Experts call for proactive, tech-driven approach to fraud prevention
athima tongloom via Getty Images
By
Chris Teale
State programs have been under federal scrutiny in recent times, and leaders said this moment must be a time for looking ahead and learning for the future, rather than recriminations.
Barely a week seems to go past without an announcement from the White House or a hearing in Congress about fraud that allegedly is dogging states’ administration of benefits programs.
In the last month, the White House unveiled a new task force on fraud to be chaired by Vice President J.D. Vance. The executive order establishing that task force looks to withhold government funding from states and localities with what it deems to be inadequate anti-fraud controls, and increase data-sharing between the federal government and the states.
Meanwhile, Minnesota Gov. Tim Walz and Attorney General Keith Ellison were hauled before the House Committee on Oversight and Government Reform and accused by Chair James Comer, a Kentucky Republican, of “one of the most extensive breakdowns of oversight this Committee has ever examined” in allegedly having $9 billion stolen from 14 Medicaid programs. Other committees are in the midst of similar hearings, including on Medicaid fraud.
While the constant headlines may have created whiplash for some, those in the identity protection and fraud prevention space say they hope this renewed focus from the federal government is something they can build upon for the future. A more proactive approach to finding fraud driven in part by technology is appealing to many, rather than rehashing old issues.
“Coming out of what the administration is doing, in the next 12 months, I'm hopeful that this is not something that will be buried by the next salacious news story and folks haven’t been pivoted without actually doing much in this space,” said Jordan Burris, head of public sector at digital identity and verification company Socure.
There is a long way to go to reach that more proactive fraud prevention ideal, however, and it’ll need a lot of work. Experts identified better data and intelligence sharing as some of the key areas that need improvement. Emerging technology and artificial intelligence can help identify fraud in some notable ways.
That includes helping make better connections between data points to identify suspicious patterns, something that used to take weeks on old systems as data analysts looked for patterns on printed readouts from a mainframe run on legacy programming language COBOL. AI can flag suspicious patterns in seconds or minutes and send them along to human employees for further analysis, hopefully stopping fraudsters in their tracks.
“Fundamentally as humans, we can only make so many connections per data point per day, per minute, per second,” Jared Pane, senior director of public sector business for field engineering at data company Elastic said in an interview during last month’s Billington State and Local Cybersecurity Summit. “We can only make so many correlations, so if you're able to take technology and cross-correlate that data and graph that data into likely unknowns that no one would ever be able to know, you're going to be able to solve fraud faster by making correlations.”
Pane said the results can be extraordinary. For example, Elastic worked with California’s Employment Development Department and found a 99% reduction in the mean time to respond to a potential fraudulent claim at an agency that manages many vital benefits programs for the state’s residents.
Having that data sharing be across departments is also vital, experts said, especially as many people are registered for more than one benefit program. Having some sort of “central repository” helps create what Chris Dilley, field CTO and chief architect for state and local government at software company ServiceNow, described in an interview recently as a “feedback loop.”
Burris said he hopes this latest fraud push is more than a “political flashpoint,” and instead forces every state to have a hard conversation about their infrastructure and how they verify people’s identities.
“This is not an isolated incident,” he said. “I call it a battle for identity infrastructure that's taking place, and then really where we need to be looking at, how do we maintain certainty across the life cycle of whoever is engaging in the bolstering of our defenses? It's being proven day by day how weak a lot of the systems or processes that were put in place historically are in keeping up with today's threat in the way that it has evolved.”
There is a hard road ahead, especially as fraudsters get more sophisticated, use AI to speed up their attacks and find ways around typical fraud indicators, like repeated email addresses. A recent report from Socure found that in just under a month, almost 25,000 synthetic identities were built and launched, with many attacks occurring within 48 hours.
Burris said, given the multiplying threats and the likelihood that hackers supporting and affiliated with nation-states will continue to try to steal money from benefits programs, the time is now to act and protect government systems.
“We're pending our own crisis moment, where, if we don't start to act and get ahead of these things now, the adversary is catching up,” he said. “We will not be able to put the genie back in the bottle when it's all said and done.”