Online transactions have been growing in popularity for years—but this trend exploded during the height of the COVID-19 pandemic, when people changed the way they lived, communicated, shopped and performed financial transactions.

The desktop-to-mobile evolution in transactions and life insurance cybercrime

In the second half of 2021, 35.5 billion transactions were processed digitally—and for the first time, 75% of those were mobile, with the vast majority being initiated through an app. (Compare this to 2014, when it was reported that only 25% of transactional traffic was mobile.)[1]

From a cyber-attack perspective, a similar shift has taken place. In the first half of 2018, the majority of attacks came via the desktop. In the second half of 2021, they shifted significantly to mobile channels at the expense of the desktop channel.1 The relentless shift to mobile continues, driven by younger generations embracing mobile technology earlier and earlier. Additionally, emerging market populations have been skipping desktop devices altogether, moving straight to mobile services.

What these changing preferences mean

Consumers globally have continued to drive demand for a customer-centric digital world. Consequently, companies have prioritized their digital customer excellence strategies to retain and acquire new customers, which is advantageous for legitimate consumers, but potentially even more beneficial for online fraudsters.

The creation of new online accounts has exploded during the last two years, fueled by the pandemic and the global shift to digital. Fraudsters are now setting their sights on these new accounts. Consequently, the growth in attacks on password reset functionality has accelerated, as has the occurrence of Account Take Over (ATO) fraud, where fraudsters gain access to consumers’ accounts—and use that access to withdraw funds, take out loans, or perform other fraudulent acts. 

Credential stuffing can drive ATO fraud

ATO fraud is often made possible through a tactic called credential stuffing. Credential stuffing typically begins when a fraudster purchases username and password combinations on the dark web. They then deploy bots to use those combinations across a variety of website login pages—especially those related to financial assets. Using bots in this way automates the fraud attempts and allows the fraudster to attack more sites, using more credentials, in a short period of time.

Taking a closer look: what all this means for insurers

The pandemic, in tandem with technological improvements, led to a 29% increase in the online purchase of life insurance from 2016-2022.[2] This has put life insurers in the crosshairs of cybercriminals more than ever before. And the statistics prove this: 2021 was a banner year for life insurance cybercrime. According to Check Point Research, cyberattacks on the insurance landscape increased 50%, compared with 2020.[3]

What life insurers can do to protect themselves

Although one of the primary goals of life insurers is to provide a quality customer experience, it’s imperative to balance that experience with the right level of fraud prevention.

Fortunately, technology doesn’t just help the fraudsters. Insurers can tap into technological advances and put effective risk management strategies in place that will help them determine whether:

  • there are discrepancies on the application
  • all the data components related to the application “fit together”
  • the proposed insured is a real person
  • a customer signing in to an online service portal is who they say they are (as verified by step-up authentication)
  • they are paying policy proceeds to an authenticated beneficiary

With cybercriminals trying to ply their trade from so many different angles, now, more than ever, it is important for insurers to deploy multilayer fraud prevention capabilities across all digital channels. This helps identify the anomalies associated with the growing number of attacks targeting insurers, particularly in the mobile app channel.

Identity Access Management products from companies such as LexisNexis Risk Solutions can help insurers put fraud prevention strategies in place that can:

  • use email intelligence as a core risk identifier, to create a holistic view of who is really behind a transaction
  • offer single-use passwords to provide a multifactor authentication solution
  • verify consumer identities, spot potential fraud and identity theft, and automatically flag discrepancies in applications, service, and claims transactions
  • provide further verification that a customer is who he/she claims to be

A multi-layered approach to cyber security can help insurers seamlessly respond to digital identity risk—while staying focused on the customer experience.

Fraud and identity experts will be sharing further insights at the 2022 LexisNexis® Risk Solutions Customer Advisory Meeting, being held on September 20th and 21st in Carlsbad, CA.  Are you attending?  If so, be sure to check out the session titled Stay a Step Ahead of Fraudsters – Understanding the Evolving Fraud Threat presented by Andre Mohammed, CIAM, CIST, CIMP, senior manager, Professional Services F&I – Government, Healthcare, Insurance, LexisNexis Risk Solutions and Jena L Kennedy, FLMI, ACS, CLU, senior director, Life Insurance Vertical, LexisNexis Risk Solutions.

[1] Source: “Balancing Risk & Reward: The New Mobile Battlefield, The LexisNexis® Risk Solutions Cybercrime Report, July to December 2021” <>

[2] Source: 2022 Insurance Barometer Study, LL Global and Life Happens, 2022

[3] Source: Check Point Research: Cyber Attacks Increased 50% Year over Year,” Check Point Software Technologies Ltd., 2022 <>