multi-faceted approach is essential to combat the evolving threat of identity fraud:

  1. Enhanced verification processes: Implementing robust identity verification frameworks, including multi-factor authentication and biometric technologies, can help mitigate the risks associated with impersonation fraud. These advanced verification methods make it more difficult for fraudsters to access sensitive information and commit fraudulent activities.
  2. Collaboration and data sharing: Increased cooperation between financial institutions, government agencies, and regulatory bodies is crucial. Sharing intelligence on emerging threats and fraudulent tactics can enhance collective defences against identity fraud. Public-private partnerships and information-sharing networks can play a significant role in this collaborative effort.
  3. Consumer awareness and education: Educating consumers about the risks of identity fraud and promoting best practices for safeguarding personal information online are essential components of a comprehensive fraud prevention strategy. Awareness campaigns and educational initiatives can help individuals recognise and avoid potential fraud attempts.
  4. Leveraging advanced technologies: The use of AI and machine learning to detect and prevent fraud is gaining traction. These technologies can analyse vast amounts of data to identify patterns indicative of fraudulent activity, thereby enhancing early detection and prevention efforts. By integrating AI-driven solutions into their security frameworks, organisations can stay ahead of increasingly sophisticated fraud tactics.
  5. Regulatory compliance: Adhering to regulatory requirements and adopting best practices outlined in recent legislation, such as the Economic Crime and Corporate Transparency Act 2023 (ECCTA), is essential. Compliance with these regulations helps organisations avoid legal repercussions and strengthens their overall security posture against identity fraud.

These strategic responses and recommendations provide a comprehensive approach to addressing the complex and evolving challenges posed by identity fraud. By adopting advanced technologies, enhancing verification processes, fostering collaboration, and educating consumers, organisations can better protect themselves and their customers from the ever-present threat of identity fraud.


Read more Payments Intelligence

More To Explore


Are you a member of The Payments Association?

Member benefits include free tickets, discounts to more tickets, elevated brand visibility and more. Sign in to book tickets and find out more.


Log in to access complimentary passes or discounts and access exclusive content as part of your membership. An auto-login link will be sent directly to your email.

Continue reading

This content is only available to members - please see instructions below!

Become a member to continue reading

Member of The Payments Association? Log in to continue reading

Having trouble signing?

We use an auto-login link to ensure optimum security for your members hub. Simply enter your professional work e-mail address into the input area and you’ll receive a link to directly access your account.

First things first

Have you set up your Member account yet? If not, click here to do so.

Still not receiving your auto-login link?

Instead of using passwords, we e-mail you a link to log in to the site. This allows us to automatically verify you and apply member benefits based on your e-mail domain name.

Please click the button below which relates to the issue you’re having.

I didn't receive an e-mail

Tip: Check your spam

Sometimes our e-mails end up in spam. Make sure to check your spam folder for e-mails from The Payments Association

Tip: Check “other” tabs

Most modern e-mail clients now separate e-mails into different tabs. For example, Outlook has an “Other” tab, and Gmail has tabs for different types of e-mails, such as promotional.

Tip: Click the link within 60 minutes

For security reasons the link will expire after 60 minutes. Try submitting the login form again and wait a few seconds for the e-mail to arrive.

Tip: Only click once

The link will only work one time – once it’s been clicked, the link won’t log you in again. Instead, you’ll need to go back to the login screen and generate a new link.

Tip: Delete old login e-mails

Make sure you’re clicking the link on the most recent e-mail that’s been sent to you. We recommend deleting the e-mail once you’ve clicked the link.

Tip: Check your security policies

Some security systems will automatically click on links in e-mails to check for phishing, malware, viruses and other malicious threats. If these have been clicked, it won’t work when you try to click on the link.

Need to change your e-mail address?

For security reasons, e-mail address changes can only be complete by your Member Engagement Manager. Please contact the team directly for further help.

Still got a question?